Security

Security built for regulated migrations.

Migrations touch production data, credentials, and business logic. Our architecture is designed so you control where data lives and who can access it.

Data handling

We process only the metadata and assets required to perform the migration — workbook definitions, data source connections, calculated fields, and report layouts. We do not retain client data beyond the engagement unless contractually required for support.

  • Data encrypted in transit (TLS) for cloud deployments
  • Data encrypted at rest on QueryNorth infrastructure during cloud engagements
  • Client data deleted from QueryNorth infrastructure upon engagement completion
  • No client data used to train models or shared with third parties

Deployment isolation

Every engagement is delivered in the deployment mode your environment requires. Our migration tooling has no external API dependencies, which is what makes on-premises and air-gapped deployment viable.

Cloud

QueryNorth-hosted infrastructure. Client data encrypted in transit and at rest. Deleted upon engagement completion.

On-Premises

Tooling runs inside your infrastructure. No data leaves your network. QueryNorth operates under your access controls.

Air-Gapped

Fully isolated. No internet access required. Physical delivery available for classified and high-security environments.

Access controls

Access to client environments and migration artifacts is limited to the dedicated architect assigned to your engagement. We follow least-privilege principles and can align with your existing identity, VPN, and audit requirements.

  • Dedicated architect per engagement — no rotating offshore teams
  • Credentials stored and transmitted per client security policy
  • Activity logs available on request for on-premises and air-gapped deployments
  • NDA and custom security addenda available for enterprise and government clients

Certifications

QueryNorth does not currently hold SOC 2, ISO 27001, FedRAMP, or other third-party security certifications. We are structured to support client security reviews, questionnaires, and on-premises or air-gapped deployments where your infrastructure provides the compliance boundary.

If your procurement process requires a specific attestation, contact us at hello@querynorth.com — we will respond honestly about what we can provide today.

Discuss your security requirements

Tell us about your deployment constraints and compliance needs. We scope every engagement before work begins.

Schedule Assessment