InsiderShieldInsiderShield
Admin Only

Production Readiness

Checklist before full rollout.

Production Readiness Checklist

Use this checklist before onboarding a paying customer.

Core Functionality

  • Google Workspace OAuth connection works end‑to‑end
  • Sync completes without server errors
  • Findings appear in Dashboard and Reports
  • Compliance framework selected (SOC 2 or NIST CSF)
  • Policies uploaded and counted toward coverage
  • Report PDF generates and downloads successfully

Required Environment Variables

  • NEXT_PUBLIC_APP_URL
  • NEXT_PUBLIC_SUPABASE_URL
  • NEXT_PUBLIC_SUPABASE_ANON_KEY
  • SUPABASE_SERVICE_ROLE_KEY
  • OAUTH_STATE_SECRET
  • INTEGRATIONS_ENCRYPTION_KEY
  • REPORT_RENDER_SECRET
  • REPORTS_BUCKET
  • POLICIES_BUCKET

Supabase Storage

Create these private buckets:

  • policies
  • reports

Security

  • CSRF enabled on cookie‑auth POSTs
  • OAuth state signed and verified
  • Tokens encrypted at rest
  • Rate limiting configured (app + Vercel WAF)

Customer Readiness

  • Docs updated for frameworks, policies, reports
  • Dead links removed or hidden
  • Billing plan gates enforced for AI features