Drilling data. Field plans.
Stay where they belong.

Acceptable-use policies, source-code repositories, well-survey reports, exploration data, contractor IT protocols, distributed to permanent staff, offshore crews, research analysts, and contract engineers, with screenshot protection, role-bounded access, and a tamper-evident audit trail. Built for IT, InfoSec, CISO, and Knowledge Management teams in upstream energy, defence, and critical-infrastructure organisations.

Book a walkthrough See a live demo

Secure Knowledge Console 🔒 AIR-GAPPED

📊 Seismic Survey · Block KG-D6 RESTRICTED

Q2 seismic survey, North flank reservoir model

v4.2 · Exploration Cell only · Reviewed by SecOps Apr 18

Role-bounded access

✓Exploration Cell · basin leads14 users

✓SecOps reviewer3 users

✓Reservoir engineers (active campaign)9 users

Access events, last 24 hrs

Reads, authenticated47

Print attempts · blocked3

Screenshot · blocked1

Watermarked downloads0

Contractor expiry

Rohit M.

Vendor · Schlumberger

Auto-revoke in 18 days · engagement window closes 18 Sep 2026

Audit chain

sha256: a47f...3e2c · chain verified

Hash-chain integrity OK · 1,847 events

At a national oil & gas major

Permanent staff, offshore crews, vendors, consultants. One platform, role-bounded access.

A national-scale upstream energy company runs operations across onshore basins, offshore platforms, refineries, R&D centres, and a corporate HQ. The workforce is unusually layered: tenured employees, three-year offshore-rotation crews, contract engineers on six-month tickets, consulting firms attached to a single drilling campaign, university research analysts collaborating on basin studies. And the documents in circulation span the operationally sensitive (well plans, seismic data, reservoir models) to the IT-critical (source code, SCADA configs, network diagrams, incident playbooks).

The risk surface is enormous: a contractor's laptop, an offshore satellite link, a shared drive from a previous campaign, a print-out left at a refinery canteen. The control surface has to be just as deliberate: who reads what, when, on which device, and the moment the engagement ends, what access disappears. IT & Security needs a platform that handles role-bounded distribution, time-bounded contractor access, screenshot and print protection, and an audit trail no insider can rewrite.

That's what IT & Security on PolicyCentral.ai looks like. The same governance and acknowledgement spine that runs in regulated financial services, hardened with VAPT-tested controls, on-prem or private-cloud deployment, and per-role access boundaries down to the individual document.

Capabilities that play a critical role
in secure knowledge governance.

Role-bounded access, down to the document.

A seismic survey is visible to the Exploration Cell, the basin lead, and the SecOps reviewer, and nobody else. A field-test report restricted to the campaign team auto-revokes the day the campaign closes. A contractor's view-list shrinks the moment their engagement ends. The access boundary lives on the document, not in someone's spreadsheet.

Explore Security & Compliance

Seismic Survey, KG-D6 v4.2

Exploration Cell

14 users · basin leads + analysts

ALLOW

SecOps reviewer

3 users · review-only access

ALLOW

Active campaign engineers

9 users · auto-revoke on close

ALLOW

Previous campaign team

22 users · access expired 14 Mar

DENY

Time-bounded contractor & consultant access.

A consulting firm onboards for a six-month engagement. Their access list is set with a start and an expiry date; on day-181, the platform revokes automatically, no email to IT, no helpdesk ticket. New consultants in the firm onboard against the parent agreement, not a sprawling individual access tree. The day the engagement ends, the access disappears, on every document, on every device.

Explore Access Controls

Rohit Mehta

Vendor: Schlumberger · Reservoir Engineer

Engagement window 20 Mar → 18 Sep 2026

Days elapsed: 90Days remaining: 90

Auto-revoke on 18 Sep 2026, 00:00 IST · no IT ticket needed

Screenshot, print, download, all controllable.

A sensitive document opens in a hardened in-app viewer; screenshots produce a black frame, printing produces a watermarked stub with the reader's name embedded, downloads are either disabled or watermarked with a per-recipient identifier. The leak trail is built into the page, not assumed. When something does walk out, you know whose screen it walked out of.

Explore Content Protection

Secure viewer Well-test · Block KG-D6

Page 14 of 42

R. Mehta · Schlumberger
2026-04-22 14:38 IST

ScreenshotBLOCKED

PrintWATERMARK

DownloadOFF

Source code, SCADA configs, runbooks, versioned and governed.

IT runbooks, network diagrams, SCADA configuration files, code repositories with sensitive credentials redacted, all versioned with diffs, governed with approvals, targeted to the IT and OT teams that need them. A 3 AM incident response opens the latest runbook on the duty engineer's phone, not last quarter's archived copy.

Explore Version Control

SCADA failover runbook OT-OPS only

v3.2

Updated escalation matrix + dual-PLC failover

Apr 18, 2026 · SecOps approved

v3.1

Patched comm-link diagnostic step

Feb 04 · superseded, retained for audit

v3.0

Refactored for new HMI architecture

Dec 12, 2025 · archived

Audience42 OT engineers · offshore + onshore

AI search, but on-perimeter.

A reservoir analyst types "porosity overlay for KG-D6 north flank" and gets the exact section from the survey report, without the query, the document, or the answer ever leaving the deployed environment. The same 4D search the rest of the platform offers, with the AI model running inside the organisation's data perimeter, on private cloud, on-prem, or air-gapped.

Explore Gen AI Intelligence

Secure Knowledge Search ON-PERIMETER

porosity overlay KG-D6 north flank

Seismic Survey v4.2IN-FILE

…north flank porosity overlay shows 14–18% variance across the upper sand unit, suggesting…

Reservoir Model NotesBODY

…cross-referenced against the gamma-ray log, the overlay confirms the lateral pinch-out at…

Query, document, answer — none left the perimeter

Tamper-evident audit trail, CISO-grade.

Every read, every access change, every share request, every contractor onboarding and offboarding, logged, hashed, timestamped, and exportable. A leak investigation starts with "who read this document in the 48 hours before the press call" and gets an answer in 30 seconds, with no possibility that an insider rewrote the log.

Explore Tracking & Reporting

Audit chain · Seismic v4.2

INTEGRITY OK

14:38Read by R. Mehta (vendor)a47f...3e2c

14:12Screenshot blocked, S. Iyerf912...b80a

11:03Access granted, basin lead R. Singhc14e...92d7

09:47Contractor offboarded, P. Kumarb203...41f8

Apr 18v4.2 published, SecOps approval7e3a...0c95

Quieter capabilities the IT, InfoSec, and CISO teams lean on, ready on day one.

SSO & AD role provisioning

Identity flows from your existing IdP; role-to-document mappings stay current as people join, change roles, and leave.

Flexible deployment

Private cloud, on-premise, or air-gapped. Pick the perimeter the CISO can defend, the platform runs there.

VAPT & source code review

Independently penetration-tested annually, with source code reviewed by external specialists. CISO sign-off ready.

Regulatory & drill calendar

DGH filings, environmental clearance windows, IT security drills, SCADA failover tests, all on one calendar IT can subscribe to.

Push notifications for incidents

The 3 AM SCADA alarm reaches the duty engineer's phone with the runbook one tap away. No paging through a wiki.

Per-contractor access report

Every consultant, every vendor, every contract engineer: exactly what they accessed, when, and what's revoked. One click for the IT auditor.

Real moments. Real perimeter.

Five situations an IT, InfoSec, or CISO team faces on the upstream floor and offshore.

A new offshore campaign launches

Sixty contractors onboard for six months across two vendor firms. Access lists set against the parent engagement; expiry dates locked at the start. The IT team doesn't touch individual accounts; the platform handles it.

Time-bounded access → Parent-engagement onboarding

A SCADA incident at 3 AM

The duty engineer's phone alerts. The failover runbook v3.2 is one tap away, in their hand, on the latest version. The 30-minute hunt through a shared drive doesn't happen; the failover does.

Push notification → Mobile runbook → Latest version

A consultant's engagement ends Friday

Monday morning the consultant logs in and finds the restricted dashboard empty. No leftover access, no orphaned credentials, no helpdesk ticket. The IT team learns about it from the audit log, not the other way round.

Auto-revoke → Audit log → Zero IT touch

A leak investigation kicks off

"Who read this document in the 48 hours before the press call?" The CISO pulls the access log, filters by document and time window, sees the 12 readers, the 1 blocked screenshot attempt, and the watermark ID on every download. The investigation has a starting point in 30 seconds.

Audit log → Filter → Per-recipient watermark

The IT auditor's annual review

"Show me every contractor's access history for FY26, with start, expiry, and last-touch date." One filter, one export, every contractor across every vendor, every engagement window, every audit-chain hash that proves the record wasn't edited. The auditor finishes faster than expected; that's a good thing.

Per-contractor report → Hash chain → Export