Rainmaker Now — Security & delivery overview (plain text) rainmakernow.dev · For procurement / security files Purpose ------- This outline summarizes how Rainmaker Now typically approaches data handling, access boundaries, and safe AI delivery in client-controlled environments. It is not a certification, SOC report, or legal agreement. Detailed controls, DPAs, and SIG responses are addressed in contracting and project scope. Where data lives --------------- • Delivery is commonly implemented in the customer cloud or approved infrastructure aligned to the customer's trust boundary. • We minimize unnecessary duplication of proprietary data. • Retention follows customer policy and contractual requirements. Access & least privilege ------------------------ • Access is scoped narrowly to repositories, ticketing, telemetry, and systems needed for agreed delivery tasks. • Production access should be explicit, time-bounded when possible, and reviewable. Logging, auditability & human review ----------------------------------- • Agentic workflows should expose traceability for routing decisions, tool usage, retrieval sources where applicable, and escalation paths. • Higher-risk actions may route through approvals and retained logs — proportional to organizational risk posture. Evaluation & regression ----------------------- • Releases should be gated with evaluation suites and comparisons to a baseline — so changes do not silently degrade production answers. • Monitoring aligns to real usage patterns (latency, escalation rates, review queue depth). Compliance alignment -------------------- • Governance aligns to frameworks you already operate under (privacy workflows, AI risk management themes, organizational policy). • Formal questionnaires and attestations belong in procurement — not as marketing claims. Accuracy -------- We do not fabricate attestations or client logos. Formal assurance artifacts participate in your vendor diligence with accurate scope. Contact ------- hello@rainmakernow.dev · /register · /security · /privacy