Trust & Security

Security at SimOracle

SimOracle is deployed inside organizations where decisions carry real consequences. Security is not a feature. It is a requirement — built into the architecture from day one.

Data Encryption

  • All data encrypted in transit using TLS 1.3
  • Data encrypted at rest using AES-256
  • Encryption keys managed via dedicated key management infrastructure
  • Zero plaintext storage of sensitive organizational data

Access Control

  • Role-based access controls across all internal systems
  • Multi-factor authentication required for all administrative access
  • Principle of least privilege enforced across engineering and operations
  • Comprehensive audit logging for all data access and system changes

Infrastructure

  • Enterprise clients available in private cloud with fully isolated infrastructure
  • No cross-client data sharing at any layer of the stack
  • Continuous infrastructure monitoring and anomaly detection
  • Regular third-party penetration testing

Organizational Data

  • Client organizational data never used to train shared models
  • Configuration data, agent models, and outputs are client-exclusive
  • Data Processing Agreements available for enterprise clients
  • Data deletion on contract termination, with certified destruction on request

Compliance

  • SOC 2 aligned architecture and controls
  • GDPR-compatible data handling practices
  • Custom compliance configurations available for regulated industries
  • Audit-ready decision trails support internal governance and regulatory review

Business Continuity

  • 99.5% monthly uptime SLA for core services
  • Automated failover and redundancy across critical systems
  • Regular disaster recovery testing
  • Incident response plan with defined escalation paths and notification timelines

Responsible Disclosure

If you believe you have discovered a security vulnerability in SimOracle's systems, we ask that you report it to us privately before any public disclosure. We take all reports seriously and will respond within two business days.

security@simoracle.com

Have questions about security for your specific deployment?

Talk to our team →