Tenant identity
A dedicated organization slug and enrollment boundary keep company membership separate from standard QEYET contacts.
QEYET Enterprise
A private collaboration environment with managed access, tenant boundaries, spaces, directories, meetings, and recovery workflows built on QEYET's encrypted network.
Administrators govern the company boundary and membership lifecycle while participant devices retain content keys.
A dedicated organization slug and enrollment boundary keep company membership separate from standard QEYET contacts.
Administrators issue one-time enrollment codes and can reissue organizational access when an employee loses recovery material.
Company users can be selectively published to the tenant address book according to administrator policy.
Administrators create spaces, assign members, control access, and revoke participation without exposing conversation plaintext.
Users schedule encrypted meeting invitations and manage collaboration context inside the tenant experience.
Seat counts, client versions, deployment state, delivery health, aggregate throughput, and abuse controls remain visible without message inspection.
An administrator cannot open employee message history merely by holding the tenant administration token. Reissuing access restores company membership; it does not decrypt a lost device's vault or recreate deleted messages.
Old history requires the employee's recovery words, an authorized linked device, or an encrypted backup. This prevents administrative convenience from becoming a universal decryption key.
The tenant portal is designed for the everyday responsibilities of operating a private company network.
| Area | Administrator capability | Privacy boundary |
|---|---|---|
| Users | Create, suspend, recover, and revoke memberships | No access to a user's local vault or recovery words |
| Directory | Choose which users appear in the company address book | Directory policy does not reveal private chats |
| Spaces | Create spaces, assign members, and revoke access | Space content remains encrypted for authorized devices |
| Operations | Review aggregate health, versions, queues, rates, and incidents | Measurements count encrypted events rather than reading content |
| Recovery | Issue replacement organizational enrollment | Replacement access does not recover deleted history |
The product architecture and administration model are available for controlled evaluation. Independent cryptographic review, penetration testing, high-concurrency load validation, formal recovery exercises, legal review, and production support procedures remain necessary before representing QEYET as enterprise-certified.