QEYET / Enterprise

QEYET Enterprise

Company control without company-readable conversations.

A private collaboration environment with managed access, tenant boundaries, spaces, directories, meetings, and recovery workflows built on QEYET's encrypted network.

What an organization controls

Administrators govern the company boundary and membership lifecycle while participant devices retain content keys.

Tenant identity

A dedicated organization slug and enrollment boundary keep company membership separate from standard QEYET contacts.

Invite and recovery keys

Administrators issue one-time enrollment codes and can reissue organizational access when an employee loses recovery material.

Directory visibility

Company users can be selectively published to the tenant address book according to administrator policy.

Spaces and membership

Administrators create spaces, assign members, control access, and revoke participation without exposing conversation plaintext.

Meetings and calendar

Users schedule encrypted meeting invitations and manage collaboration context inside the tenant experience.

Operational administration

Seat counts, client versions, deployment state, delivery health, aggregate throughput, and abuse controls remain visible without message inspection.

What an administrator cannot do

An administrator cannot open employee message history merely by holding the tenant administration token. Reissuing access restores company membership; it does not decrypt a lost device's vault or recreate deleted messages.

Recovery boundary

Old history requires the employee's recovery words, an authorized linked device, or an encrypted backup. This prevents administrative convenience from becoming a universal decryption key.

Administrative capabilities

The tenant portal is designed for the everyday responsibilities of operating a private company network.

AreaAdministrator capabilityPrivacy boundary
UsersCreate, suspend, recover, and revoke membershipsNo access to a user's local vault or recovery words
DirectoryChoose which users appear in the company address bookDirectory policy does not reveal private chats
SpacesCreate spaces, assign members, and revoke accessSpace content remains encrypted for authorized devices
OperationsReview aggregate health, versions, queues, rates, and incidentsMeasurements count encrypted events rather than reading content
RecoveryIssue replacement organizational enrollmentReplacement access does not recover deleted history

Commercial readiness

The product architecture and administration model are available for controlled evaluation. Independent cryptographic review, penetration testing, high-concurrency load validation, formal recovery exercises, legal review, and production support procedures remain necessary before representing QEYET as enterprise-certified.