Single Sign‑On (SAML/OIDC) with Okta/Azure AD and automated provisioning via SCIM 2.0. MFA enforced at IdP. Fine‑grained RBAC and least‑privilege access.
Encryption
TLS 1.3 for data in transit; AES‑256 for data at rest. Key management via KMS; token and secret handling with authenticated encryption.
Audit Logging & Explainability
Immutable audit logs for auth, admin, and data events. AI decisions recorded with correlation IDs, provider/model, confidence, and rationale for traceability.
Backups & Disaster Recovery
Automated daily backups with periodic restore tests. Documented DR/BCP with RPO/RTO targets and incident response procedures.
Data Governance & Vendor Management
Data retention policies, right‑to‑erasure support, vendor risk reviews, and signed DPAs where applicable. Penetration testing and vulnerability scanning.
Availability & Monitoring
99.9% uptime target with health checks, circuit breakers, rate limiting, and real‑time metrics. SLA options available for enterprise.
Documentation & Evidence
Request access to security documentation and private summaries through the enterprise team.
Security Policies
Security policy summary available on requestData retention policy available on requestIncident response plan available on request
Reports & Summaries
Penetration-test summary available on requestAudit logging overview available on requestSOC 2 controls summary available on request