legal / security

Security at eeko.

Security is designed into every system we build from day one, not bolted on at the end. For the regulated enterprises we serve — across financial services, healthcare, legal, and insurance — security and compliance are not features. They are preconditions.

01
Secure by default
Encryption, least-privilege access, and auditability are baseline requirements in every engagement — never optional add-ons.
02
Deploy where you trust
Cloud, customer VPC, or fully on-premises. Your data can stay entirely within your own environment.
03
Provable controls
SOC 2-aligned controls, append-only audit logs, and traceable AI decisions give you evidence, not just assurances.

1. Our Approach

eeko Systems LLC builds enterprise AI systems for organizations that operate under real regulatory and contractual obligations. We treat security and compliance as default conditions of every engagement rather than optional extras. That means we make conservative, defensible choices about how data is stored, who can access it, and how every action is recorded — and we do so before a single line of production code is written.

  • Security requirements are identified during scoping and built into the architecture, not retrofitted.
  • We apply the principle of least privilege, defense in depth, and data minimization across every system.
  • We design for auditability so that decisions and data access can be reconstructed and reviewed.

2. Data Encryption

Client data is protected in transit and at rest using strong, industry-standard cryptography.

  • Data in transit is encrypted using TLS 1.2 or higher.
  • Data at rest is encrypted using AES-256 or equivalent.
  • Encryption keys are managed through dedicated key-management services with controlled access and, where required, customer-managed keys.
  • Secrets and credentials are never stored in source code or logs.

3. Deployment Options

Different organizations have different data-residency and isolation requirements. We support a range of deployment models so that you can choose the boundary that matches your risk profile.

  • Cloud: deployed in a managed, hardened cloud environment with isolation and encryption applied throughout.
  • Customer VPC: deployed inside your own virtual private cloud, under your network and identity controls.
  • Fully on-premises: deployed entirely within your own infrastructure so that data never leaves your environment.

For sensitive workloads, on-premises and VPC deployments allow you to keep all data, models, and processing within a boundary you control end to end.

4. Access Control

Access to systems and data is granted on a strict need-to-know basis and is continuously constrained.

  • We enforce least-privilege access: identities receive only the permissions required for their role.
  • Authentication is secured through single sign-on (SSO) and, where supported, multi-factor authentication.
  • Authorization is governed by role-based access control (RBAC).
  • eeko Systems maintains no standing access to client data; access is granted only when required to deliver the engagement and is revoked when no longer needed.

5. Audit Logging & Observability

You should be able to see what happened, when, and why. Our systems are instrumented to make actions and AI decisions reviewable.

  • Security-relevant events are captured in append-only audit logs that resist tampering.
  • AI decisions are designed to be traceable, with the inputs, sources, and reasoning steps recorded where applicable.
  • Observability tooling surfaces anomalies and supports investigation and compliance reporting.
  • Logs are scoped to avoid capturing unnecessary sensitive data.

6. Compliance Alignment

We build to recognized control frameworks and design deployments to support the regulatory obligations our clients operate under.

  • Our controls are SOC 2-aligned, covering security, availability, and confidentiality principles.
  • We deliver HIPAA-aware deployments for healthcare workloads involving protected health information.
  • We support SOX-aware controls for financial-reporting environments.
  • We design GDPR-aware systems that respect data-subject rights and data-minimization principles.

7. Secure Development

Security is enforced throughout the software development lifecycle, not just at deployment.

  • Changes are subject to code review before they reach production.
  • Dependencies are monitored through automated dependency and vulnerability scanning.
  • Secrets are handled through dedicated secrets management and never committed to source control.
  • Environments are separated, and least-privilege principles apply to build and deployment pipelines.

8. Incident Response

We maintain a defined process for identifying, containing, and responding to security incidents.

  • Incidents are triaged and contained according to a documented response procedure.
  • Affected clients are notified in accordance with contractual and legal obligations.
  • Post-incident reviews identify root causes and drive corrective and preventive actions.

9. Responsible Disclosure

We welcome reports from security researchers and the broader community. If you believe you have found a vulnerability in our systems, please report it to us privately so we can investigate and remediate it.

  • Report suspected vulnerabilities to security@eeko.systems.
  • Please provide enough detail to reproduce the issue, and give us a reasonable opportunity to remediate before any public disclosure.
  • We ask that testing avoid privacy violations, data destruction, and service disruption.

10. Contact

For security questions, control documentation, or vulnerability reports, contact security@eeko.systems. For legal and contracting inquiries, contact legal@eeko.systems.

Markets served.

As an enterprise AI agency, eeko systems delivers production AI systems remote-first across the United States and internationally — including these markets:

New York City, New York (NY)

Los Angeles, California (CA)

Chicago, Illinois (IL)

Houston, Texas (TX)

Phoenix, Arizona (AZ)

Philadelphia, Pennsylvania (PA)

San Antonio, Texas (TX)

San Diego, California (CA)

Dallas, Texas (TX)

San Jose, California (CA)

Austin, Texas (TX)

Jacksonville, Florida (FL)

Fort Worth, Texas (TX)

Columbus, Ohio (OH)

Charlotte, North Carolina (NC)

Indianapolis, Indiana (IN)

San Francisco, California (CA)

Seattle, Washington (WA)

Denver, Colorado (CO)

Washington, District of Columbia (DC)

Boston, Massachusetts (MA)

El Paso, Texas (TX)

Nashville, Tennessee (TN)

Detroit, Michigan (MI)

Oklahoma City, Oklahoma (OK)

Portland, Oregon (OR)

Las Vegas, Nevada (NV)

Memphis, Tennessee (TN)

Louisville, Kentucky (KY)

Baltimore, Maryland (MD)

Milwaukee, Wisconsin (WI)

Albuquerque, New Mexico (NM)

Tucson, Arizona (AZ)

Fresno, California (CA)

Sacramento, California (CA)

Kansas City, Missouri (MO)

Atlanta, Georgia (GA)

Miami, Florida (FL)

Colorado Springs, Colorado (CO)

Raleigh, North Carolina (NC)

Omaha, Nebraska (NE)

Long Beach, California (CA)

Virginia Beach, Virginia (VA)

Oakland, California (CA)

Minneapolis, Minnesota (MN)

Tulsa, Oklahoma (OK)

Arlington, Texas (TX)

New Orleans, Louisiana (LA)

Wichita, Kansas (KS)

Cleveland, Ohio (OH)

Tampa, Florida (FL)

Bakersfield, California (CA)

Aurora, Colorado (CO)

Honolulu, Hawaii (HI)

Anaheim, California (CA)

Santa Ana, California (CA)

Corpus Christi, Texas (TX)

Riverside, California (CA)

Lexington, Kentucky (KY)

St. Louis, Missouri (MO)

Stockton, California (CA)

Pittsburgh, Pennsylvania (PA)

Saint Paul, Minnesota (MN)

Cincinnati, Ohio (OH)

Greensboro, North Carolina (NC)

Anchorage, Alaska (AK)

Plano, Texas (TX)

Lincoln, Nebraska (NE)

Orlando, Florida (FL)

Irvine, California (CA)

Newark, New Jersey (NJ)

Toledo, Ohio (OH)

Durham, North Carolina (NC)

Chula Vista, California (CA)

Fort Wayne, Indiana (IN)

Jersey City, New Jersey (NJ)

St. Petersburg, Florida (FL)

Laredo, Texas (TX)

Madison, Wisconsin (WI)

Chandler, Arizona (AZ)

Buffalo, New York (NY)

Lubbock, Texas (TX)

Scottsdale, Arizona (AZ)

Reno, Nevada (NV)

Glendale, Arizona (AZ)

Gilbert, Arizona (AZ)

Winston-Salem, North Carolina (NC)

North Las Vegas, Nevada (NV)

Norfolk, Virginia (VA)

Chesapeake, Virginia (VA)

Fremont, California (CA)

Garland, Texas (TX)

Richmond, Virginia (VA)

Baton Rouge, Louisiana (LA)

Boise, Idaho (ID)

San Bernardino, California (CA)

Spokane, Washington (WA)

Des Moines, Iowa (IA)

Modesto, California (CA)

Birmingham, Alabama (AL)

Tacoma, Washington (WA)

Fontana, California (CA)

Oxnard, California (CA)

Fayetteville, North Carolina (NC)

Huntsville, Alabama (AL)

Moreno Valley, California (CA)

Rochester, New York (NY)

Glendale, California (CA)

Yonkers, New York (NY)

Augusta, Georgia (GA)

Amarillo, Texas (TX)

Little Rock, Arkansas (AR)

Akron, Ohio (OH)

Shreveport, Louisiana (LA)

Grand Rapids, Michigan (MI)

Mobile, Alabama (AL)

Salt Lake City, Utah (UT)

Huntsville, Texas (TX)

Tallahassee, Florida (FL)

Overland Park, Kansas (KS)

Knoxville, Tennessee (TN)

Worcester, Massachusetts (MA)

Brownsville, Texas (TX)

New Port Richey, Florida (FL)

Jackson, Mississippi (MS)

Providence, Rhode Island (RI)

Fort Lauderdale, Florida (FL)

Sioux Falls, South Dakota (SD)

Tempe, Arizona (AZ)

Cape Coral, Florida (FL)

Springfield, Missouri (MO)

Pembroke Pines, Florida (FL)

Eugene, Oregon (OR)

Peoria, Arizona (AZ)

Corona, California (CA)

Lancaster, California (CA)

Rockford, Illinois (IL)

Salinas, California (CA)

Palmdale, California (CA)

Springfield, Massachusetts (MA)

Charleston, South Carolina (SC)

Duluth, Minnesota (MN)

London, England (ENG)

Dublin, Ireland (IRE)