Security & Compliance
IT First Aid Kit is built with enterprise security requirements in mind. Here's exactly what it does — and doesn't do — on your machines.
Code Integrity
- Extended Validation (EV) code signing certificate
- Windows Defender SmartScreen verified publisher
- SHA-256 digest + RFC3161 timestamp authority
- Third-party security audit (results available on request)
- Software Bill of Materials (SBOM) published with each release
- No unsigned dependencies
Required Permissions
IT First Aid Kit requires Administrator privilege to:
- Terminate Office/Teams/OneDrive processes
- Re-register Microsoft AAD Broker Plugin (AppX)
- Clear Microsoft identity & token cache directories
- Remove stale Office entries from Credential Manager
IT First Aid Kit NEVER accesses:
- User documents, email contents, or personal files
- Browser data or saved passwords outside Office scope
- Network shares or file server contents
- Other users' data in multi-user environments
Data Privacy
- Audit logs stored locally only (%ProgramFiles%\ITFirstAidKit\Logs\)
- Logs are Admin-only access (ACL enforced)
- License validation sends: license key hash + machine hardware fingerprint + version only
- Telemetry sends: execution success flag, duration, OS version (no PII)
- Credential Manager operations: delete only; contents never read or transmitted
- GDPR and CCPA compliant by design
Rollback Safety
- Full registry snapshot before any changes
- Identity cache directory backed up to %LocalAppData%
- Credential Manager state recorded (hashed, not plaintext)
- AppX package state captured
- One-command rollback: ITFirstAidKit.exe /rollback
- Rollback integrity validated before restore
- All rollback operations logged to audit trail
Security Questions or Vulnerability Reports
We take security seriously. If you discover a vulnerability, please disclose it responsibly.
Contact Security Team