Cloud Platform Security

Self-hosted workers – Your credentials and internal tool access stay within your environment using our self-hosted proxy service. Data encryption – All data, whether at rest or in transit, is encrypted using robust security protocols. Enterprise-grade security – Our platform follows best practices, including multi-factor authentication (MFA), continuous vulnerability scanning, penetration testing, and strong network security measures like firewalls. Compliance & reporting – We uphold strict security compliance standards. Reach out for more details on our compliance framework.

AI & Large Language Models (LLMs)

Deployment

  • We work only with trusted vendors that guarantee no data usage for model training.
  • For enterprises, we offer dedicated AI instances and private model deployments.

Training & Data Handling

  • We do not fine-tune or train LLMs on customer data.
  • Our platform operates on principles of chaos minimisation, leveraging context from structured sources instead of depending on LLMs:

Tool & Data Access Controls

  • Isolated AI & backend services – The AI agent can request data but cannot execute actions directly. All execution requests pass through a backend review for correctness & safety.
  • Strict workspace-level isolation
    • Each workspace has a unique agent, restricted to its own data and tools.
    • Data is accessed only on a need-to-know basis with proper authentication.

Compliance & Certifications

DrDroid is actively pursuing:
  • SOC-2
  • ISO 27001
For more details, visit our Trust Center.