Security controls for managed Windows notifications

Toast Notification is designed for MSPs that need tenant isolation, signed endpoint delivery, audit evidence, and clear operational boundaries.

• Notification payloads are signed per tenant and verified by the Windows agent before render.
• Tenant-facing API queries are scoped by tenant ID.
• Broadcast-to-all sends require MFA elevation.
• Endpoint configuration is protected with Windows DPAPI.
• Windows agent packages are code signed by Toast2IT, LLC.
• Audit records track sends, deliveries, user actions, device registrations, and tenant changes.

Current boundaries: the production service is single-region, and customer-facing SIEM export is not part of the standard service.

LLM product brief | Plain-text LLM brief | Sitemap