Multi-tenant isolation. Role-based access. Offline-capable. Encrypted in transit.

reCore is a multi-tenant platform. Each ITAD organization that signs up gets a completely isolated tenant. Devices, users, test results, wipe records, grades, certificates, and billing data are all scoped to the tenant at the database query level. There is no shared data space, no cross-tenant visibility, and no way for one organization's users to access another organization's records -- even accidentally.

Within a tenant, administrators can create client profiles for the organizations whose assets they are processing. This allows you to track devices by client, generate client-specific reports, and control what information is shared downstream -- without mixing data between your own clients.

reCore defines three primary roles, each with a specific permission scope:

Administrator -- Full platform access. Create and manage technician accounts, view all devices and reports, manage billing and subscriptions, configure organizational settings, verify wipe records, and generate certificates. This is the role for operations managers, owners, and IT staff.

Technician -- Operational access scoped to their work. Technicians can connect devices, run diagnostics, perform wipes, submit grades, and add notes. They cannot access admin functions, view billing information, or manage other users. Authentication is by numeric PIN -- fast and keyboard-free for shop floor use.

Viewer -- Read-only access limited to approved data. Suitable for downstream buyers or auditors who need to review device records, download reports, or verify certificates without any ability to modify data or initiate processing.

Administrative users log in with email and password. Sessions are managed with secure tokens that expire after inactivity and can be revoked remotely. Multiple concurrent sessions are tracked independently.

Technicians use a numeric PIN. This is a deliberate design choice: in a processing facility, technicians move between stations frequently and may wear gloves. A 4-6 digit PIN entered on a numeric pad is significantly faster and more practical than typing a password on a full keyboard. Each PIN is unique per-technician and is tied to every action they perform.

The client application authenticates against the server on startup and validates the session before allowing any processing. If the session expires or is revoked, the client requires re-authentication before continuing.

Internet connectivity in processing facilities is not always reliable. Warehouses, loading docks, and temporary processing sites may have intermittent or no connectivity. reCore's client application is designed to work offline.

When a device is connected and the client cannot reach the server, diagnostics and wipes continue normally. All results are stored locally on the client machine in a queue. When connectivity returns, the queue syncs automatically to the server. The dashboard catches up with no data loss and no manual intervention.

The client application itself is distributed as a USB-bootable image. A technician can boot any device from a USB drive, run through the full diagnostic and wipe process, and the results will sync when the device running the client connects to the network. No pre-installed software required on the target device.

Security in ITAD software is not just about encryption and access control -- it is about designing for the way ITAD facilities actually operate. Technicians wear gloves and need fast authentication. Connectivity is unreliable. Devices arrive from multiple client organizations and must be tracked separately. Processing happens across shifts with different operators touching the same device.

Every security decision in reCore was made with these realities in mind. PIN authentication exists because passwords do not work on a shop floor. Offline mode exists because WiFi drops in warehouses. Multi-tenancy exists because ITAD providers serve multiple clients. Separation of duties in certificates exists because NIST requires it and because it is the right way to run a data destruction operation.