Skip to content
Trust & Security

Built for enterprise AI — with governance, auditability, and least privilege.

ScaleIQ is designed to satisfy CISO, audit, and procurement requirements before your team even gets to a procurement call.

Tenant isolation

Logical tenant isolation by design — scoped at the application and database layers, with no shared inference. Independent validation is part of our in-progress SOC 2 examination.

Least privilege

Scoped Graph permissions, just-enough access, and admin-approved consent for every connector.

Audit visibility

Evidence-grade logs of every action, recommendation, and policy decision — exportable on demand.

Secure-by-default

Encrypted in transit and at rest. SSO via Entra. MFA enforced. Conditional access supported.

Data handling

What we access. What we store. Where it runs.

What we access

  • Microsoft Graph signals (least privilege)
  • Entra & Azure configuration (read-only)
  • Copilot Studio agent metadata

What we store

  • Aggregated signals & derived insights
  • Audit & evidence trails
  • No content training. No model fine-tune on your data.

Where it runs

  • Microsoft Azure regions you select
  • Customer data does not leave the Microsoft boundary
  • Sub-processors disclosed and reviewed

Retention & deletion

  • Configurable retention windows
  • On-demand export and deletion
  • Documented data lifecycle
Governance capabilities

Controls that hold up under scrutiny.

Agent governance

Approve, monitor, and retire Copilot agents with policy-aware workflows and full evidence.

Connector controls

Allowlist, denylist, and constrain connectors per persona, environment, and risk class.

Approvals & evidence

Every change is logged with approver, justification, and policy basis — ready for audit.

Compliance posture

Aligned to common frameworks. SOC 2 in progress. Evidence packs available on request.

Need the security pack?

Architecture overview, data-flow diagrams, sub-processor list, and policy summary — sent on request.