Security & Trust
Trust is the missing layer in AI
Modly respects each person's permissions, cites its sources, and logs every query — with the same governance for every customer.
Security features
Built with trust as the starting point
Permission-aware retrieval
Stale, missing or expired provider access is treated as zero access.
Cited sources
Every answer links back to the exact document it drew from.
Full audit logs
Every query and answer is recorded and reviewable.
Org-level model policy
Control which models are allowed and default across the organization.
MFA & access controls
TOTP MFA and password management backed by Cognito.
Organization isolation
Each organization's data stays completely isolated from every other.
How we handle your data
Your knowledge stays yours
- 1
Least-privilege by default
Retrieval only ever reaches sources the asker is already allowed to see. Access is resolved from your providers, not assumed — and re-checked as it changes.
- 2
Not used to train models
Your content is indexed to answer your team's questions — it isn't used to train shared models, and it never leaves your organization's boundary.
- 3
You choose the model
Route through OpenAI, Google, Anthropic or a self-hosted model, and set the allowed models per organization. Sensitive workloads can stay on infrastructure you control.
Controls & compliance
Built for teams that answer to auditors
Authentication, access controls and a complete activity trail — the same for every customer, with no governance features locked behind a higher tier.
Authentication & MFA
SSO and TOTP multi-factor authentication, with password and session controls.
Complete audit trail
Every query, answer and configuration change is recorded and reviewable.
SOC 2 Type II
On our security roadmap as we move toward general availability.
See Modly on your own knowledge
Request a demo, or join the waitlist for early access.