What is Workplace.hr Secure Notes?

Secure Notes is a zero-knowledge encrypted system for storing sensitive business information — alarm codes, Wi-Fi passwords, PINs, bank details, licence keys — with role-based access control and a full audit trail of who viewed what and when.

How is Secure Notes different from a password manager?

Password managers handle logins. Secure Notes handles everything else — alarm codes, safe PINs, server credentials, card details. It is built around your organisation structure with role-based access, automatic revocation when employees leave, and audit logging.

What happens to Secure Notes access when an employee leaves?

Access is automatically revoked as part of the offboarding process. You can see exactly which notes the departing employee had access to, so you know what sensitive information needs to be rotated.

Secure Notes

The WiFi password is in a WhatsApp message. The alarm PIN is in someone's head. The CCTV login is on a Post-it note behind the front desk.

Every office has a version of this. Sensitive information that doesn't fit anywhere — not quite a password, not quite a document, not something you'd put in a shared drive — so it ends up in whatever container is closest. A chat message. A text note on someone's phone. A sticky note that's been on the wall so long nobody remembers putting it there.

This is not carelessness. It is what happens when there's no appropriate place to store something, so you use what's available. The problem is that what's available is usually not secure, not controlled, and not organised around who should have access and who shouldn't.

Password managers don't cover this

Password managers do what they're built for. If the thing you need to store is a login — username, password, URL — they handle it well.

But most sensitive information in a small business is not a login. It's the alarm code. The PIN for the safe. The combination on the server room door. The location of the emergency cash float. The CCTV system credentials. The WiFi password for the guest network, the one for the back office, the one for the warehouse. The company card details that three people need access to but nobody should be photographing. The software licence key that renews annually. The code for the storage unit you open twice a year.

Password managers have no concept of your organisation. They cannot tell you who received access to something and when. They cannot apply a rule that finance can see the card details but operations cannot. They cannot show you a log of who viewed something.

What Workplace Secure Notes does differently

Workplace Secure Notes is not a password manager. It is a secure information system built around your organisation's structure.

When you create a note, you define who can see it — by role, by team, or by individual. The alarm code goes to the people who open the office. The CCTV credentials go to management. The guest WiFi can be shared broadly. The banking details are visible only to the people who work with them.

When someone leaves, their access to notes is removed as part of the offboarding process, because Workplace already knows they've left. When someone joins and takes on a role, they get access to what that role requires. You don't have to remember to update a list. The list updates because the team record updated.

Knowing what was shared and when

Most businesses have no record of who knows the alarm code, who was told the safe PIN, or when that information was passed on. If something goes wrong, or if a member of staff leaves, there's no way to know what sensitive information they had access to without asking around.

Workplace keeps that record as a matter of course. Every note shows who has access, when access was granted, and when the note was last opened. If an employee leaves and you need to rotate sensitive information, you know exactly what they had access to and what needs to change.

The security risk hiding in plain sight

Small businesses carry security vulnerabilities not because they're careless, but because the risk is invisible. The WhatsApp message with the WiFi password has been there for three years and nothing bad has happened, so it doesn't feel like a risk. The Post-it note has always been there.

But the exposure is real. The ex-employee who still has the chat log. The contractor who photographed the whiteboard. The phone that was lost with all the messages on it.

Workplace Secure Notes is not a complicated system. Storing a new note takes under a minute. Finding one takes a search. Revoking access takes one step. The security it provides is not theoretical — it is the practical difference between knowing who holds sensitive information and hoping that nothing comes of the fact that you don't.

Workplace.hr launches in July 2026. Join the waitlist to be among the first to use it.