Basis is built with multiple layers of industry-standard security to protect your clients’ data. We’re SOC 2 Type II certified for Security, Availability, and Confidentiality.

Your data never trains or improves any AI model.
Strict tenant separation across every customer.
Every agent action is logged and auditable.
Firm and client data is never shared with third parties.
Remove your data at any point.
AI steps show sources, changes, and rationale.
We never store your credentials. Access via revocable tokens only.
AES-256 and HMAC across all stored data.
HTTPS/TLS on every connection.
All customer data stored in the United States.
Strict separation between customers with role-based access.
MFA enforced across all accounts.
Regular third-party tests and vulnerability scanning.
Rehearsed program with rapid triage and notification.
Daily backups with geographic redundancy.
Available under NDA.
Compliance docs available upon request.