# Security *** ### Security Levels & Best Practices **Platform and Architecture Security** * **Dedicated Environments:** Our AWS-based infrastructure is strictly segregated into separate environments for development, testing, and production. This ensures changes and experiments in non-production environments can never impact production or customer data. * **Least Privilege Permissions:** All IAM roles and policies are locked down using the minimum privileges required. No permission is ever granted unless it is strictly necessary for North to operate our service. * **Internal Security Audits:** Every significant new feature or architectural update undergoes internal security review to identify and address risks at design and implementation time. * **External Security Testing:** North contracts third-party SecOps professionals for regular penetration testing, including both black-box and gray-hat audits, to probe and validate the security of our production system. * **Comprehensive Logging & Auditing:** Every environment is continuously logged and monitored. Audit logs for all customer environments are maintained and can be made available for review by customers on request. * **SOC 2 Type I Compliance:** As of May 2024, North has completed its SOC 2 Type I audit. Full details of our compliance, including audit reports, are available to customers with a signed NDA—just reach out to our security team to request them. *** ### Customer Data Segregation & Controls **Strict Account Isolation & Data Segregation** * **One Billing Account per North Account:** North enforces a policy of one cloud provider billing account ID per North.Cloud account. This strict separation makes it impossible for cross-customer data access or account impersonation within our platform. * **Root User Controls:** Within each customer organization, we allow only one root North user per company domain. This increases control and minimizes the surface area for insider risk or account misuse. * **No Data Leakage:** There is no mechanism for data to transfer or be accessed between North.Cloud accounts. Customer workloads, savings plans, and reporting are all strictly isolated. * **Request Security Info:** Need more information? We provide detailed documentation and audit trails on a per-request basis for customers (subject to appropriate NDAs). --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.north.cloud/docs/getting-started/security.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.