Security And Operations¶
Controls that are structural, not cosmetic — because your regulator will check.
The platform is built for regulated institutions, so its controls are part of its structure rather than a layer applied afterward. This chapter is the one your security and risk teams will read first. Available today.
Security Posture¶
The control story is structural:
- the primary isolation boundary is the Google Cloud project
- higher-order policy attaches at the folder and organisation level where possible
- your resources remain clearly separated from any shared platform resources
- deterministic execution is isolated from the API and experience layers
- evidence and analytical facts are governed independently from mutable collaboration state
The Security Envelope¶
flowchart TD
A[Identity and access] --> B[Northbound policy]
B --> C[Control plane]
C --> D[Runtime]
D --> E[Evidence and facts]
E --> F[Serving and AI]
Controls span the full stack. Available today.
| Control area | What it covers |
|---|---|
| Identity and access | IAM and workload identities, scoped to least privilege |
| Secrets and keys | Secret Manager and KMS |
| Policy | Project, folder, and organisation policy |
| Connectivity | Private connectivity and client-specific networks |
| Isolation | Per-tenant separation of data, runtime, and evidence |
Data Custody¶
Your retained submissions, evidence, governed bundles, and result artifacts are held immutably in your tenant's Cloud Storage. Your analytical truth is governed in BigQuery. Mutable, low-latency collaboration state is kept separate from the governed record, so the audit trail cannot be quietly overwritten. Available today.
Operational Model¶
The platform is operated as a managed service so your teams do not run the infrastructure:
- Reproducibility — every material result can be reproduced from its governed inputs and evidence.
- Traceability — the run registry records what ran, when, and under which approval.
- Evidence by default — results arrive with the evidence and lineage behind them, not on request.
- Run health — your teams see the reliability of runs and where to look when something needs attention.
Explainable, Bounded AI¶
Operationally, AI assistance is bounded by design: it reads governed facts and evidence references, it cites its sources, and it can never alter controlled configuration or result truth. Any action still flows through typed, authorised APIs and human approval. In force today. (See AI Architecture.)
What This Means For You¶
- You can answer your regulator with structural controls and an evidence trail, not assurances.
- Custody stays with you — your data, evidence, and execution history live in your tenant.
- You operate, we run. The undifferentiated heavy lifting of running the platform is ours; the governed outcomes are yours.
Where The Platform Is Today¶
The security posture, isolation model, data custody, run registry, evidence-by- default, run health, and bounded-AI controls are available today. Expanded operational tooling and reporting continue to grow — see Capability Maturity And Status.