AI Use & Security

Learn more about the security put in place around North Agent our customer's best cloud FinOps assistant.

North Agent Security & Privacy

Overview

At North.Cloud, we understand that security and data privacy are paramount when integrating AI agents into your cloud infrastructure. This document outlines our comprehensive security practices for North Agent, demonstrating our commitment to protecting your sensitive cloud data.

Core Security Principles

Your Data is Never Used for AI Training

We do not train or perform inference on any LLMs, open source or proprietary - using customer data.

Customer data is strictly off-limits for model training purposes
Your cloud infrastructure data, billing information, and usage patterns remain completely private
We never share, sell, or use your data to improve third-party AI models

Complete Data Isolation

Your data never leaves our secure AWS environment:

VPN-Protected Infrastructure: All customer data remains within our Virtual Private Cloud (VPC) inside AWS
Self-Hosted Models: We use foundational models hosted entirely within our own AWS account, your data never reaches external AI services
Zero External Transmission: Customer data is never sent to third-party APIs, external LLM providers, or cloud services outside our controlled environment

Data Separation & Access Control

Physical Data Segregation

Each North Agent deployment is physically isolated from other customers:

Dedicated Resources: Every customer's North Agent operates in a completely separate environment
No Cross-Customer Access: Technical architecture prevents any possibility of data leakage between customers
Isolated Storage: Customer data is stored in dedicated, encrypted databases with strict access boundaries

OAuth-Level Authentication

We implement industry-standard OAuth 2.0 authentication at the agent level:

Credential-Based Access: North Agent can only retrieve data that corresponds to your specific login credentials
Principle of Least Privilege: Each agent has access only to the resources explicitly authorized by your account
Session Management: Secure token-based authentication ensures that only authenticated users can interact with their North Agent

Conversation Storage & Transparency

Why We Store Conversations

To provide you with the best possible experience, we store customer conversations with North Agent. This enables:

Improved Response Quality: Learning from interaction patterns helps us refine agent responses
Enhanced Context Awareness: Maintaining conversation history allows for more intelligent, contextual assistance
Better LLM Effectiveness: Understanding how customers use North Agent helps us optimize prompt engineering and response relevance

Important: Stored conversations are never used to train foundational LLMs only to improve our prompting strategies and response frameworks.

Your Control Over Data Storage

We believe in giving you complete control:

Opt-Out Available: If you prefer not to have conversations stored, we can disable this feature for your account
Data Deletion: You can request deletion of stored conversation data at any time
Transparency: We're happy to discuss exactly what data is stored and how it's used

To disable conversation storage or request data deletion, please contact our support team at [[email protected]] or through your account .

Compliance & Standards

Industry Best Practices

North Agent is built on enterprise-grade security standards:

Encryption at Rest: All stored data is encrypted using AES-256 encryption
Encryption in Transit: TLS 1.3 for all data transmission
Regular Security Audits: Continuous monitoring and third-party security assessments
Access Logging: Comprehensive audit trails of all data access and agent activities

Frequently Asked Questions

Q: Does North Agent send my data to OpenAI, Anthropic, or other AI providers?

A: No. We use self-hosted foundational models that run entirely within our AWS infrastructure. Your data never reaches external AI service providers.

Q: Can other North.Cloud customers see my data?

A: No. Each North Agent is physically separated from other customers. Technical safeguards make cross-customer data access impossible.

Q: What happens if I delete my account?

A: All customer data, including stored conversations, is permanently deleted according to our data retention policy. You can also request immediate deletion at any time.

Q: What access does North Agent have?

A: North Agent has the same access as our traditional application.

A: Yes. Our data practices are designed to comply with major privacy regulations including GDPR and SOC 2 requirements.

Commitment to Transparency

Security isn't just about technology—it's about trust. We're committed to:

Clear Communication: We'll always be transparent about how we handle your data
Regular Updates: This documentation is updated as our practices evolve
Responsive Support: Questions about security? Our team is here to help

PreviousMFA NextRecommended Best Practices

Last updated 4 months ago

Was this helpful?

Good evening

hashtagNorth Agent Security & Privacy

hashtagOverview

hashtagCore Security Principles

hashtagYour Data is Never Used for AI Training

hashtagComplete Data Isolation

hashtagData Separation & Access Control

hashtagPhysical Data Segregation

hashtagOAuth-Level Authentication

hashtagConversation Storage & Transparency

hashtagWhy We Store Conversations

hashtagYour Control Over Data Storage

hashtagCompliance & Standards

hashtagIndustry Best Practices

hashtagFrequently Asked Questions

hashtagQ: Does North Agent send my data to OpenAI, Anthropic, or other AI providers?

hashtagQ: Can other North.Cloud customers see my data?

hashtagQ: What happens if I delete my account?

hashtagQ: What access does North Agent have?

hashtagQ: Do you comply with GDPR, CCPA, and other privacy regulations?

hashtagCommitment to Transparency