Security Datasheet

Enterprise-Grade Security
for Knowledge Transfer

Exit Insights processes sensitive employee data with encryption, automated PII detection, compliance annotations, and human-in-the-loop checkpoints at every stage.

PII patterns detected

Automatic identification and redaction

HITL checkpoints

Human approval at every stage

AES-256

Encryption standard

At rest and in transit

Data shared with third parties

Your data stays yours

Security Controls

Six layers of security protect your organization's sensitive knowledge transfer data.

🔒

Data Encryption

All data is encrypted at rest and in transit using industry-standard protocols.

AES-256 encryption at rest for all stored artifacts and generated documents
TLS 1.3 for all data in transit between client and server
Encryption keys managed per-tenant — no shared key material
Database-level encryption with automated key rotation

🛡️

PII Detection

74 pattern types automatically identified and flagged before document generation.

74 PII patterns including SSN, credit cards, phone numbers, addresses, and medical IDs
Regex + contextual analysis for high-precision detection
Automatic redaction suggestions in generated documents
PII findings surfaced in the Security Review document for human review

📋

Compliance Annotations

Framework-specific compliance markers throughout generated documents.

GDPR — data subject rights, processing basis, retention requirements
HIPAA — PHI identification, minimum necessary principle, BAA support
SOX — financial data controls, audit trail, access documentation
CCPA, FERPA, PCI-DSS — additional framework annotations as applicable

👤

Human-in-the-Loop Checkpoints

Three mandatory review gates ensure humans approve every step of the process.

Checkpoint 1: Data scope approval — review which artifacts will be analyzed before processing begins
Checkpoint 2: Sensitive content review — approve or redact flagged PII and credentials before document generation
Checkpoint 3: Final package review — approve the complete knowledge transfer package before distribution

🏢

Self-Hosted Deployment

Enterprise tier includes fully self-hosted deployment — your data never leaves your infrastructure.

Docker-based deployment for on-premises or private cloud
Bring your own LLM API key — processing stays within your environment
No data transmitted to Exit Insights servers in self-hosted mode
Also available as a CLI tool for fully local, air-gapped processing

✅

SOC 2 Readiness

Current security controls aligned with SOC 2 Type II requirements.

Access controls — role-based permissions, MFA support, session management
Audit logging — all data access, document generation, and user actions logged
Change management — version-controlled infrastructure, automated deployments
Incident response — documented procedures, automated alerting, retention policies

Data Flow & Controls

Every step of the knowledge transfer process includes security controls and human oversight.

Upload

Artifacts encrypted in transit (TLS 1.3) and at rest (AES-256). File type validation prevents malicious uploads.

Scan

PII detection engine scans all artifacts. 74 pattern types flagged. Credentials and secrets identified.

Review

HITL checkpoint — human reviews flagged content, approves scope, and authorizes document generation.

Generate

Documents generated with compliance annotations. Sensitive content redacted per review decisions.

Need a Custom Security Review?

Enterprise customers receive a dedicated security review, custom compliance configuration, and self-hosted deployment support. Contact us to discuss your requirements.

View Enterprise Plan Try the Demo

Enterprise-Grade Securityfor Knowledge Transfer