Security & Data Handling
"Second-life hardware" raises fair security questions. Here are our answers, and we welcome harder ones.
Nothing From a Previous Life Survives Intake
Storage that arrives with decommissioned servers never enters our fleet carrying data. At intake, drives are either sanitized in line with NIST SP 800-88 media-sanitization guidelines or physically destroyed. The previous owner's data is gone before a unit is even inventoried for certification. That's a commitment we make to the enterprises we acquire from as much as to the customers we serve.
Your Data, Your Instance
Customer instances run on dedicated GPUs; we don't split a physical GPU across tenants. Instance storage is provisioned clean for you, isolated from other customers, and sanitized when your instance is deprovisioned. GPUs themselves hold no persistent customer data between sessions.
Network & Operations
Tenant traffic is segmented, management interfaces are separated from customer networks, and the fleet is monitored around the clock by the same monitoring that backs our SLA. Host software is kept patched, and access to production systems is limited to the small set of people who operate the fleet.
Physical Security
The fleet and certification lab live in an access-controlled facility in Houston with camera coverage and visitor logging. Hardware moves between intake, lab, and production racks under the same asset-tracking IDs used in certification, so every unit's location and history is accounted for.
Reporting a Vulnerability
If you believe you've found a security issue in our service or website, email info@hygeiacloud.com with the details. We read every report, we'll respond promptly, and we won't pursue good-faith researchers.
Running a formal vendor security review? Contact us and we'll work through your questionnaire directly.