Back to blog

SOC 2 Type 1 Audit

Company Updates
5 minutes
read
July 28, 2025
Anthony Scalzitti
SOC 2 Type 1 Audit

Back to blog

SOC 2 Type 1 Audit

Industry:
No items found.
Systems:
No items found.
Function:
No items found.

Lumi AI Successfully Completes SOC 2 Type 1 Audit

We’re excited to announce that Lumi AI has successfully completed the SOC 2 Type 1 Audit. This achievement marks a step forward in our mission to deliver intelligent, secure, and trustworthy AI-powered analytics for enterprises around the world.

Whether you’re a retail brand optimizing supply chains across regions or a CPG company managing sensitive consumer data and complex inventory systems, we understand how critical it is that your technology partners operate with the highest levels of trust and compliance. From store level inventory analytics to basket analysis, your business depends on data that is not only powerful but protected.

What is SOC 2 Type 1?

Developed by the American Institute of Certified Public Accountants (AICPA), the Service Organization Control 2 (SOC 2) framework is the gold standard for evaluating whether a company is properly safeguarding customer data. For those interested in diving deeper into the SOC 2 framework, we recommend the following resources for additional reading and context:

Welcome to the Lumi AI Trust Center: Security, Compliance & Transparency You Can See

In an era where data drives every decision transparency isn’t optional. It’s essential. That’s why we created the Lumi AI Trust Center: a single destination for customers, partners, and prospects to review how we secure, govern, and protect your most valuable assets: your data, your workflows, and your trust.

Whether you're conducting a security assessment, preparing for vendor due diligence, or simply want to know how Lumi AI aligns with your organization’s risk and compliance standards, the Trust Center offers real-time visibility into our security posture, policies, and controls.

A Clear Window Into Lumi AI’s Security Architecture

The Lumi AI Trust Center is more than just a compliance badge. It's a repository of our security infrastructure, built to help your team make informed decisions with confidence. Here’s what you’ll find:

Infrastructure Security

We operate a cloud-native platform that leverages modern infrastructure-as-code and zero-trust principles from the ground up. Our backend systems are hosted in secure environments (primarily AWS), with strict network segmentation, traffic filtering, and container isolation.

Key highlights:

  • Regular penetration tests by third-party security firms
  • Automated vulnerability scanning across infrastructure and dependencies
  • Cloud provider security services like AWS GuardDuty and Security Hub
  • Real-time infrastructure monitoring and threat detection

Product Security

Lumi AI is designed with security features that ensure your data is safe every time you interact with the platform, whether you’re asking a question in natural language or visualizing complex analytics.

Security measures built into the product include:

  • Granular Role-Based Access Control (RBAC)
  • Least privilege defaults for all user roles
  • Secure authentication with SSO and MFA support
  • Audit logs that track data access, dashboard changes, and administrative actions

We also provide customizable permission layers so that data access reflects your internal team structure and data team permission sets.

Data & Privacy Protections

Lumi AI doesn’t ingest your raw data or export it from your environment. Instead, our system connects securely to your warehouse or lakehouse (e.g., Snowflake, BigQuery, Redshift) and performs all processing in-place.

We also adhere to strict data protection practices, including:

  • End-to-end encryption using TLS 1.2+ and AES-256
  • No model training on customer data
  • Transient query execution without persistent data storage
  • Compliance-aligned data processing workflows that support GDPR, CCPA, and other global frameworks

Our privacy policies are documented and available within the Trust Center, and we’re transparent about the scope, purpose, and limits of any data we interact with.

Organizational Security & Internal Practices

Lumi AI enforces a set of internal controls and governance policies that ensure every employee, from engineering to support, operates with security top-of-mind.

Key practices include:

  • Security training for all employees
  • Background checks as part of our pre-hire process
  • Enforced least-privilege access for internal systems
  • Regular review of incident response procedures
  • Code reviews and automated checks in CI/CD pipelines

Access to production systems is strictly controlled, and changes are monitored and logged for accountability.

Compliance Reports & Certifications

Lumi AI’s Trust Center includes documentation and evidence to support your compliance needs and security reviews. As of now, you’ll find:

  • Our SOC 2 Type 1 attestation report (with SOC 2 Type 2 underway)
  • Signed Data Processing Agreements (DPAs)
  • Our security whitepaper
  • Details on our roadmap for additional frameworks, including ISO 27001

If you're a security or IT leader conducting vendor reviews, the Trust Center streamlines the documentation process. You get instant access to the most recent evidence and policies, directly from the source.

Real-Time Updates and Ongoing Monitoring

Our Trust Center is continuously updated to reflect the latest changes in our security posture, infrastructure improvements, policy updates, and compliance milestones.

We use Vanta to automate and monitor our controls in real time, giving our team, and yours, immediate visibility into the health of our compliance posture. You can review this live monitoring dashboard through the Trust Center, which includes evidence of:

  • Employee security training status
  • Access control configurations
  • Policy enforcement levels
  • Monitoring and alerting systems

This gives your compliance team the kind of dynamic, real-time assurance that spreadsheets and static documents simply can’t provide.

Built to Make Vendor Security Reviews Easy

We know that evaluating a new analytics platform means answering a long list of internal security questions. With the Lumi AI Trust Center, we’ve taken the friction out of that process. Whether you need:

  • Policy PDFs and encryption documentation
  • SOC 2 reports and audit logs
  • Security FAQ responses for your procurement team
  • A point-by-point response to your security questionnaire

Lumi AI Enterprise Grade Security

At Lumi AI, security is a design principle. From the moment we began building our platform, we knew that analytics for modern enterprises could only scale if data security and access controls were first-class citizens.

Here's how we make that vision real:

1. Zero Trust Infrastructure

We adopt a zero trust architecture, where no device, user, or system is inherently trusted by default. Every request must be authenticated and authorized according to strict protocols.

2. Granular Role-Based Access Control (RBAC)

Our Role-Based Access Control system provides fine-grained access control over data, insights, and actions within Lumi AI. This allows organizations to enforce internal data policies, segment information by department or role, and reduce the risk of unauthorized access, essential for mid-size to large enterprises managing sensitive data.

3. Data Never Leaves Your Network

We take data residency and privacy one step further. Raw data stays entirely within the customer’s network. Lumi AI connects securely but never copies or extracts sensitive data into our own systems.

4. No Model Training on Customer Data

Unlike many AI platforms that mine and train on customer data to improve their algorithms, Lumi AI never trains any AI model on your company’s proprietary information.

This ensures:

  • No unintended model leakage
  • No intellectual property exposure
  • No surprises around model behavior

5. Encrypted Data in Transit and at Rest

We leverage TLS 1.2+ encryption for all data in transit, and all data at rest is protected using industry-standard AES-256 encryption protocols. Whether you’re streaming dashboards or syncing across sources, your information is secured every step of the way.

Want to Learn More? Let’s Talk

The SOC 2 Type 1 milestone is just one part of our journey. We’re constantly improving our systems, controls, and transparency so you can rely on Lumi AI as a long-term partner in data intelligence.

If you're evaluating analytics platforms o want to explore how Lumi AI could support your security and data requirements, we’d love to connect.

👉 Schedule a call with our team here: https://www.lumi-ai.com/schedule-a-demo

We’ll show you:

  • A personalized walkthrough of our platform
  • How we fit into your architecture securely
  • Our roadmap for SOC 2 Type 2 and beyond
  • Use cases tailored to your industry or department

Trust is Earned, Not Claimed

The completion of our SOC 2 Type 1 audit is one important step, but we know it’s just the beginning. We’ll continue to hold ourselves to the highest standards so that your teams can move faster, think bigger, and operate confidently, knowing your data is protected by a partner who takes security as seriously as you do.

Thank you for being part of the journey. Let’s build the future of secure, intelligent analytics together.

Visit our Trust Center: https://trust.lumi-ai.com

Explore our security practices: https://www.lumi-ai.com/security

Talk with us: https://www.lumi-ai.com/schedule-a-demo

Related Posts
Lumi AI Shoptalk Spring 2025
Company Updates
Apr 9, 2025
Lumi AI Shoptalk Spring 2025
Plug and Play Silicon Valley Summit 2024
Company Updates
Feb 20, 2025
Plug and Play Silicon Valley Summit 2024
Lumi AI secures $3.7 in Seed Funding
Company Updates
Mar 24, 2025
Lumi AI secures $3.7 in Seed Funding
Generative AI for Data Analytics: Lumi AI Funding
Company Updates
Jan 16, 2025
Generative AI for Data Analytics: Lumi AI Funding

The New Standard for Enterprise Analytics

Make Better, Faster Decisions.

Book A Demo

Enterprise Analytics Platform
Instant, Actionable Insights

Thank you! You've been added to our newsletter.
Oops! Something went wrong while submitting the form.
SOLUTIONS
BY TEAMS

Data

Supply Chain

Procurement

Sales & Customer Ops

Merchandising

FP&A

BY INSIGHT TYPE

Supply Chain Planning & Visibility

Sales & Customer Insights

Warehouse Operations

PRODUCT

Self-Service Analytics

Conversational Analytics

Visualizations

Knowledge Management

Integrations

Security

Trust Center

Pricing

Lumi AI Status

COMPANY

Careers

RESOURCES

Blog

Case Studies

Analytics 101

Documentation

Privacy Policy

Copyright @Lumi AI 2025, All right reserved.

Cookie Settings

By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage and assist in our marketing efforts.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Accept All CookiesSave Settings
cookie icon

Cookie Settings

We use cookies and similar technologies to help personalise content, tailor and measure ads, and provide a better experience. By clicking OK or turning an option on in Cookie Preferences, you agree to this, as outlined in our cookie Policy.

Allow AllReject

Customize