Security

Clusy handles customer datasets, training runs, and model artifacts. We design security into the product, infrastructure, and operations so customers can trust how data moves through the platform. Our approach emphasizes least privilege, defense-in-depth, and clear auditability across the ML lifecycle.

• Production environments are isolated from development and managed through infrastructure-as-code with review.
• Network segmentation separates edge, application, and data layers. Only required services are exposed.
• Traffic is protected with managed edge security controls and rate limiting to reduce attack surface.
• Secrets and credentials are stored in managed secret stores with access logging and rotation.

• Code changes go through review and automated testing before deployment.
• Dependencies are monitored for known vulnerabilities and updated on a regular cadence.
• Staged rollouts and observability help detect regressions quickly.

• Data in transit uses TLS. Data at rest is encrypted by default through our cloud providers.
• Customer datasets, training artifacts, and logs are logically separated by workspace.
• Support access to customer data is time-bound, approved, and logged.
• Backups follow the same encryption controls and are periodically tested for restore.

• Employee access follows least-privilege and is tied to role-based controls.
• Multi-factor authentication is required for privileged accounts and administrative tooling.
• Access requests, approvals, and revocations are logged and reviewed on a regular cadence.
• Contractors and vendors receive time-bound, auditable access scoped only to their assignments.

• Centralized logging and alerting provide visibility into security and availability signals.
• Runbooks define severity levels, escalation paths, customer communication, and remediation.
• Post-incident reviews document root cause and corrective actions.

Critical services are designed with redundancy and backups. Recovery objectives are defined for core services, and disaster recovery procedures are documented and reviewed as the platform evolves. Vendor dependencies are evaluated for redundancy, exit strategies, and financial health.

Third-party providers undergo security review, contractually binding data protection terms, and periodic reassessment. We track subprocessor inventory and restrict vendors to the minimum scope necessary to deliver their service.

Security is a shared responsibility. Customers should safeguard credentials, enforce MFA for their operators, configure access roles appropriately, and promptly report anomalies. Where integrations connect to your infrastructure, you are responsible for the controls on your side of the connection.

If you discover a vulnerability, please email security@clusy.io with enough detail to reproduce the issue. We will acknowledge receipt within one business day, provide status updates, and coordinate public disclosure once a fix is in place. We ask that you avoid accessing customer data, disrupting service, or retaining sensitive information during research.