Security isn't a feature we added. It's how we built inou from day one.
Most services run on shared cloud infrastructure — your files sitting next to thousands of strangers. Not here. inou runs on dedicated, single-tenant hardware. Your data lives on machines that exist solely for this purpose.
FIPS 140-3 is the US government standard for cryptographic security — the same bar the military uses. Your files are encrypted in flight with TLS 1.3, encrypted again at the application layer before they touch the database, and stay encrypted at rest. Three layers deep.
Servers run on uninterruptible power, backed by a natural gas generator. Not a battery that buys you fifteen minutes — a generator with fuel supply independent of the grid. If the power company fails, we don't.
Storage runs on ZFS with RAID-Z2 — enterprise technology that survives the simultaneous failure of any two drives without losing a byte. Backups happen automatically. (Our founder spent two decades building backup systems for a living. We take this seriously.)
Primary connectivity is dedicated fiber. If that fails, satellite kicks in. Terrestrial and space-based redundancy — because your access matters.
Continuous uptime monitoring, automated alerting, 24/7. If something blinks wrong, we know — and our systems respond before you'd ever notice.
We don't just claim security — we prove it. Every month, our infrastructure undergoes comprehensive vulnerability scanning. External monitoring runs 24/7 from Switzerland, providing independent geographic oversight of our US-based systems.
We maintain detailed security documentation aligned with SOC 2 principles: availability, confidentiality, and data integrity. Full security reports are available upon request for enterprise customers and compliance teams.
Your dossier maintains a complete audit trail. Every view, every upload, every change — timestamped and recorded. You can see exactly who accessed what and when. Nothing happens in the dark.
Firewall rules block malicious traffic at the edge. Tarpits slow down scanners and bots, wasting their time instead of ours. Role-based access control ensures every request is authenticated and authorized — no exceptions.
Most software is assembled from open source libraries — code written by strangers, maintained by volunteers, used by millions. When a vulnerability is discovered, every application using that code is at risk.
We made a different choice. inou is built entirely from proprietary code. We wrote every line ourselves. No third-party frameworks, no borrowed components, no dependency trees stretching into code we've never reviewed.
This means we know exactly what's running and exactly what's exposed. A minimal risk surface — not because we added security on top, but because we designed it that way from the beginning.
Hardware is housed in secured, access-controlled enclosures. Entry restricted to authorized inou personnel only. Climate-controlled, generator-backed, sited above regional flood levels.