Trust Center

Security, Trust & AI Governance

Our headline commitment

Hobasa does not use client data to train models unless the client explicitly opts in through a written contractual agreement.

By default, client data is used only to deliver the contracted service, remains logically isolated per client, and is never used to improve models serving other customers. Our program is designed around the reality that Hobasa runs both conventional software and autonomous AI agents on behalf of CPA firms and their end clients, so both must be governed to the same standard.

This page is maintained by Hobasa to answer common security, privacy, and AI governance questions about our platform. It is not an independent certification or audit attestation.

No default training
Opt-in, in writing, per contract
AES-256 / TLS 1.3
At rest and in transit
24×7
Monitoring and on-call
<15 min
Sev-1 acknowledgement
Core principles

Nine principles that shape how we build and operate.

Each principle below is a working control set our engineering and security teams operate against, not a marketing aspiration.

Zero Trust Architecture

No user, service, model, or agent is trusted by default. Every connection is authenticated and every action is authorized using least-privilege access.

Client Data Isolation & Minimization

Client data is segregated by tenant, encrypted in transit with TLS 1.3 and at rest with AES-256. We collect and retain only what's required to deliver the service.

Privacy by Design

PII, PHI, and sensitive data are minimized, redacted, tokenized, or de-identified before being processed by models or agents. Residency and deletion are enforced technically and contractually.

Secure ML & GenAI Controls

We defend against prompt injection, jailbreaks, model poisoning, extraction, hallucinations, adversarial inputs, and supply-chain risks. Models and artifacts are tracked via an AI Bill of Materials, signed, scanned, and monitored.

Agentic AI Governance

Agents are governed differently than chatbots because they take actions. Every agent has a unique identity, short-lived credentials, governed tool access, parameter-level authorization, and immutable logs.

Human Accountability

High-impact or irreversible actions always require authenticated human approval. Every autonomous decision is traceable to a goal, policy decision, tool action, and a named accountable human.

Auditable Autonomy

Every significant agent action is logged and reconstructable: goal, input, tools used, policy checks, human approval, and outcome. "The AI did it" is not an acceptable answer in our governance model.

Continuous Assurance

Threat modeling, red-teaming, runtime monitoring, drift detection, anomaly alerts, and tiered containment keep systems safe after deployment, not just at launch.

Compliance Alignment

Mapped to NIST AI RMF, ISO/IEC 42001, ISO/IEC 27001, the EU AI Act, and GDPR — plus HIPAA, PCI DSS, and SOX where applicable to the workload.

Platform controls

What we operate, every day.

Continuously operated by Hobasa's security and platform teams and reviewed during our annual audit cycle.

Identity & access

  • SSO via SAML 2.0 and OIDC for all paid plans
  • Enforced multi-factor authentication for staff
  • Role-based access with least-privilege defaults
  • Just-in-time access elevation with full audit trail

Data protection

  • AES-256 at rest, TLS 1.3 in transit
  • Tenant-scoped data isolation per client
  • Customer-managed key support on Enterprise
  • Field-level redaction and tokenization for sensitive PII/PHI

Infrastructure

  • Hardened cloud environments in US regions
  • WAF and DDoS protection at the edge
  • Continuous patching and automated vulnerability scanning
  • Third-party penetration testing on a recurring cadence

Application security

  • Mandatory peer review and CI security gates
  • SAST, secret scanning, and SBOM on every build
  • Annual secure-coding training for engineering
  • Coordinated vulnerability disclosure program

Monitoring & response

  • 24×7 alerting on anomalous access and data movement
  • Centralized, immutable audit logging
  • On-call rotation with documented runbooks
  • Tabletop exercises run twice per year

Operational resilience

  • Automated backups with point-in-time recovery
  • Documented RTO of 4 hours and RPO of 1 hour
  • Multi-AZ failover for production services
  • Annual disaster-recovery testing
AI & agentic governance

How we govern models and autonomous agents.

Because Hobasa runs both GenAI features and agents that can take actions in connected systems, we operate a distinct control set for AI on top of our platform controls.

Model & data provenance

Every model, dataset, prompt template, and artifact is tracked in an AI Bill of Materials — signed, versioned, scanned for known risks, and monitored in production.

Prompt & content defenses

Input and output filters, prompt-injection detection, jailbreak heuristics, PII/PHI redaction, and grounding checks reduce hallucination and unsafe output.

Agent identity & scoping

Each agent runs with a unique workload identity, short-lived credentials, and a narrowly scoped tool catalog. Tool calls carry parameter-level authorization checks.

Human-in-the-loop gates

High-impact, financial, or irreversible actions (payments, filings, external notifications, mass data changes) require authenticated human approval before execution.

Immutable decision trail

For every agent action we retain the originating goal, policy evaluation, retrieved context, tool calls, approver, and outcome — reconstructable on demand for audit.

Red-team & drift monitoring

Ongoing red-teaming, adversarial evals, drift detection, and anomaly alerts feed a tiered containment playbook that can throttle, sandbox, or disable an agent quickly.

Data handling

Clear answers on the data questions firms ask first.

What we collect

Only financial, workforce, and account metadata your firm connects or uploads — the minimum needed to deliver the requested analysis.

Who can see it

Authorized users in your firm. Hobasa staff access is least-privilege, time-bound, and recorded in the audit log. Agents access only what their scoped tools allow.

How long we keep it

Retained for the life of the agreement. On termination, customer data is deleted from production within 30 days and from backups within 90 days, subject to legal retention.

Where it lives

Primary processing in US cloud regions with multi-AZ redundancy. Regional residency available on Enterprise; sub-processors maintained on a published list.

How it's used with AI

By default, client data is used only to deliver the contracted service. It is never used to train shared models. Training on client data requires an explicit written opt-in.

How we protect it

Tenant isolation, AES-256 at rest, TLS 1.3 in transit, field-level redaction for sensitive PII/PHI, and customer-managed keys on Enterprise.

Compliance alignment

Frameworks we map to.

Our program is designed around recognized frameworks so your audit, IT, procurement, and risk teams can evaluate us with standards they already use.

NIST AI RMF

Aligned

Govern, Map, Measure, Manage functions applied to models and agents.

ISO/IEC 42001

Aligned

AI management system principles inform our AI governance program.

ISO/IEC 27001

Aligned

Information security management controls across the platform.

EU AI Act

Aligned

Risk-tiered controls, transparency, and human oversight requirements.

GDPR & US state privacy

Aligned

DPA available on request; access and deletion honored within 30 days.

HIPAA / PCI DSS / SOX

Where applicable

Sector controls applied to workloads that fall in scope; BAA available.

SOC 2 Type II

In observation period

Targeted report on our published roadmap.

AICPA confidentiality standards

Aligned

Built around the workflow needs of CPA firms.

Status descriptions reflect Hobasa's own assessment of program maturity and are not a substitute for a third-party certification. Reports and letters of attestation, where available, are shared under NDA.

Incident response

A documented playbook, not a draft.

  1. Detect

    Monitoring, alerting, and reports from customers or researchers feed the on-call queue.

  2. Triage

    Severity assigned within 15 minutes; incident commander assembled for Sev-1 and Sev-2.

  3. Contain

    Affected systems isolated; tokens rotated; agents throttled or sandboxed; forensic snapshots captured.

  4. Notify

    Affected customers contacted without undue delay, with a written account once facts are confirmed.

  5. Learn

    Blameless postmortem within 5 business days; corrective actions tracked to completion.

FAQ

Questions firms ask us