ENV & Security Boundaries

Environment Separation

Sestra environments are isolated. Common environments:

• sandbox

• staging

• production

Sessions and policies do not cross environments.

---

Security Boundaries

Sestra focuses on access decisions only. It does not:

• execute code

• inspect payloads

• store secrets for clients

Clear boundaries improve security.

---

Audit Perspective

From an audit point of view:

• Sestra stores minimal data

• sessions are temporary

• no personal data is handled

Audits focus on configuration and access flow, not user data handling.