Security
Security
Security
Security of our agents and products is the top priority - and we build Idemeum accordingly.
Product security
Endpoint Care
AI security
We take a security-by-design approach to protecting your data. Our team continues to make investments so you can use Idemeum with confidence.
We take a security-by-design approach to protecting your data. Our team continues to make investments so you can use Idemeum with confidence.
Security gate
Determines if the request is a legitimate support question and is safe to execute - catches ambiguity, prompt injection, or sensitive targets before any LLM call.
Security gate
Determines if the request is a legitimate support question and is safe to execute - catches ambiguity, prompt injection, or sensitive targets before any LLM call.
Security gate
Determines if the request is a legitimate support question and is safe to execute - catches ambiguity, prompt injection, or sensitive targets before any LLM call.
Plan and execute
Produces a complete plan that becomes a binding contract - LLM can not deviate from the plan regardless of its own reasoning.
Plan and execute
Produces a complete plan that becomes a binding contract - LLM can not deviate from the plan regardless of its own reasoning.
Plan and execute
Produces a complete plan that becomes a binding contract - LLM can not deviate from the plan regardless of its own reasoning.
Reasoning guard
Validates the complete plan before execution - verifies all tools are allowed for the plan, tools aggregate risk is not exceeding the defined threshold, and all tool prerequisites are met before the execution stage.
Reasoning guard
Validates the complete plan before execution - verifies all tools are allowed for the plan, tools aggregate risk is not exceeding the defined threshold, and all tool prerequisites are met before the execution stage.
Reasoning guard
Validates the complete plan before execution - verifies all tools are allowed for the plan, tools aggregate risk is not exceeding the defined threshold, and all tool prerequisites are met before the execution stage.
Access control
Administrators can define permitted tools, risk thresholds, and required diagnostic prerequisites per skill in the admin portal.
Access control
Administrators can define permitted tools, risk thresholds, and required diagnostic prerequisites per skill in the admin portal.
Access control
Administrators can define permitted tools, risk thresholds, and required diagnostic prerequisites per skill in the admin portal.
Execution guard
Enforces all tool checks at execution time and handles necessary user permission requests on the endpoint.
Execution guard
Enforces all tool checks at execution time and handles necessary user permission requests on the endpoint.
Execution guard
Enforces all tool checks at execution time and handles necessary user permission requests on the endpoint.
Deterministic tools
Every tool is implemented as deterministic TypeScript code, ensuring predictable, auditable execution with no hallucination risk.
Deterministic tools
Every tool is implemented as deterministic TypeScript code, ensuring predictable, auditable execution with no hallucination risk.
Deterministic tools
Every tool is implemented as deterministic TypeScript code, ensuring predictable, auditable execution with no hallucination risk.
Secret redaction
Every tool output is automatically sanitized for sensitive information before it reaches the LLM.
Secret redaction
Every tool output is automatically sanitized for sensitive information before it reaches the LLM.
Secret redaction
Every tool output is automatically sanitized for sensitive information before it reaches the LLM.
Chat audit trail
Every user conversation, tool run, consent, and outputs are captured in the cloud audit trail.
Chat audit trail
Every user conversation, tool run, consent, and outputs are captured in the cloud audit trail.
Chat audit trail
Every user conversation, tool run, consent, and outputs are captured in the cloud audit trail.
Product security
Endpoint Control
security
Security is the fundamental block to our application, privilege, and admin account control.
Security is the fundamental block to our application, privilege, and admin account control.
Logins with MFA
Every login is multi-factor, using the combination of biometrics and certificates.
Logins with MFA
Every login is multi-factor, using the combination of biometrics and certificates.
Logins with MFA
Every login is multi-factor, using the combination of biometrics and certificates.
FIDO2 compliant
Idemeum mobile app implements MFA based on modern FIDO2 standards.
FIDO2 compliant
Idemeum mobile app implements MFA based on modern FIDO2 standards.
FIDO2 compliant
Idemeum mobile app implements MFA based on modern FIDO2 standards.
Device recovery
When encryption keys are lost, recovery can be performed using the emergency key, or with approval by other technicians.
Device recovery
When encryption keys are lost, recovery can be performed using the emergency key, or with approval by other technicians.
Device recovery
When encryption keys are lost, recovery can be performed using the emergency key, or with approval by other technicians.
Device compliance
Validate the compliance of devices using Android and iOS built-in security and signing certificates before granting access to idemeum portal.
Device compliance
Validate the compliance of devices using Android and iOS built-in security and signing certificates before granting access to idemeum portal.
Device compliance
Validate the compliance of devices using Android and iOS built-in security and signing certificates before granting access to idemeum portal.
Hardware backed storage
Mobile crypto keys are stored leveraging Strongbox or iOS security enclave on Android and iOS.
Hardware backed storage
Mobile crypto keys are stored leveraging Strongbox or iOS security enclave on Android and iOS.
Hardware backed storage
Mobile crypto keys are stored leveraging Strongbox or iOS security enclave on Android and iOS.
API key encryption
Even when enabling API integrations to perform automated actions on vault data, all encryption is performed with security API key that is not persisted in the cloud.
API key encryption
Even when enabling API integrations to perform automated actions on vault data, all encryption is performed with security API key that is not persisted in the cloud.
API key encryption
Even when enabling API integrations to perform automated actions on vault data, all encryption is performed with security API key that is not persisted in the cloud.
Compliance
SOC2 Type2
The SOC 2 Type 2 is an audit report performed by an independent third-party certified by the American Institute of Certified Public Accountants (AICPA) to evaluate a service organization's controls related to the Trust Services Criteria (TSC).
SOC2 Type 2
Compliance
SOC2 Type2
The SOC 2 Type 2 is an audit report performed by an independent third-party certified by the American Institute of Certified Public Accountants (AICPA) to evaluate a service organization's controls related to the Trust Services Criteria (TSC).
SOC2 Type 2
Compliance
SOC2 Type2
The SOC 2 Type 2 is an audit report performed by an independent third-party certified by the American Institute of Certified Public Accountants (AICPA) to evaluate a service organization's controls related to the Trust Services Criteria (TSC).
SOC2 Type 2
Infrastructure
Reliability
With robust uptime guarantees and multi-level redundancy, you can trust Idemeum will be there when you need it.
With robust uptime guarantees and multi-level redundancy, you can trust Idemeum will be there when you need it.
Enterprise infrastructure
We leverage AWS to build a world-class architecture and to ensure users that Idemeum is built for maximum business resilience.
Enterprise infrastructure
We leverage AWS to build a world-class architecture and to ensure users that Idemeum is built for maximum business resilience.
Enterprise infrastructure
We leverage AWS to build a world-class architecture and to ensure users that Idemeum is built for maximum business resilience.
Availability and failover
Idemeum keeps your data safe by having multiple zones for redundancy, have a comprehensive backup program, and regularly testing our disaster recovery and business continuity program.
Availability and failover
Idemeum keeps your data safe by having multiple zones for redundancy, have a comprehensive backup program, and regularly testing our disaster recovery and business continuity program.
Availability and failover
Idemeum keeps your data safe by having multiple zones for redundancy, have a comprehensive backup program, and regularly testing our disaster recovery and business continuity program.
Service status
Notion makes it transparent and easy with a real-time view of Notion’s availability through the status page.
Service status
Notion makes it transparent and easy with a real-time view of Notion’s availability through the status page.
Service status
Notion makes it transparent and easy with a real-time view of Notion’s availability through the status page.