Data residency
US/EU residency options; region pinning; S3 bucket policies.
Security first; always
Encryption in transit and at rest; IAM with least privilege; VPC isolation options; audit logging; data retention controls; customer-managed keys available.
- TLS in transit, AES-256 at rest
- IAM least privilege; RBAC; SSO/SAML
- Private VPC & network isolation options
- Comprehensive audit trails & monitoring
- Data retention & deletion controls
- Customer-managed keys (CMK) available
Access controls
IAM least privilege, role-based access, SSO/SAML, MFA encouraged.
Incident response
Documented runbooks, SLAs, communications protocol, postmortems.
Subprocessors
Vetted third-parties with DPAs; minimal surface; inventory on request.
Responsible use of AI
Human oversight, evals, guardrails, auditability, model transparency.
Need details for review?
We’ll share our security brief and walk your team through architecture, data handling, and controls.