EngMind — Security & Trust

Architecture

Six pillars of secure design.

EngMind’s architecture is built on a small set of non-negotiable principles. Every analysis the platform runs sits inside this frame.

🔒

Secure multi-tenant architecture

Each tenant operates in an isolated logical envelope. Project data, findings, and analysis state never cross tenant boundaries.

🛡

Tenant-scoped access control

Access is scoped per tenant, per project, and per role. Project members only see the projects they are assigned to.

📋

Project-based storage policy

Drawings, evidence, and findings are stored per project, with download and deletion controls available at any time.

👤

Founder-approved access (Beta)

During V1 Beta, every tenant is approved by the EngMind founder. We earn trust before we scale.

⛔

No customer data trains models

No customer drawing or finding is used to train any AI model. The platform calls AI providers under controlled, scoped contexts only.

📊

Audit events & cost tracking

Every analysis, retention action, and access event is captured for audit. Usage and cost are tracked for every analysis you run.

Storage Integrations

Live in Beta. Roadmap clear.

EngMind is designed to live alongside your existing engineering document systems. V1 Beta supports a focused set of storage integrations. Additional enterprise storage options are tracked on the roadmap and will be activated as customer engagements call for them.

Live in V1 Beta

Active integrations

✓

EngMind-managed GCP storage — Default secure storage option managed by EngMind on Google Cloud Platform.

✓

Google Drive — Connect customer Google Drive sources for project document ingestion.

✓

Microsoft SharePoint & OneDrive — Connect customer SharePoint and OneDrive sources for project document ingestion.

Under roadmap consideration

Future integrations

○

Azure Blob Storage — Architecture-prepared.

○

Customer Google Cloud Storage — Architecture-prepared.

○

AWS S3 — Roadmap consideration.

○

Box — Roadmap consideration.

○

Dropbox — Roadmap consideration.

Identity & SSO

Identity posture: Beta and roadmap.

Live in V1 Beta

Today’s identity stack

✓

Firebase Auth + Google Identity Platform — Modern, secure identity management.

✓

Founder-approved tenant allowlist — Every tenant explicitly approved during V1 Beta.

Under roadmap consideration

Enterprise SSO

○

SAML 2.0 — Roadmap consideration.

○

Microsoft Entra ID (Azure AD) — Roadmap consideration.

○

Okta — Roadmap consideration.

○

Custom enterprise SSO — Available case-by-case for design partners.

Encryption

Encryption planned by design.

EngMind is designed with encryption at rest and in transit. Specific algorithms and protocols will be communicated upon validated implementation and audit — we will not claim what we have not verified.

🔐

At rest

Drawings, findings, and analysis state are designed to be encrypted at rest in their respective storage layers.

🔒

In transit

All traffic between client, platform, and AI provider is designed to traverse encrypted, modern transport channels.

🛡

No direct AI provider access

Customers do not connect directly to external AI providers. EngMind brokers all AI calls under scoped, controlled contexts.

Compliance Roadmap

Compliance programs are part of the roadmap.

The frameworks below are part of EngMind’s security roadmap. Status will be communicated according to verified implementation, not aspiration. We will not market a certification we do not hold.

SOC 2 Type II

Roadmap

ISO 27001

Roadmap

GDPR

Alignment

LGPD

Alignment

Data Controls

You stay in control of your drawings.

EngMind gives the customer explicit control over the data they bring to the platform.

✓
Self-service download & deletion Per-job and per-account download and deletion, with confirmation. Account closure purges all customer data within twenty-four hours.
✓
Audit trail Every analysis, retention action, and access event is captured. Audit data retained for 365 days for active accounts.
✓
Confidential by design No customer drawing or finding is used to train any model. Ever.
✓
Cost tracking Usage and cost are tracked for every analysis your team runs, surfaced in the dashboard.

Security Overview

Request the security overview deck.

For procurement, IT, security, and architecture teams — we share the full security overview under NDA. Reach out and we will route the deck and a 30-minute walkthrough.

Request the security overview Request a Demo