Trust · Security
Bare-metal isolation. Encryption everywhere. No model on your data.
Security at iframe.ai is built on three things: physically isolated compute, defense-in-depth around the control plane, and contractual commitments that you can enforce. The list below is what we do, in writing.
Architecture
Single-tenant by design.
Bare-metal, single-tenant
Every Instance is a physical server provisioned for your exclusive use during the Reservation. We do not share, subdivide, or oversubscribe hardware between customers.
Network segmentation
Customer networks are isolated at the switch and routing layers. VPC interconnect is private — your traffic never crosses the public internet between your VPC and ours.
Hardware roots of trust
BIOS / firmware integrity is verified on every provisioning. Drives are wiped between Reservations using commercially reasonable methods; NIST SP 800-88 certified deletion is available on Enterprise Agreements.
Data protection
Encryption, by default.
| Property | Control | Standard | Enterprise |
|---|---|---|---|
| Encryption at rest | AES-256 | AES-256, customer-managed keys (KMS) on request | |
| Encryption in transit | TLS 1.2+ (TLS 1.3 default) | TLS 1.2+ (TLS 1.3 default) | |
| Console authentication | MFA required | MFA + SSO (SAML / OIDC) | |
| Instance access | Public-key SSH only | Public-key SSH + bastion / VPC-only access | |
| Data retrieval window | Upon Reservation expiry | Up to 30 days, negotiable | |
| Data deletion | Commercially reasonable methods | NIST SP 800-88 certified, signed certificate | |
| Breach notification | Within 72 hours of confirmation | Within 72 hours of confirmation |
Operational controls
Defense in depth around the platform.
Identity & access
MFA enforced for all administrative access. Role-based access on the platform; least-privilege defaults. Service accounts rotated automatically. SSO via SAML / OIDC available.
Monitoring & detection
Network-level IDS/IPS at every region edge. Centralized log collection with 12-month retention. 24/7 on-call for production incidents.
Vulnerability management
Monthly authenticated vulnerability scans across the platform fleet. Annual third-party penetration tests; summary reports under NDA.
Change management
Production changes require code review and pre-deploy testing in a staging environment that mirrors production. All deploys are recorded and reversible.
Personnel
Background checks on all staff with platform access. Annual security training. Confidentiality and IP-assignment agreements signed on day one.
Sub-processors
Limited and listed. Each is contractually bound to security standards no less protective than ours and to GDPR Article 28 obligations on customer data they process.
Customer Data
Your data, your IP. Full stop.
We don't train on it
Customer Data is never used to train, fine-tune, or improve any of our models, products, or services. This is contractual under the MSA, §6.3.
We don't aggregate it
Customer Data is never aggregated or commingled with other customers' data. Each Instance is a single-tenant boundary in storage and in compute.
We don't reverse-engineer it
Models, weights, and checkpoints stay yours. We do not inspect, copy, or analyze your model artifacts beyond what is required to run the workload you've asked us to run.
Incident response
What happens when something goes wrong.
- Detect. 24/7 on-call rotation backed by automated alerting from infrastructure, security, and platform layers.
- Contain. Affected systems are isolated; customer impact is scoped within the first hour for any P1 incident.
- Notify. If we confirm a security incident impacting Customer Data, we notify affected customers within 72 hours, with a preliminary assessment of scope.
- Remediate. Engineering owns the fix; security owns the post-mortem.
- Report. Root-cause analyses are mandatory for any incident over 60 minutes on Enterprise Agreements; available on request otherwise.
Need the full security questionnaire?
We respond to CAIQ, SIG, and customer-specific questionnaires. NDA first, paperwork second.