Security | Sydekiq

Security Architecture

The Private Server Difference

Most legal SaaS tools run on shared infrastructure — your data sits in the same database as thousands of other firms. Sydekiq is different by design.

🖥️

Dedicated Private Server

Every firm gets its own isolated server. One firm. One server. No shared databases, no commingled data, no cross-contamination risk.

🔐

End-to-End Encryption

All data encrypted in transit via TLS and at rest on disk. Every connection is HTTPS. Nothing moves in plaintext — ever.

📋

Full Audit Logs

Every action your agent takes is logged with a timestamp. Review exactly what it did, when, and why. Complete transparency, always.

👁️

Zero Sydekiq Access

No Sydekiq employee can access your firm's data without your explicit written permission. Your data is yours — period.

🔑

Two-Factor Authentication

Your agent dashboard is protected with 2FA. Only you — and whoever you explicitly authorize — can access your firm's environment.

🛡️

Breach Containment

Because each firm has its own server, a security incident affecting one firm cannot cascade to any other. Contained by architecture.

How We Compare

Sydekiq vs. Shared Cloud Tools

✗ Traditional Legal SaaS

Multi-tenant: your data in shared databases
Vendor can access your client files
One breach can expose thousands of firms
Data used for model training (often)
Vague "industry standard" security claims
No per-firm audit trail

✓ Sydekiq Private Server

Dedicated server per firm — fully isolated
Zero Sydekiq access without your permission
A breach of one firm cannot reach others
Your data is never used for training
Encrypted in transit and at rest, always
Complete audit log of every agent action

Ethics & Compliance

Designed Around Bar Rules

⚖️

ABA Model Rule 1.6

Reasonable measures to protect confidential client information — our private server architecture exceeds the standard

📄

Data Processing Agreement

DPA available on request — required by some firm insurance policies

🚨

Breach Notification Protocol

24-hour notification with full incident report — documented procedure, not a promise

💼

Cyber Liability Insurance

$2M policy — signals we take security seriously and stand behind our architecture

🧪

Penetration Testing

Regular third-party pen tests — documented results available under NDA

Security Q&A

What Law Firm Owners Ask Us

Where does my client data actually live?

On a dedicated private server provisioned exclusively for your firm — not in a shared cloud database. Think of it as having your own on-premise server, but without the IT headache. Your data has never been on the same server as another firm's data.

Can Sydekiq employees see my client files?

No. Your agent runs on your server. We have no back-door access. No Sydekiq employee can access your firm's environment without your explicit, documented permission request.

Does Sydekiq use my data to train AI models?

Never. Your client communications, case data, and firm information are yours. They are not used for any training purpose — by Sydekiq or any third party.

Is this compliant with my bar's ethics rules on cloud storage?

Yes. ABA Model Rule 1.6 and state bar equivalents permit cloud-based tools when the attorney takes reasonable precautions. Dedicated private server infrastructure is the gold standard — it exceeds what most bar opinions require for cloud computing compliance.

What happens if there's a security breach?

You'll be notified within 24 hours with a full incident report. Because your server is isolated, a breach cannot spread to other firms. We carry cyber liability insurance and have a documented breach response protocol — not just a verbal commitment.

Built for Attorney-Client Privilege