The trust case, made architectural.
Compliance does not begin with a policy document. It begins with where the data sits, who can reach it, and what is allowed to leave. Feerstone designs for that question first.
Six commitments that hold across every engagement.
On-premise and private cloud only
Every deployment runs on hardware you own, inside your facility, or inside a private cloud tenancy you control. There is no shared multi-tenant inference layer.
Data residency by jurisdiction
Workloads are pinned to a jurisdiction at architecture time. Canadian client data stays inside Canadian infrastructure. United States client data stays inside United States infrastructure.
Perimeter as the trust boundary
We adopt your existing network perimeter as the security boundary. The system inherits your access controls, your identity provider, your logging stack, and your incident response.
Model hosting on client-owned hardware
Models are downloaded, evaluated, and served from infrastructure you own. Weights are versioned and immutable. Inference does not leave the perimeter.
Maintenance and update under retainer
A fixed annual engagement covers patching, model upgrades, evaluation harnesses, security review, and incident response. There are no surprise renewals.
No client data trains shared models
Feerstone does not transmit, retain, or fine-tune shared models on client data. Any fine-tuning happens on your hardware, with weights that remain yours.
Our reference architecture is built to satisfy nine frameworks at once.
United States protected health information.
Ontario personal health information protection.
Quebec residency and consent requirements for personal information.
American Bar Association guidance on generative AI for lawyers.
Canadian federal financial institution technology and cyber risk.
United States defense contractor cybersecurity maturity for controlled unclassified information.
United States AI risk management framework.
International standard for AI management systems.
Service organization controls for security, availability, and confidentiality.
Feerstone does not transmit, store, or train shared models on client data. Every byte of client data stays inside the client's perimeter for the life of the engagement. This is not a configuration option. It is the architecture.