SECURITY MODEL
Ruakiel is built on the principle that the platform should never have access to customer data it cannot protect. Every design decision — from encryption to access control to audit trails — flows from this commitment.
Zero-Knowledge Encryption
Customer data is encrypted at rest using industry-standard authenticated encryption before it leaves the client. BYOK (Bring Your Own Key) tenants derive their encryption key from a passphrase — Ruakiel never sees the plaintext or the key. Lost passphrase means lost data: this is intentional.
Tenant Isolation
Every record is structurally scoped to a single tenant. No request can read or write across tenant boundaries. Isolation is validated by automated cross-tenant negative tests on every CI run.
Access Control
Permissions are asserted in every authenticated request. Token audience claims are validated on every call. Role-based access control gates every API endpoint — there are no capability-by-convention paths.
Audit Trails
Every agent action, tool call, and approval decision is written to an immutable audit log. Approval workflows support multi-party authorisation — a single operator cannot unilaterally approve sensitive actions.
Data Minimisation
PII fields are tracked at the model level. Ephemeral records carry a TTL and are automatically purged in accordance with GDPR Article 5(1)(e).
Full Security Documentation
Detailed architecture diagrams, penetration test results, SOC 2 readiness posture, and trust boundary documentation are available to onboarded customers and prospective enterprise partners.
Request access →