── Security
Your own AugWork. Never shared with another company.
AugWork is not multi-tenant SaaS. Every customer gets their own private version of the platform. The same setup banks, hospitals, and regulated businesses need to adopt this kind of technology without their lawyers pulling the brake.
── The promises
Three guarantees, every customer, every tenant.
Per-org dedicated
Every customer gets their own provisioned stack. Your own VMs, your own database, your own walled-garden. Not multi-tenant SaaS.
Zero training on your data
Never on AugWork's platform. Never on outside providers. Contractual, every layer, every model, every provider.
Governance built in
Lane Crashers, Shadow-AI Discovery, sentiment watch, and plain-English receipts on every action. Not a bolt-on.
── For business owners
The plain-English story.
What it means for your business, in your language. For your IT team, scroll down to the technical mechanics.
Your own private AugWork
Not a corner of a shared platform. Other customers cannot see your data, your Employees, or your conversations.
Your data stays in your walls
Conversations, files, knowledge. They live inside your AugWork and don't leave unless you tell them to.
Your Company LLM is yours
Trained on your work, your customers, your terminology. What it learns about you doesn't get shared with another AugWork customer. Ever.
Providers on your terms
Open source models hosted for your tenant by default. Claude, ChatGPT, Gemini, or Grok only when your team turns them on and only for data your team approves.
Receipts you can read
Every action leaves a plain-English paper trail. Lane Crashers catches drift. Shadow-AI Discovery surfaces unsanctioned tools.
Built to stay on, free to move
Active-active across regions, daily backups, monthly restore tests. And your data is yours. Leave AugWork or swap providers any time.
── For your IT team
The technical mechanics.
Five categories, one dedicated tenant per customer. The short version below; full diagrams and the latest SOC 2 report shared under NDA.
Tenancy & infrastructure
Each customer gets their own provisioned stack — VMs, Postgres, Redis, workers, web. Not a shared cluster with a tenant_id column. Active-active across regions on Vultr, daily backups, monthly restore tests.
Models & inference
Your Company LLM runs inside your tenant, trained on your knowledge base. Pass-through to Anthropic, OpenAI, Google, and xAI is off by default and enabled per-model by your admins. Contractual no-train on every layer.
Authentication & permissions
SSO via Microsoft Entra, Google Workspace, or Okta (SAML and OIDC). Per-user OAuth across 400+ integrations. RBAC at the user, role, and team level, inherited by default with per-page override.
Audit & governance
Every action logged with plain-English receipts in the UI and structured JSONL for export. Lane Crashers catches drift before execution. Shadow-AI Discovery surfaces unsanctioned tools. Approval gates pause workflows for named approvers.
Compliance posture
SOC 2 active program, latest report under NDA. HIPAA and GLBA handled case-by-case — the per-org dedicated architecture makes the BAA conversation straightforward. GDPR honored per-tenant. Third-party penetration testing annually.
Full architecture diagrams, data-flow maps, and the latest SOC 2 report are shared under NDA during your Value Assessment.
── How to make AI business-outcome driven
Want the full security walkthrough?
Your Customer Success team can walk your CIO through the dedicated tenant, the integration list, and the governance layer in plain English.