The controls below are live in the platform today — designed to the standards independent auditors certify against, for both security (SOC 2, ISO 27001) and responsible AI (ISO 42001).
Built and operated to the controls independent auditors certify against — SOC 2 and ISO 27001 for security, ISO 42001 for responsible AI. Formal, independent certification is available as part of an enterprise agreement.
Nothing reaches your customers without an authorised approval — you choose how much runs automatically, and where it stops for you.
Every action the system or a person takes is permanently recorded and exportable — records can't be quietly altered.
People get the minimum access their role needs; anything extra is time-boxed and expires automatically.
Unattended sessions sign out automatically after a period of inactivity (with a countdown warning first), and every session has a hard time limit — so a walked-away screen or a forgotten login can't be misused.
Hosted in Australia (dedicated instances available in your region — including deployment into AWS or Azure for enterprise requirements), fully separated per client, never used to train AI models, exportable if you ever leave.
Traffic is encrypted end-to-end; backups run nightly, encrypted, and are stored off the primary server.
Every service is watched around the clock — issues alert us immediately and self-heal where safe.
Built around the Australian Privacy Principles, including your customers' right to access and erasure.
Human approval gates, fully audited AI actions and instant kill-switches — the controls emerging AI standards (ISO 42001, Australia's Voluntary AI Safety Standard) call for, built in from day one.
Questions from your IT person or insurer? Ask for our full security overview →
Book a free 30-minute call and we'll answer them straight — and map exactly how your data would be handled.
Start your free audit or email security@laruna.ai