Trust & Compliance

Security at Sonus — Your Data Stays Yours

We treat security as a foundational feature. Sonus operates on a zero-trust architecture designed to protect your most sensitive business intelligence.

Infrastructure & Architecture

Your data stays yours.
We just read it.

Sonus is built on a zero-trust, warehouse-native architecture. We never move, copy, or duplicate your raw data. We query it in real-time, ensuring your business intelligence remains strictly under your control.

Security Posture

Certified for the enterprise

SOC 2 Type II

Fully certified. Our platform undergoes rigorous annual audits to ensure controls are operating effectively.

GDPR Compliant

Built with data privacy at its core. We facilitate data subject rights requests and maintain full audit trails.

HIPAA-Ready

Our architecture supports PHI compliance. We provide the necessary documentation to enable HIPAA BAA agreements.

ISO 27001

In progress. We are actively pursuing ISO 27001 certification to further validate our information security management.

Data Architecture

Read-Only, Query-Time Access

Sonus operates as a read-only client to your existing data warehouse. We do not replicate data into our own storage, nor do we introduce new ETL pipelines. This architecture eliminates the risk of data leakage and ensures compliance with data residency requirements.

How it works: When you connect a source, Sonus establishes a secure, read-only connection via your warehouse's native connector. We analyze your schema and define baselines directly against your raw tables. All statistical processing and signal generation happens at query time, ensuring you always have visibility into the most current state of your data without the latency of data replication.

Our platform supports row-level security (RLS) and column-level masking passthrough, meaning any restrictions you apply in your warehouse are automatically respected by Sonus.

Identity & Access

Granular Control & Auditability

We believe security must be convenient. Sonus integrates seamlessly with your existing identity providers to ensure the right people have access to the right signals.

  • SSO / SAML 2.0
    Single sign-on support for Okta, Azure AD, and Google Workspace.
  • RBAC
    Role-Based Access Control to define permissions at the team and signal level.
  • MFA
    Mandatory Multi-Factor Authentication for all admin and analyst accounts.
  • Full Audit Logs
    Complete logs of who viewed what, when, and from which IP address.
Encryption Standards

Defense in Depth

At-Rest Encryption

All metadata and aggregated metric results are encrypted using AES-256 (FIPS 140-2 compliant) at rest within our database infrastructure.

In-Transit Security

All communication between your warehouse and Sonus, as well as between the user and the platform, is secured via TLS 1.3.

Key Management

We utilize industry-standard key management practices. Enterprise customers have the option to integrate with their own external Key Management Service (KMS) for maximum control.

Reliability

Incident Response & Transparency

SLA Commitment: We maintain a 99.9% uptime SLA. In the event of a service disruption, we have a dedicated incident response team that notifies customers within 4 hours of detection.

Disclosure Policy: We believe in radical transparency. If there is a potential security incident that impacts customer data, we will notify you immediately and provide a full technical breakdown of the event, alongside remediation steps.

Penetration Testing

Our security team conducts annual third-party penetration testing. We invite external security researchers to stress-test our infrastructure through our Bug Bounty program. Full results of these tests are available upon request for prospective enterprise clients.

Documentation

Compliance & Security Resources

Review our shared responsibility model and security whitepapers to understand how we work together to protect your data.

Security Whitepaper

A comprehensive overview of our architecture, threat model, and security controls.

Download PDF

Shared Responsibility Model

Understand the boundaries of security for both Sonus and your organization.

Download PDF
Need More Details?

Request our Security Documentation Package

Our team can provide a tailored security overview, including SOC 2 reports, penetration testing summaries, and a technical architecture diagram specific to your environment.

Contact Security Team