Safety & Security
Enterprise-Grade Security & Safeguards
Your contracts contain some of your most valuable business data. At Librari, protecting that data is foundational. We never train our AI on your data. And, our architecture, policies, and operational practices are designed to safeguard sensitive information without compromising speed, functionality, or user experience.
Enterprise- Grade Encryption
In Transit: All data encrypted using TLS 1.2+ protocols.
At Rest: AES-256 encryption for enhanced PDFs, metadata, and embeddings stored in secure AWS S3 buckets.
Tenant Isolation: Logical separation of your data with tightly controlled, auditable access.
At Rest: AES-256 encryption for enhanced PDFs, metadata, and embeddings stored in secure AWS S3 buckets.
Tenant Isolation: Logical separation of your data with tightly controlled, auditable access.
Access & Authorization
Least-Privilege Principle: We preserve your storage role-based access controls (RBAC) for each file, ensuring that your team members using Librari will only see files for which they have been given access privileges in your own applications.
Single, Auditable Integration Points: Option to use dedicated service accounts for enterprise-wide access without proliferating credentials.
Single, Auditable Integration Points: Option to use dedicated service accounts for enterprise-wide access without proliferating credentials.
Flexible Deployment Models
Librari-Hosted Enhanced Files: Encrypted storage in Librari-managed S3 with complete auditability.
Customer-Hosted Enhanced Files (Coming Soon): Store processed files in your own S3-compatible environment with a mirrored folder structure for analytics continuity.
Customer-Hosted Enhanced Files (Coming Soon): Store processed files in your own S3-compatible environment with a mirrored folder structure for analytics continuity.
Compliance & Certifications
SOC 2: Our architecture and operational practices already align with SOC 2 Type II controls; formal certification process is underway.
CASA: Librari is approved by Cybersecurity and Infrastructure Security Agency (CISA) Cloud Authorization.
Audit-Ready Logging: Full records of system and access events to support compliance audits.
CASA: Librari is approved by Cybersecurity and Infrastructure Security Agency (CISA) Cloud Authorization.
Audit-Ready Logging: Full records of system and access events to support compliance audits.
Operational Safeguards
Continuous Monitoring: Automated systems detect and flag unusual activity patterns.
Vendor & Infrastructure Security: Hosted on AWS with shared-responsibility compliance for ISO 27001, SOC 2, and FedRAMP Moderate.
Disaster Recovery & Redundancy: High-availability architecture with data durability protections.
Vendor & Infrastructure Security: Hosted on AWS with shared-responsibility compliance for ISO 27001, SOC 2, and FedRAMP Moderate.
Disaster Recovery & Redundancy: High-availability architecture with data durability protections.
We Never Train our AI on Your Data
Security is an ongoing discipline at Librari. We continuously review, test, and improve our systems to meet the evolving security needs of our customers and the industries they serve.
For technical security inquiries: security@thelibrari.com
For technical security inquiries: security@thelibrari.com