Data Backups
Deep Origin captures backups on a regular basis to ensure internal and customer data is protected from loss according to our Business Continuity and Disaster Recovery procedures. All backup materials are encrypted using AES-256.
Data Deletion / Data Retention
Deep Origin may securely retain API inputs and outputs at varying lengths to provide the services and to identify abuse. After their respective retention timeframe, API inputs and outputs are removed from our systems, unless we are legally required to retain them.
Encryption-at-rest
All customer data is encrypted at-rest using AES-256. Deep Origin is committed to following encryption best practices per industry guidelines and continually reviews the rigor of current encryption standards
Encryption-in-transit
All customer data is encrypted in-transit using TLS 1.2/1.3.
Physical Security
Physical security is managed by AWS.
AI Governance
Deep Origin captures backups on a regular basis to ensure internal and customer data is protected from loss according to our Business Continuity and Disaster Recovery procedures. All backup materials are encrypted using AES-256.
AI Risk Management
Deep Origin’s teams are dedicated to developing a deep understanding of both known and potential unknown risks, integrating enhanced safety and ethical reasoning into our foundational models.
AI Security
Deep Origin's teams are dedicated to implementing system-level mitigations across our products. This comprehensive approach ensures that our AI systems are secured against evolving threats and privacy concerns, maintaining high standards of safety and compliance
AI Training Data and Bias
At Deep Origin, we recognize the importance of addressing AI safety challenges, particularly in the context of training data and potential biases.
Data Breach Notifications
In the event of a data breach involving customer data, notifications will be sent in accordance with the terms of our MSA.
Employee Privacy Training
Personnel perform security and privacy awareness training on an annual basis. Topics covered include: Passwords, Mobile devices, Social Engineering, Physical security, and Phishing.
Data Access
Deep Origin internal system access is adherent to the principles of least privilege, separation of duties, subject to regular review by administrators, documented with clear rationales for provisioning and changes, and revoked according to termination policies.
Logging
The Deep Origin environment is subject to constant monitoring for anomalous activity. Logs are stored in our SIEM Tooling.
Password Security
Deep Origin has a strong internal password policy that includes a requirement for MFA for accounts that do not support SSO. Passwords are required to meet industry standard complexity requirements and are stored in a company managed password manager.
AWS
The Deep Origin infrastructure is hosted on Amazon Web Services in multiple regions.
Business Continuity & Disaster Recovery
Deep Origin maintains a Business Continuity and Disaster Recovery plan, which is tested, reviewed and approved annually. Deep Origin also conducts regular testing of critical services, backup systems and operational infrastructure to ensure business continuity requirements are met.
Infrastructure Security
Deep Origin employs infrastructure-as-code (IaC) techniques to securely deploy and manage resources within our operational environment. This enables rapid provisioning and scaling while ensuring that all deployments meet security standards.
Separate Production Environment
At Deep Origin, production, staging, and development environments are maintained as distinct entities to safeguard operational integrity and data confidentiality. In these separate environments, customer data is strictly prohibited from use in non-production settings, thus ensuring that developmental and testing activities do not compromise data security.
Disk Encryption
To protect the confidentiality and integrity of information stored on all employee endpoints, DeepOrigin mandates full-disk encryption. Additionally, we continuously monitor endpoint security to promptly identify and investigate any anomalous activity.
Endpoint Detection & Response
All employee endpoints are protected with an advanced EDR solution. Endpoint security signals
are monitored regularly for anomalous activity.
Mobile Device Management
Deep Origin centrally manages and secures all employee endpoints through a Mobile Device
Management (MDM) solution. This systematic management allows us to enforce security
policies, distribute software and updates, and monitor endpoint integrity.
Threat Detection
Deep Origin's Security Team actively monitors the environment for known attacker tactics, techniques, and procedures (TTPs), as well as known malicious binaries and other suspicious activities. These regular activities are complemented by periodic reviews and investigations into anomalous activities to discover unknown threats.
Firewall
Deep Origin utilizes a combination of traditional firewalls, AWS (N)ACLs, and KubeArmour (to provide specialized firewall capabilities for Kubernetes environments) policy to secure the infrastructure end-to-end. These tools allow us to monitor and control the flow of network traffic, preventing unauthorized access and ensuring data integrity and security.
IDS
Our network activity is logged to identify potential security threats such as unauthorized access or anomalous behavior. These systems are critical for the early detection of attacks, allowing us to identify attackers and other anomalous behavior and generate alerts for further investigation.
Security Information and Event Management
Deep Origin prioritizes the secure and centralized storage of crucial infrastructure logs. Our SIEM systems continuously monitor these logs, enabling real-time analysis to detect, alert, and mitigate potential threats promptly.
Asset Management Practices
Deep Origin is committed to maintaining asset management practices that span both virtual and physical assets. Our asset management policy is designed to identify and catalog organizational assets and is updated annually.
Employee Training
Deep Origin is committed to maintaining a high level of security and privacy awareness among its personnel through comprehensive annual training programs. This training covers critical topics such as password management, mobile device security, social engineering tactics, physical security, phishing attacks, and compliance with regulations.
HR Security
To ensure the integrity and security of our operations, all new Deep Origin employees undergo a thorough background check and sign a non-disclosure agreement upon joining. These measures are part of our annually reviewed HR security policy, which mandates compliance with company policies and procedures.
Incident Response
Deep Origin maintains a documented Incident Response Plan. This plan is systematically reviewed, tested, and approved by appropriate stakeholders on an annual basis to ensure readiness and effectiveness in responding to security incidents.
Internal Assessment
Deep Origin engages in annual risk assessments. These assessments are designed to identify and address vulnerabilities within our operational environment. The findings from these assessments are reviewed and considered by an executive risk committee, which integrates these insights into broader organizational strategic planning.
Internal SSO
We utilize Single Sign-On (SSO) technology to simplify and secure the authentication process for our internal applications and to reduce the attack surface associated with multiple passwords and login credentials.
Penetration Testing
Deep Origin engages in third-party penetration testing annually and upon the release of new products to proactively identify and address security vulnerabilities within our systems. The outcomes of these tests are documented, and any findings are prioritized for remediation according to their severity.
Security Operations Center
Deep Origin operates an in-house Security Operations Center (SOC), managed by our security team. This center ensures continuous security monitoring as our activity logs are continually assessed by detection algorithms. All identified errors and anomalies are logged and analyzed through our centralized Security Information and Event Management (SIEM) system.
Acceptable Use Policy
Deep Origin requires all employees to adhere to an annually updated Acceptable Use Policy. This policy is crafted to prevent unauthorized disclosure, modification, removal, or destruction ofinformation stored across our media platforms.
Access Control Policy
Our Access Control Policy defines how access is provisioned for employees.
Code of Conduct
Employees are required to agree to our Code of Conduct during onboarding.
Cryptography Policy
We have an internal cryptography policy that defines key management and encryption standards and procedures.
Data Management Policy
All data in our platform is classified based on our Data Management Policy.
Incident Response Policy
We maintain an Incident Response plan in the event of a security related incident.
Information Security Policy
Our Information Security Policy defines the roles and responsibilities for all employees.
Operations Security Policy
We have an Operations Security Policy that defines how we log and monitor our network.
Risk Assessment/Management Policy
We have a Risk Management Policy to ensure that we conduct risk assessments on a regular basis.
Secure Development Policy
Developers are required to review and accept our Secure Development Policy annually.
Third Party Management Policy
We have a Third Party Management Policy that requires due diligence and NDAs for external parties.
Vulnerability Management Policy
We have documented Vulnerability Management policies.