6.1 Account Settings and Security – EBM Compass

In This Article: How to manage your Compass profile, update account credentials, understand plan and permission settings, and review the enterprise-grade security infrastructure that protects your data and your organization's information.

SETTINGS & SUPPORT

Account Settings and Security

Manage your profile, access controls, and data protection

What's Covered Here

Compass account settings are organized into a few distinct areas: your personal profile, access credentials, organizational plan and permissions, notification preferences, and the security infrastructure protecting your data. This article covers each area so you know what you can configure yourself and what requires administrator access.

Profile

Name, avatar, contact email, and personal display settings

Password & Access

Password changes, resets, and single sign-on authentication

Permissions

User management and access control — administrator-level settings

Security

Encryption, data isolation, compliance, and best practices

Your Profile

Your Compass profile controls how you appear within the platform and stores key contact information tied to your account. Profile settings are accessed via your user avatar in the top-right corner of the Compass interface — click your avatar to open the dropdown, then select Profile.

Name

Your display name shown in tasks, comments, and shared views

Avatar

Profile photo displayed alongside your name in tasks and comments

Contact / Email

Account email address — used for notifications and account recovery

Language

Preferred display language for the Compass interface

COMING SOON

Bio

A brief description visible to colleagues — useful in larger team deployments

COMING SOON

Account Deletion

Request permanent removal of your account and data — requires administrator confirmation

COMING SOON

Password and Access

Compass supports both direct password authentication and single sign-on (SSO) depending on how your organization is configured. Most users access Compass through their organization's identity provider — if that's the case, password management happens outside of Compass through your IT department.

Authentication Options

Password Change / Reset

Users with direct Compass accounts can update their password in account settings or request a reset via the sign-in screen. If you don't see a password option, your organization uses SSO.

Single Sign-On (SSO)

Compass supports SSO through Microsoft Entra B2B guest accounts, letting your organization authenticate users through your existing identity provider. Contact your EBM account representative to configure SSO for your organization.

Can't change your password?

If your organization uses SSO, password management falls outside of Compass. Reach out to your IT team or use your organization's standard account recovery process. The Compass Support widget can help direct you to the right contact.

Plan Overview

The Plan overview area shows details about your organization's current Compass subscription — which features and modules are active, current seat usage, and plan tier. This section is typically visible to account administrators and is read-only for standard users.

If you need to expand your plan, add seats, or inquire about additional modules (such as premium Smith AI models or Marketplace services), use the Support widget at the bottom-right of Compass to reach your EBM account representative. Pricing and contract details are handled outside the platform.

Administrator Access Required

Plan details, seat management, and billing are visible to users with administrator-level access. Standard users see a summary view only. If you need to make changes to your organization's plan, contact your internal Compass administrator or reach out via the Support widget.

Permissions and User Management

User management in Compass is an administrator function. Admins can view all users within the organization, manage their access levels, and provision new accounts. Standard users can view their own permission level but cannot modify it.

Administrator

Manage users and add new accounts

View and update organization plan settings

Configure platform-level permissions

Access all account settings

Standard User

Access all Compass tabs and features

Manage own profile and credentials

Cannot modify other users' access

Cannot change organization settings

Adding Users

Administrators manage the organization's user roster from a dedicated team management area within account settings. From there, you can add new users, view existing members, and adjust access levels as your team changes.

If your organization uses SSO, new users can be granted access through your identity provider directly — no separate account creation step required in Compass.

Shared Lakehouse Access — Coming Soon

Administrators will be able to create shared Lakehouse folders and assign access to individual users or groups directly from account settings. Shared folders will appear in each permitted user's Lakehouse tab, making it easy to maintain a common knowledge base without duplicating files. Permissions will be configurable per folder — so you can grant broad team access or restrict to specific individuals.

Notifications

Compass notifications keep you informed when tasks are assigned, requests are updated, or other relevant platform activity occurs. Notification preferences let you control which events trigger alerts and how often you receive them.

Notification Settings

COMING SOON

Email Preferences

Choose which types of activity trigger an email notification — task assignments, request status changes, shared dashboards, and more.

COMING SOON

Frequency

Set how often Compass batches and sends notification emails — immediately, daily digest, or weekly summary.

Notification Preferences — Coming Soon

Email notification preferences and frequency controls are on the Compass roadmap. In the meantime, in-platform notifications appear in the right-hand panel and via toast alerts when actions are taken — no configuration required.

Platform Security

Compass is built on EBM's Ontario platform, hosted on Microsoft Azure's enterprise infrastructure. Security is not a feature layer — it is a fundamental design principle that governs how every piece of data is stored, transmitted, and isolated.

Security Foundations

Data Ownership

You retain complete ownership of all content. EBM acts solely as a processor — your IP remains yours.

Instance Isolation

Your organization's data is logically separated from all other clients. Cross-tenant access is not possible by design.

Zero Training Policy

Your data is never used to train GPT, Claude, or Gemini. This is a contractual guarantee — not a setting to configure.

Certified Compliance

ISO 27001 and SOC 2 Type II certified. All data stored in US-based Azure infrastructure (East US regions).

Encryption Standards

All data in Compass is protected by industry-standard encryption at every stage of its lifecycle. Files uploaded to the Lakehouse, dashboards, task data, and request content are all covered.

Data Encryption — End to End

Your Browser

→

TLS / SSL

In Transit

Compass Servers

→

AES-256

At Rest

Azure Storage

East US

Access Controls

EBM employees do not have access to your organization's data or document contents. Access within EBM is strictly role-based: technical staff can access system metadata for maintenance purposes only, and support personnel can only access your data if you explicitly grant permission for a specific troubleshooting session.

Your Data Stays Yours

AI models in Smith process your Lakehouse files temporarily to generate responses — they do not retain, learn from, or incorporate your proprietary information. Your business intelligence remains confidential and contained within your instance.

Security Best Practices

The platform handles the infrastructure — but there are habits on your end that keep your account and your organization's data well protected.

Account Security Tips

Keep credentials private

Never share your login. Each user should have their own account for accountability and audit purposes. Shared credentials undermine access logging.

Know what you're uploading

Confirm you have proper authorization before uploading confidential or regulated content to the Lakehouse. Personal data subject to privacy regulations requires extra care.

Review outdated content periodically

Delete Lakehouse files that are no longer relevant and clear old Smith chat sessions you no longer need. Keeping your data footprint lean improves both security and AI response quality.

Save critical outputs externally

Export important Smith analyses or dashboard downloads to your local system for backup. Deleting a chat or removing a dashboard from Compass cannot be reversed.

What's Next

Getting Help and Finding Resources

How to use the Support widget, submit a ticket, and access Compass resources and documentation.

Smith Settings and Configuration

Smith-specific settings — Memory, Creativity, and Multi-Model — plus Lakehouse configuration within the Smith tab.

Introduction to the Lakehouse

How Lakehouse stores and organizes your files, and how those files connect to Smith and the broader Compass platform.

Welcome to Compass

Platform overview, the seven tabs, and how Compass fits into your organization's reporting and analytics workflow.

Keep your account tidy: Review your profile details periodically to make sure your display name and contact email are current — these appear in tasks, comments, and any shared views across Compass. If you need to update permissions or manage other users, reach out to your organization's Compass administrator.

What's Covered Here

Your Profile

Password and Access

Plan Overview

Permissions and User Management

Adding Users

Notifications

Platform Security

Encryption Standards

Access Controls

Security Best Practices

Related articles