Enterprise Security Controls for Regulated AI Workflows

How LandingAI ADE satisfies enterprise vendor risk requirements: API key management, RBAC, SSO, ZDR, audit logging, deployment isolation, and compliance framework alignment across SOC 2 Type II, HIPAA, GDPR, and NIST CSF.

LandingAI ADE addresses enterprise vendor risk requirements across five security domains. Access is controlled through API keys with per-key revocation on Team plans and above, role-based membership with differentiated permissions, and SSO integration with Okta and Azure AD.

Document data is encrypted in transit using TLS 1.2+ and at rest using AES-256, logically segregated across tenants in the multi-tenant architecture, and eliminated entirely post-processing when Zero Data Retention (ZDR) is enabled: documents are processed in-memory, never written to storage on LandingAI systems or any sub-processor, and immediately discarded after extraction completes. Audit logging covers critical user and system activity across the platform, with extraction outputs grounded to source-document coordinates for field-level traceability.

For organizations whose requirements exceed the default multi-tenant SaaS, ADE is available in an EU region on AWS Ireland (eu-west-1) and as a containerized application inside the customer's own VPC, including air-gapped environments. These controls map to SOC 2 Type II, HIPAA, GDPR Article 32, and NIST CSF, all verifiable through the Trust Center.

Identity and Access Management

API Key Management

Every ADE API call is authenticated with an API key. On the Explore (free) plan, a single non-revocable API key is provided. On Team and Enterprise plans, organizations can create multiple API keys scoped to different services, environments, or teams and can revoke individual keys without disrupting others. This supports the principle of least privilege at the credential layer: a key used by a pipeline processing contracts can be revoked independently of a key used for HR onboarding documents. LandingAI's API key documentation recommends storing keys in environment variables rather than hardcoding them in source code.

Organizations, Roles, and Member Management

Access within an organization is governed through role-based membership. When a customer upgrades from the Explore plan to Team or above, they create an organization containing credits, API keys, and members. The Organizations and Members configuration allows administrators to invite members, assign roles with differentiated permissions, remove access, and revoke pending invitations. This structure enforces separation of duties: the team member who configures an extraction schema does not need the same access level as the administrator who manages billing or enables Zero Data Retention.

Single Sign-On (SSO)

LandingAI supports SSO integration with enterprise identity providers including Okta and Azure AD, enabling organizations to enforce existing corporate authentication policies including multi-factor authentication, session duration controls, and provisioning/deprovisioning workflows for ADE access. An employee whose corporate access is revoked loses access to ADE through the same deprovisioning workflow, eliminating a separate identity silo.

Data Security Infrastructure

Encryption Standards

All document data transmitted to and from ADE is encrypted in transit using TLS 1.2 or higher; data at rest is encrypted using AES-256. These standards apply uniformly across all ADE deployments and plan tiers and are the encryption specifications referenced in SOC 2, HIPAA, and GDPR Article 32 compliance documentation. See Security and Compliance for the full technical safeguards overview.

Logical Data Segregation

ADE operates as a multi-tenant platform where customer data is logically separated from all other organizations in the platform architecture; no cross-tenant data access is architecturally possible. Logical data segregation is a standard condition evaluated in SOC 2 Type II audits.

Zero Data Retention as a Data Governance Control

LandingAI ADE's Zero Data Retention (ZDR) option eliminates post-processing document storage at the infrastructure level: documents are processed entirely in-memory, never written to storage on LandingAI systems or any sub-processor, and immediately discarded after the extraction call completes.

From a security architecture perspective, ZDR eliminates an entire class of risk: no document content is retained after processing, so there is no stored data to be exposed in a future breach, no retention period to manage, and no deletion workflow to audit. LandingAI does not use ZDR-processed documents for model training. ZDR is available on Team and Enterprise plans, applying to both synchronous API calls and asynchronous large-file parse jobs. When ZDR is enabled for large-file processing via the Parse Jobs API, documents are supplied via pre-signed URLs from the customer's own cloud storage (S3, Azure Blob, GCS) and parsed results are written directly to a customer-controlled output URL.

Backup and Recovery

LandingAI performs regular automated backups of customer data and maintains tested disaster recovery procedures for customers not operating under ZDR. Data retention periods under non-ZDR configurations are governed by the terms of the customer's service agreement.

Audit Logging and Monitoring

LandingAI maintains an immutable record of critical user and system activity across the platform, actively monitored by the security team for threat detection and incident investigation. ADE's extraction outputs include grounding coordinates that trace each extracted field back to its precise location in the source document, supporting the end-to-end audit trail that field-level traceability requirements in regulated industries demand alongside the customer's own API request records.

Deployment Isolation Options

ADE is available in two configurations beyond the default multi-tenant SaaS for organizations whose security requirements cannot be satisfied by a shared cloud platform.

EU Region Deployment

ADE in the EU region runs on AWS Ireland (eu-west-1) with all document data stored and processed within the European Union. The EU region supports GDPR compliance and is eligible for ZDR on custom pricing plans. See the EU documentation for region-specific API endpoints and SDK configuration.

Containerized VPC Deployment

LandingAI offers ADE as a containerized application deployable inside the customer's own Virtual Private Cloud, including support for air-gapped environments. Document data never leaves the customer's infrastructure under this model; ZDR is supported in the containerized deployment. Contact LandingAI through the enterprise contact page to initiate this option.

Secure Development Lifecycle

LandingAI incorporates security at every stage of the product development lifecycle, from design and code review through testing and deployment, as documented on the Security and Compliance page. SOC 2 Type II, HIPAA, and ISO 27001 audits evaluate the processes by which a system is built and how vulnerabilities are managed over time, not only the security of the running system.

Compliance Framework Alignment

LandingAI ADE's security controls map to the compliance frameworks most commonly evaluated in regulated industry procurement reviews, verifiable through the Trust Center.

The EU-US Data Privacy Framework certification is in progress and current status is documented on the Security and Compliance page.

FAQ

What evidence does LandingAI provide for a vendor security assessment? The Trust Center is the primary resource for compliance documentation, including the SOC 2 Type II audit report, certifications, and real-time system status. The Security and Compliance page provides a structured overview of certifications, technical safeguards, and data handling policies. For additional documentation such as a Data Processing Agreement or Business Associate Agreement, contact LandingAI through the enterprise contact page.

Are audit logs accessible to customers, or only to LandingAI's internal security team? LandingAI maintains audit logs that its security team actively monitors for threat detection. Customer-facing audit log access is not described in public documentation. Regulated workflows requiring a comprehensive audit trail should maintain records at the application layer, capturing API request timestamps, document identifiers, and extraction outputs alongside LandingAI's platform-level monitoring. Contact LandingAI support to confirm what audit artifacts are available under enterprise agreements.

Does LandingAI's security posture cover sub-processors, or only the primary platform? When ZDR is enabled, the guarantee covers the entire platform including all sub-processors: no document content is written to storage at any point in the processing chain. Under standard non-ZDR configurations, LandingAI's data handling practices apply to the primary platform; sub-processor coverage details are available through the Trust Center.

Is ADE appropriate for workflows that must remain entirely within a customer's own infrastructure? Yes. LandingAI ADE is available as a containerized application deployable in a customer-owned VPC, including support for air-gapped environments, with document data never leaving the customer's infrastructure. ZDR is supported in the containerized deployment. This option requires an enterprise agreement; contact LandingAI through the enterprise contact page.

What plan tier is required to access enterprise security controls such as SSO, RBAC, and ZDR? ZDR and HIPAA compliance are available on Team and Enterprise plans. Multiple API keys with revocation capability are available on Team plans and above. The Explore (free) plan does not include ZDR, multiple API keys, or SSO and is designed for development and prototyping, not regulated production workloads. See ADE pricing and plan tiers for plan-level feature detail.