Try LaserBI free Try LaserBI free
Security & Trust

Enterprise-grade security for every customer

LaserBI is built with a defense-in-depth approach: encrypted by default, least-privilege access, and strict tenant isolation. We meet teams where they are with SSO, audit logging, and a transparent compliance roadmap.

  • πŸ”’ Encryption β€” TLS 1.2+ in transit, AES-256 at rest
  • πŸ‘₯ Access controls β€” SSO, MFA, RBAC, SCIM (Roadmap)
  • 🧾 Auditability β€” Admin audit logs & export
  • 🌎 Data residency β€” US default; EU options (Roadmap)
  • πŸ“¦ Backups & continuity β€” Point-in-time restore; documented RPO/RTO

Trusted controls and a transparent compliance roadmap

SOC 2 Type II Roadmap
ISO 27001 Roadmap
GDPR-aligned
CCPA-aligned
SSO / SAML
SCIM Provisioning Roadmap
Data Protection & Access Controls

Defense-in-depth for your data, identities, and workflows

We combine modern encryption, strong authentication, granular authorization, and strict tenant isolation. Your data is never used to train public AI models.

Encryption β€” TLS 1.2+ in transit, AES-256 at rest; secrets managed via cloud KMS.
Optional Customer-managed keys (Roadmap)
Identity & Access β€” SSO (SAML/OIDC) with Okta, Azure AD, Google; MFA at your IdP; RBAC for Admin / Analyst / Viewer.
SCIM Provisioning (Roadmap) β€’ IP allow-listing (By request)
Tenant isolation β€” Logical per-tenant data separation; least-privilege service roles; row-level policies.
Background jobs run with scoped service accounts only.
AI data usage β€” No customer data is used to train public AI models.
Private fine-tuning (Opt-in)
Data residency β€” US regions by default.
EU regional options (Roadmap)

Lifecycle controls

StagePrimary controls
Ingestion TLS 1.2+, OAuth/scoped API keys, optional IP allow-listing
Processing Ephemeral compute; least-privilege roles; secrets in KMS; change-managed pipelines
Storage AES-256 at rest; per-tenant isolation; encrypted backups
Access SSO (SAML/OIDC); MFA via IdP; RBAC; admin audit logs & export
Retention & Deletion Configurable retention policies; hard deletes upon contract termination

Annual third-party penetration tests with executive summary available under NDA.

Compliance, Reliability & Operations

Aligned with leading frameworks and built for continuity

LaserBI adheres to global privacy and security standards while maintaining transparent operational practicesβ€”backups, monitoring, and annual assessments included.

Compliance & Privacy

  • GDPR & CCPA controls with standard DPA available on request.
  • SOC 2 Type II Assessment in progress
  • ISO/IEC 27001 Gap analysis
  • Sub-processors reviewed before onboarding; list available upon request.
  • Annual 3rd-party penetration tests; executive summary available under NDA.

Reliability & Operations

AreaControls
BackupsEncrypted, automated daily backups; point-in-time restore capability
ContinuityDefined RPO/RTO targets; multi-AZ resilience with provider redundancy
MonitoringContinuous uptime and anomaly monitoring; alerting to on-call
DevelopmentSecure SDLC; code review; dependency scanning; secrets via KMS
Incident ResponseDocumented playbooks; on-call rotations; customer notifications per contract
Security FAQ

Security questions, answered

Do you use customer data to train AI models?
No. Customer data is never used to train public AI models. Opt-in private fine-tuning is isolated to your tenant.
Where is my data stored?
Data resides in US regions by default. EU regional hosting is on our roadmap.
Do you support SSO or SCIM?
Yes, SSO via SAML/OIDC is supported today. SCIM provisioning is planned for a future release.
Do you perform security assessments?
Yes. We conduct annual 3rd-party penetration tests and ongoing vulnerability scans.
Can LaserBI be hosted privately?
Private or VPC deployments are being evaluated. Contact our team to discuss requirements.
Can we sign a DPA or get the sub-processor list?
Yes. Our standard Data Processing Addendum and sub-processor list are available upon request.

Talk to our security team

Need a DPA, sub-processor list, or security questionnaire? Our team is ready to assist.

Security details subject to change as we strengthen our controls.