SECURITY

Security & Compliance

How we protect your data, models, and workloads.

Data Protection

Encryption at rest

AES-256 encryption on all NVMe storage. Customer-managed encryption keys (BYOK) available for enterprise customers.

Encryption in transit

TLS 1.3 for all API communication and data transfers. WireGuard VPN option for dedicated encrypted tunnels.

Data isolation

Isolated Kubernetes namespaces per customer. No GPU sharing unless explicitly opted into fractional GPU (MIG) tier.

Data deletion

Customer data and model weights cryptographically erased within 24 hours of cluster termination. NVMe secure erase protocol.

Data Sovereignty

No foreign intelligence data-sharing treaties

Ethiopia is not party to the US CLOUD Act, Five Eyes, or EU-US Data Privacy Framework. Your data is not subject to foreign government surveillance requests by default.

Physical data residency

All data is physically stored in Addis Ababa, Ethiopia. No data replication to foreign jurisdictions unless explicitly configured by the customer.

Non-aligned supply chain

Multi-vendor GPU fleet (NVIDIA, AMD, Huawei) ensures uninterrupted service regardless of geopolitical export restrictions affecting any single vendor.

Infrastructure Security

Physical access

24/7 on-site security. Biometric access control. CCTV monitoring of all facility areas.

Network security

Firewall with default-deny policy. Only SSH (port 22) open by default. Customer-configurable inbound rules.

Access control

No Nile GPU employee accesses customer data or workloads. Infrastructure management is OS-level only. All access is logged and auditable.

Power redundancy

On-site BESS for 4-hour ride-through. Diesel generators for extended outages. 99.95% power availability target.

Compliance Roadmap

Certification	Status	Timeline
SOC 2 Type I	In progress	Q2 2027
SOC 2 Type II	Planned	Q4 2027
ISO 27001	Planned	H1 2028
GDPR compliance	Compliant by design	Launch
HIPAA (BAA available)	Planned	H2 2027

SLA Targets

Metric	Target
GPU availability	99.9% monthly
Network uptime	99.9% monthly
Cluster provisioning	< 60 seconds
Support response	< 4 hours (business)
Data durability	99.99%

SLA targets during early access. Contractual SLAs with financial credits available from Phase 2.

Security questions?

Contact us at security@nilegpu.com for our security whitepaper, penetration test results, or to discuss specific compliance requirements.