Frequently Asked Questions

How does raia ensure tenant security and data isolation?

At raia, protecting customer data and ensuring strict tenant isolation is a core security commitment. Our platform is designed so that each organization’s data is logically separated and accessible only to authorized users:

1. Row-Level Security: All data is stored in a single database with row-level security policies. Every record is tagged with an organization_id, and all queries are automatically scoped to the current tenant’s organization_id. This ensures that no data belonging to one organization can ever be accessed by another.

2. Role-Based Access Control (RBAC): Within each tenant, raia implements granular RBAC. Users are assigned specific roles and permissions, limiting access to only the data and actions appropriate to their responsibilities.

3. Cloud-Native Security: The platform is hosted on Google Cloud Platform (GCP), which provides encryption of data at rest and in transit, IAM-based authentication, and continuous monitoring via Google Cloud Operations Suite.

4. Independent Audit Assurance: These security measures have been independently audited and validated as part of raia’s SOC 2 Type II certification, providing assurance that our tenant isolation and access controls are both properly designed and operating effectively.

Together, these measures ensure that your organization’s data is both isolated from other tenants and further protected internally by strict user access policies.

Do logs capture only schema/queries, or do they also include actual PII/transactional data? Can sensitive fields be masked or redacted?

System and application logs are primarily designed to capture operational metadata (queries, events, system performance) rather than PII or transactional data. Sensitive data such as user inputs, credentials, or identifiers can be masked or redacted before being stored in logs. Access to logs is restricted through role-based permissions and monitored under SOC 2 controls.

When logs are deleted after 90 days, how quickly are backups purged?

Deleted logs are removed from active storage after 90 days. Backup systems follow a consistent purge policy aligned with SOC 2 retention standards, ensuring that expired log data is also removed from backup repositories within 30 days of deletion.

Can we enforce model restrictions so that GPT-5/4o are the only defaults?

Yes. Raia Launch Pad allows administrators to configure which models are available to agents. Organizations can restrict usage so that only approved models (e.g., GPT-5 or GPT-4o) are used by default. This is enforced at the agent or org level in the Launch Pad settings.

How is tenant isolation enforced — database separation, row-level security, or per-tenant encryption keys?

Raia enforces tenant isolation using row-level security (RLS). Each database record is tagged with an organization_id, and queries are automatically scoped to that tenant’s ID. This prevents cross-tenant data access. On top of that, role-based access control (RBAC) is applied within each tenant to further restrict user access .

Which LLM provider/endpoint are they actually using (OpenAI, Azure OpenAI, etc.), and is Zero Data Retention (ZDR) enabled?

• Raia is built on OpenAI’s enterprise models, delivered through a secure API endpoint.

• OpenAI’s SOC 2 Type II report confirms hosting on Azure and Snowflake with enterprise-grade security.

• Data from Raia agents is not used to train OpenAI models (Zero Data Retention). This is explicitly part of the Enterprise agreement and enforced by policy.