Security & Compliance

How AKIOS protects your data, ensures model safety, and helps you meet compliance requirements (SOC2, HIPAA).

Data Privacy#

Zero-Retention Policy

By default, the AKIOS control plane is pass-through. We do not store your prompts or completions unless you explicitly enable the Audit Log feature. Your data is encrypted in transit (TLS 1.3) and never used to train our models.

Secret Management#

Encryption at Rest

API keys (OpenAI, Anthropic) stored in AKIOS Cloud are encrypted using AES-256-GCM. Keys are decrypted only within the secure enclave of the runtime environment at the moment of execution.

Best Practice

Rotate your keys regularly. Use the akios secrets rotate command to update keys without downtime.

Compliance Guardrails#

Automated Policy Enforcement

Enterprises can define global policies that apply to all agents in an organization.

PII Redaction

Automatically detect and mask credit cards, SSNs, and emails.

Topic Blocking

Prevent agents from discussing competitors or political topics.

Rate Limiting

Prevent cost overruns and denial-of-service attacks.

Audit Trails

Log every input/output pair with cryptographic signatures.

Implementation Example

typescript

import { Guardrails, DetectPII, BlockTopic } from '@akios/security'

const rails = new Guardrails({
  input: [
    // Redact sensitive info before it hits the LLM
    DetectPII.configure({ types: ['email', 'phone', 'ssn'] }),
    // Block prompts that try to bypass rules
    BlockTopic.configure({ 
      topics: ['competitor_names', 'politics'], 
      sensitivity: 'high' 
    })
  ],
  output: [
    // Ensure the model doesn't leak internal IPs
    DetectPII.configure({ types: ['ip_address'] })
  ]
})

const agent = new Agent({
  name: 'secure-agent',
  guardrails: rails
})