Legal
Security is structure, not promise.
For a company that builds cyber defense platforms and governs critical enterprise data, security is not a layer added at the end. It is a foundational principle.
01
Our security posture
Ameridata designs its products with security as a structural requirement, not as an additional feature. This means access control, traceability, context isolation, data governance, and continuous monitoring are part of each platform's architecture from the start of development.
This posture is especially relevant in Polaris, our enterprise AI web platform, where users store documents, configure corporate contexts, and interact with sensitive business information.
02
Security in the Polaris platform
Authentication and access control
Access to the platform is protected by individual credential authentication. Access control is structured by workspace, profile, and role, ensuring that each user accesses only what is due to them within the organization.
Context isolation
Each organization's data, projects, contexts, and conversations are logically isolated. No content from one organization is accessible by another.
Transmission and storage
All communication between client and platform is performed over encrypted connection. Stored data follows protection standards compatible with market best practices for cloud environments.
Traceability and audit
Relevant platform interactions, access, and actions are recorded with an audit trail. This allows organizations to monitor usage and investigate events when necessary.
Evidence governance
Polaris operates with explicit response governance — platform models are instructed not to invent facts, to indicate uncertainty, and to cite sources when applicable. This reduces the risk of decisions based on incorrect information generated by the system.
03
On-premise platforms
The other platforms in the Ameridata portfolio operate on an on-premise model, installed in the client's infrastructure. In this model, responsibility for the execution environment's security is shared between Ameridata and the contracting organization, as defined in contract.
Ameridata provides hardening guidance, secure configuration recommendations, and deployment best practices for each platform. Security updates are delivered with impact documentation and application instructions.
04
Responsible vulnerability disclosure
Ameridata encourages responsible reporting of security vulnerabilities identified in any of its products or in the institutional website. If you identified a security issue, we ask that you do not publicly disclose it before informing us, so that we can investigate and remediate it responsibly.
How to report
What to include in the report
- Clear description of the identified vulnerability.
- Affected product or environment (website, Polaris, other platform).
- Steps to reproduce the problem.
- Estimated potential impact.
- Your contact information, if you would like to receive a response.
What you can expect
- Acknowledgment of receipt within 2 business days.
- Internal investigation with progress communication.
- Public credit for the report, if desired, after the issue is resolved.
Ameridata will not take legal action against researchers who report vulnerabilities in good faith following this process.
05
Institutional commitment
Ameridata treats security as a permanent responsibility, not as a project with a delivery date. We continuously review our practices, monitor the threat landscape relevant to the markets in which we operate, and update our products as new requirements emerge.
For companies using Polaris or considering adopting any platform from the Ameridata portfolio, we are available to discuss our security posture, data protection architecture, and incident response process in a direct conversation.
Talk to Ameridata about security06