Trust / Security Packet

Security Architecture and Trust Overview

This packet summarizes the data architecture, encryption posture, access model, compliance status, and operational controls available for enterprise security and procurement review.

How Operious handles your data

Data isolation

All customer operational data is isolated at the database row level using Postgres Row Level Security with FORCE enforcement. No application-layer query can access another tenant's data regardless of what an AI model instructs.

Data retention

Operational records, governance decisions, session timelines, and audit events are retained for the duration of your contract plus 90 days, unless a shorter retention period is agreed in your DPA. Deletion requests are honored within 30 days.

Data processing

Operious processes customer contact data for the sole purpose of executing governed operational workflows. Customer data is never used for model training. Customer data is never shared across tenants.

Data residency

Default deployment: AWS ap-southeast-1 (Singapore) for APAC clients. Regional deployment options available for EU and US requirements. VPC and private deployment available under enterprise agreement.

Encryption posture

At rest

All tenant data encrypted at rest using AES-256-GCM. Tenant channel credentials - API keys, webhook secrets, access tokens - are encrypted with tenant-specific keys. Credentials are never returned in API responses.

In transit

All client-server communication over TLS 1.3. Internal service communication encrypted in transit. No plaintext credential transmission at any layer.

Audit trail integrity

Every governance decision is signed with HMAC-SHA256. Every session event carries a UUID5 deterministic identity. Audit records are append-only by architecture - no record can be modified after creation, at the application or database layer.

Identity and access model

Tenant isolation

Each enterprise client is a separate tenant. Tenant boundaries are enforced at the database layer with mandatory Row Level Security. No operator can access tenant data through application interfaces.

Role-based access

Role-based access control enforced via Auth0. Operator, supervisor, manager, and analyst roles available. Role permissions are configurable per tenant.

SSO

SSO integration available for enterprise clients. SAML 2.0 and OIDC supported. SCIM provisioning available on request.

Compliance and certifications

SOC 2 Type II

Audit planning in progress. Target: Q3 2026. Operious does not present in-progress certifications as completed. Pre-SOC 2 architecture review and security questionnaire responses available upon request.

HIPAA

Business Associate Agreement available for healthcare clients where deployment scope and controls are reviewed and agreed.

GDPR / Privacy

Data Processing Addendum available on request. Subprocessor list maintained and available to enterprise clients. Data subject request handling supported.

Operational controls

Vulnerability disclosure

Security disclosures accepted at security@operious.com. Response within 24 hours for critical reports.

Incident response

Security incident notification within 72 hours of confirmed breach affecting tenant data, per applicable regulatory requirements.

Penetration testing

Third-party penetration testing planned for Q3 2026 alongside SOC 2 audit. Results shared with enterprise clients under NDA.

Dependency management

Software dependencies audited continuously. Zero CVE-affecting dependencies in production stack.

For a complete security review packet including data flow diagrams, identity model, tenancy architecture, and security questionnaire responses, request a security review.

Request Security Review