Diversion Security

Your data, protected at every layer.

At Diversion, we know that trust isn’t given - it’s earned. That’s why security, privacy, and reliability are built into everything we do. From encrypted data storage to continuous monitoring and audited compliance, your projects are safe with us.

Our Security Principles

End-to-end protection

All data in Diversion is encrypted both at rest and in transit, using industry-standard cryptographic protocols. From your first upload to your latest commit, your assets stay private and protected.

SOC 2 Certified

Diversion has successfully completed its SOC 2 Type I audit, demonstrating that our systems, processes, and controls meet the highest standards for security, availability, and confidentiality.

Access control, the right way

We use multi-factor authentication, role-based permissions, and least-privilege access across our systems - ensuring that only authorized users ever reach sensitive data.

Always backed up

Your work is continuously protected by point-in-time, hourly, daily, and monthly backups across multiple regions, with regular recovery testing to ensure fast restoration if anything goes wrong.

Continuous monitoring

Our infrastructure runs on secure, globally trusted cloud providers. We continuously monitor performance, security events, and potential vulnerabilities - so issues are detected before they can affect you.

Certifications & Compliance

SOCGDPR

3 Hosting Options

On-Prem
SaaS
Private Cloud

Why Cloud Security Beats On-Prem

It might feel safer to keep everything “under your control,” but in practice, secure cloud environments outperform traditional on-prem setups when it comes to resilience and protection.

Our architecture leverages world-class cloud infrastructure with redundant systems, automated failovers, and 24/7 threat detection - all backed by strict SOC 2-verified controls.

Meanwhile, on-prem environments rely on physical hardware and are often prone to multiple single points of failure (SPOFs). This means a single hardware failure, outage, or unforeseen event can lead to significant downtime or permanent data loss.

With Diversion, your data lives in a resilient, encrypted, and geo-redundant environment, giving you the reliability you need to build with confidence.

My project is under NDA - can I still use Diversion Cloud, or do I need on-prem?

Yes - in almost all cases, you can safely use Diversion Cloud for NDA-protected projects.
Modern NDAs typically allow the use of trusted service providers that meet strong security and confidentiality standards. Diversion operates under strict SOC 2-audited controls, meaning all data is encrypted at rest and in transit, access is tightly restricted, and every employee and infrastructure partner is bound by confidentiality obligations.
Unless your NDA explicitly prohibits sharing data with third-party vendors (which is rare), using Diversion Cloud is fully compliant. If you’re working under a uniquely restrictive NDA, your legal team can easily confirm whether “authorized contractors” or “service providers” are covered - which is the standard phrasing that permits secure SaaS platforms like Diversion.
For teams that require additional control or isolation, on-prem and private-cloud deployments are available on request - but for nearly every NDA-governed project, Diversion Cloud already meets or exceeds the contractual confidentiality requirements.

Privacy by Design

We collect only what’s needed to deliver the service - nothing more. Every system, workflow, and feature is designed around data minimization, encryption, and transparency.

Our Commitment

Security is not a checklist - it’s a culture.

Your creative work deserves enterprise-grade protection - no matter your studio size.

We train every team member on security best practices, perform background checks for all employees with access to sensitive systems, and review our controls quarterly.

Our commitment is simple: Your creative work deserves enterprise-grade protection - no matter your studio size.

Explore the Diversion Trust Center

Want to go deeper? Visit our Trust Center for detailed documentation, compliance reports, and technical security overviews - including our SOC 2 report, data-flow diagrams, and infrastructure details.

Visit Trust  Center
robotic sloth