SECURITY & GOVERNANCE
Extract value from your data with confidence
Protecting customer data is our highest priority. Encord was built from the ground up with enterprise-grade security, governance, and compliance at every layer.
Trusted by leading AI teams
Uncompromised security and governance
Seamless data integration
Encord seamlessly connects with your existing cloud infrastructure, allowing you to keep raw data in place whether stored in cloud data lakes, AWS S3, Azure Data Lake Storage, or Google Cloud Storage. This integration eliminates data migration headaches while maintaining full security and accessibility.
Data encryption
Encord protects sensitive data using military-grade encryption standards. All your information is encrypted at rest with AES-256, the same encryption standard trusted by governments and financial institutions worldwide. We also secure all data in transit using TLS 1.2/1.3 protocols, ensuring complete protection.
Flexible deployment options
Encord offers both US and EU deployment to be closer to data storage and helps you further comply with regulatory or internal governance requirements. We also provide private VPC and on-premises deployments for organizations with specialized security needs or strict data sovereignty requirements.
Continuous security monitoring
Encord uses automated platforms to continuously monitor security controls, ensuring ongoing compliance and protection. These systems consistently scan for vulnerabilities, detect unusual patterns, and verify that all security measures remain effective around the clock.
Multi-layered access controls
Encord implements access controls across all levels of our platform. Our role-based system distinguishes between different types of users ensuring appropriate permissions. Through precise role assignments, we maintain security without compromising workflow efficiency, allowing team members to access only the information necessary.
Enterprise readiness
Encord delivers enterprise-ready capabilities with Single Sign-On (SSO) integration for secure identity management, dedicated technical support, and scalable infrastructure designed to handle massive datasets and concurrent users without performance degradation.
Strict adherence to compliance standards
AICPA SOC 2
Encord has successfully completed its Systems and Organizational Control (SOC)-2 Examination. In doing so, Encord maintains its adherence to one of the most stringent, industry-accepted compliance frameworks for service organizations and provides additional assurance to its clients through an independent auditor that its business process, information technology, and risk management controls are properly designed.
HIPAA Compliant
Encord utilizes enterprise-grade best practices to protect our customers' sensitive health information and uses Vanta to verify its security, privacy, and HIPAA compliance controls. Vanta’s HIPAA product provides an automated approach to ensuring that organizations can demonstrate compliance.
GDPR Compliant
Encord maintains GDPR compliance through comprehensive security measures and responsible data handling practices. We continuously monitor our compliance status using Vanta's automated platform, ensuring our security controls and data protection standards consistently meet regulatory requirements while providing transparency and accountability.
Frequently asked questions
By design, Encord’s platform does not store your data when using cloud integration. We offer a range of configuration options and recommend setting up Private Cloud Integration so that your data can remain stored and protected in your own cloud storage. This integration works by having our platform authorized to request a temporary, signed URL from your storage provider and then temporarily load the data into the end-user’s browser. Alternatively, you may opt to use the Encord platform directly to store your data, in which case, your data will be stored in Google Storage with all of the standard protections you would expect (Encryption at rest with AES-256, encryption in transit via HTTPS/TLS, no public access etc). Label data is also stored in the Encord database. It is encrypted at rest with AES-256 and encrypted in transit with HTTPS over TLS.
Using our Private Cloud Integration means our platform is authorized to request a signed URL from your storage provider and then temporarily load the data (images, videos, etc.) into the end-user’s browser, without it ever being processed or stored by the Encord platform itself. If you do not wish for Encord to sign your URL’s, you may use Direct Access. You can also use a Direct Access dataset that is available via private access points or where access to the cloud data is controlled, such as via IP whitelist. Choosing this option means you will not be able to secure your dataset behind user-based access controls. If you do not wish to allow Encord the ability to download any information (but still sign URL’s), you may take advantage of the Client Side Only integration option. In order to use this, you will need to supply additional metadata within the upload JSON file as described in our documentation. Client Side Only integrations can be configured in combination with the other private cloud integration options including Direct Access.
Data at rest is encrypted with Google Managed Keys and uses AES-256 encryption.
All data in transit is protected using HTTPS over TLS and we support the latest TLS encryption (version 1.3).
Visit our trust center (https://trust.encord.com/). For any other security-related inquiries, contact our dedicated security team at security@encord.com.
Trusted by 200+ of the world’s top AI teams
Join the thousands of teams deploying production-ready AI applications with best-in-class data curation, labeling, and model evaluation tooling with Encord.
