Home / Your infrastructure, your rules — data never leaves your perimeter.
Security & Deployment

Your infrastructure, your rules — data never leaves your perimeter.

CVS is engineered for security teams that will not approve a black box. Multi-tenant RBAC, four deployment models up to full air-gap, and layered isolation give you execution sovereignty — not just a data-residency promise.

Access Control

Multi-tenant RBAC with SSO, from tenant down to every audit event.

Access in CVS follows a strict hierarchy: Tenant → Instance → Workspace/Department → Role → User → Permission → Audit Event. Each tenant is isolated from every other, and instances partition knowledge within a tenant so a department only ever sees what it is entitled to.

Identity is handled through your existing SSO via SAML or OIDC, with RBAC at the core and optional ABAC policies for attribute-based rules. Every query and every piece of evidence access is written to a tamper-evident audit trail — the minimum-necessary standard enforced in software, not in policy documents.

  • Hierarchy: Tenant → Instance → Workspace/Department → Role → User → Permission → Audit Event
  • SSO via SAML or OIDC; RBAC with optional ABAC attribute policies
  • Strict per-tenant and per-instance isolation — no cross-tenant leakage by design
  • Audit trail records every query and every evidence access for compliance and incident review
Multi-tenant RBAC with SSO, from tenant down to every audit event.. Access in CVS follows a strict hierarchy: Tenant → Instance → Workspace/Department → Role → User → Permission → Audit Event. Each tenant is isolated from every other, and instances partition knowledge within a tenant so a department only ever sees what it is entitled to.
Deployment

Four deployment models on a control gradient.

CVS spans the full range from fastest start to maximum control: CVS Cloud, Dedicated Cloud, Self-Hosted, and Air-Gap. Cloud gets you live in under 48 hours with managed updates; dedicated cloud gives single-tenant isolation in your AWS, Azure, or GCP region with bring-your-own-key encryption.

Self-Hosted runs entirely inside your perimeter on Docker Compose or Kubernetes, with local LLMs served through Ollama or vLLM. Air-Gap goes further — zero external API calls, no telemetry, no phone-home, with updates delivered on physical media. Every tier supports the same generic compliance posture: SOC 2, GDPR, and HIPAA-aligned controls.

  • CVS Cloud, Dedicated Cloud, Self-Hosted, and Air-Gap — pick your point on the control gradient
  • Self-hosted on Docker Compose or Kubernetes with local LLMs via Ollama or vLLM
  • Air-gap: zero external calls, no telemetry, updates via secure physical media
  • BYOK encryption, single-tenant dedicated cloud, and SOC 2 / GDPR / HIPAA-aligned controls across every model
Four deployment models on a control gradient.. CVS spans the full range from fastest start to maximum control: CVS Cloud, Dedicated Cloud, Self-Hosted, and Air-Gap. Cloud gets you live in under 48 hours with managed updates; dedicated cloud gives single-tenant isolation in your AWS, Azure, or GCP region with bring-your-own-key encryption.
Isolation

Layered data isolation, end to end.

CVS isolates data at every layer of the request path: User/SSO authenticates the caller; the API gateway enforces policy; the tenant boundary and instance boundary partition knowledge; encrypted stores hold data at rest; and answer generation runs against a local or explicitly approved LLM backend. Every step lands in the audit log.

In self-hosted and air-gap modes the perimeter is absolute — data, models, indexes, answers, and logs all stay inside your environment, encrypted with AES-256 at rest and TLS 1.3 in transit. This is full execution sovereignty, the architecture behind generic SOC 2, GDPR, and HIPAA compliance rather than a marketing badge.

  • Request path: User/SSO → API gateway → tenant boundary → instance boundary → encrypted stores → approved LLM → audit log
  • Answer generation against local (Ollama/vLLM) or explicitly approved LLM backends only
  • AES-256 at rest, TLS 1.3 in transit; data, models, indexes, and logs stay in your perimeter
  • Architecture designed to satisfy SOC 2, GDPR, and HIPAA control requirements
Layered data isolation, end to end.. CVS isolates data at every layer of the request path: User/SSO authenticates the caller; the API gateway enforces policy; the tenant boundary and instance boundary partition knowledge; encrypted stores hold data at rest; and answer generation runs against a local or explicitly approved LLM backend. Every step lands in the audit log.
Closed perimeter

Your infrastructure. Your rules. Data stays in Canada.

Not "data residency" marketing — full execution sovereignty. Data, models, indexes, answers, and audit logs all remain within Canadian jurisdiction. Zero external API calls in air-gap mode. No US Cloud Act exposure.

Quick start

CVS Cloud

  • Live in under 48 hours
  • Automatic updates and security patches
  • 99.9% SLA with uptime monitoring
  • Data in Canadian data centres (Montreal and Toronto)
Balanced control

Dedicated Cloud

  • Single-tenant isolation — no shared resources
  • AWS ca-central-1 (Montreal), Azure Canada Central, or GCP northamerica-northeast1
  • Bring your own encryption keys (BYOK)
  • VPC peering, SLA up to 99.99%
Full control

Self-Hosted

  • Data never leaves your perimeter
  • Local LLMs via Ollama or vLLM
  • Docker Compose or Kubernetes deployment
  • Full PIPEDA and Quebec Law 25 compliance
Maximum security / Remote sites

Air-Gap

  • Zero external API calls — completely disconnected
  • No telemetry, no phone-home, no licence beacons
  • Designed for remote mining and energy sites without connectivity
  • Sync-when-connected mode for intermittent satellite links
PIPEDAQuebec Law 25PHIPACSA Cloud ControlsAES-256 / TLS 1.3RBAC + SSOFull Audit TrailOSFI B-13 Aligned

Bring your InfoSec team to the table.

We will walk through the isolation architecture, deployment options, and audit model — and stand up an air-gapped proof of concept inside your perimeter.

Request a Security Review