Enterprise Security Built for Professional Services
Your firm's knowledge stays yours. Centring uses enterprise grade encryption and Microsoft 365 native security to protect client data and institutional knowledge at every layer.
1. Data Security & Encryption
Centring operates within your Microsoft 365 environment using Microsoft's enterprise infrastructure. All data transmission uses TLS 1.3 encryption, and data at rest is encrypted with AES 256. Your firm's documents, meeting transcripts, and client information remain in your Azure tenant, we never move it to external servers or third party storage.
Key Features:
• End-to-end encryption for all data in transit and at rest
• Zero knowledge architecture for sensitive document content
• Data residency controls to meet regional compliance requirements
• No data exfiltration; all processing happens in your tenant
2. Access Controls & Permissions
Centring inherits Microsoft 365's role based access controls and adds project level permissions. Partners control which precedents junior staff can access, which projects they can view, and what AI capabilities are available. Every document, meeting transcript, and generated insight respects your existing SharePoint permissions, if someone can't see it in SharePoint, they can't see it in Centring.
Key Features:
• Microsoft Entra ID (Azure AD) integration for single sign-on
• Role based access controls at project and document level
• Automatic permission inheritance from SharePoint
• Multi-factor authentication enforcement
• Session management and automatic timeout
3. AI Model Security & Private Training
Centring provides the infrastructure for your firm to build and continuously refine its own private AI model. Project data, tasks, and deliverables are securely stored to inform retrieval augmented generation (RAG) systems unique to your organization—capturing your firm's best practices, language, and precedent without ever exposing data externally. All training and inference occur within your dedicated environment, with full audit logging, role based access control, and zero cross-firm data sharing.
Key Features:
• Dedicated model instances isolated per firm
• Private RAG systems trained exclusively on your precedents
• Zero data retention by foundation model providers
• PII detection and redaction before model processing
• Prompt injection prevention and content filtering
• Full audit logs of all AI interactions
4. Long-Term Memory & Institutional Archive
Centring's long-term memory system captures and indexes every validated insight, approved precedent, and successful methodology from your engagements. This persistent knowledge archive feeds your firm-specific RAG system, ensuring future projects automatically surface relevant historical context—even from engagements years in the past. As your archive grows, your AI becomes more accurate and aligned with your firm's proven approaches, all while maintaining strict access controls and audit trails.
Key Features:
• Continuous indexing of validated project outcomes
• Temporal search across your firm's complete history
• Automatic precedent surfacing based on project context
• Archive snapshots for compliance and disaster recovery
• Granular retention policies per document type
• Full lineage tracking from archive to AI suggestion
5. Compliance
Professional services firms operate under strict regulatory requirements. Centring is designed to help you maintain compliance rather than create new risks.
Key Features:
• Microsoft 365 Certified: Verified integration with Microsoft security standards
• Right to deletion and data portability
• Subprocessor transparency and vendor risk management
6. Multi-Tenant Isolation
Each firm operates in a logically isolated environment. Your precedents, meeting transcripts, and AI-generated content are completely separated from other customers at the database, application, and AI model level. Even our support team cannot access your data without explicit permission and audit logging.
Key Features:
• Database level tenant isolation with encrypted separation
• Separate AI model contexts per tenant
• No cross-tenant data leakage possible by design
• Encrypted tenant keys managed through Azure Key Vault
• Regular isolation testing and security validation
7. Monitoring & Incident Response
Our security operations center monitors all system activity for anomalies, unauthorized access attempts, and potential threats. Every action in Centring generates an audit log—who accessed what document, when AI was used, what precedents were surfaced, and what changes were made. If we detect a potential security incident, our response team follows a documented procedure with clear customer communication protocols.
Key Features:
• Real time security monitoring and threat detection
• Complete audit trails for compliance and forensics
• Automated alerting for suspicious activity
• 4 hour response time for security incidents
• Annual third party penetration testing
8. Secure Development Practices
Every feature is built with security as a requirement, not an afterthought. Our development team follows secure coding practices, conducts peer code reviews, and uses automated security scanning before any code reaches production. Dependencies are continuously monitored for vulnerabilities, and we maintain a rapid patching schedule for any identified issues.
Key Features:
• Automated security scanning in CI/CD pipeline
• Dependency vulnerability monitoring and patching
• Regular code audits and security reviews
• Secure secrets management (no hardcoded credentials)
• Container security scanning and image signing
• Infrastructure as code with security guardrails