Sift AI Security and Architecture Overview
Source: Sift AI Security and Architecture Overview.pdf
Pages: 14

--- Page 1 ---
Sift AI
W H I T E P A P E R
Security and Architecture
Overview
How Sift AI protects the data behind every customer interaction
it captures, analyzes, and acts on, and the controls behind it.
Detailed evidence, including our control matrix, current audit
status, subprocessor list, and data processing agreement, is
available under NDA.
ISO 27001 certified  ·  SOC 2 Type II, external audit
underway  ·  GDPR compliant
APRIL 2026
CONFIDENTIAL
NIFTORY INC. DBA SIFT AI (“SIFT AI”)

--- Page 2 ---
What this document covers
01
Platform overview
02
Data flow
03
Infrastructure and resilience
04
Channel ingestion
05
AI agent pipeline
06
Human oversight and human-in-the-loop
07
Programmatic access
08
Security controls
09
Business continuity
10
Data governance
11
SOC 2 control mapping
12
Frequently asked questions

--- Page 3 ---
Platform overview
Sift AI is an agentic platform for customer and community teams. Connect your
channels, and a team of AI agents reads every incoming message, scores it,
triages it, drafts a reply, and routes it to the right place. Your people stay in control
and step in where needed.
Every interaction moves through three stages. The same path applies to a public post, a private message, or a review,
regardless of which channel it arrived on.
1
Capture
Every message from your
channels, one common format
2
Understand
Intent, sentiment, language,
topics, risk, and context
3
Act
Draft, route, escalate,
or resolve, within your limits
Capture. Sift AI brings in each message from your connected channels and converts it into one common format, tagged
with its source, so everything downstream behaves the same way regardless of where it originated.
Understand. A sequence of AI agents reads the message: intent, sentiment, language, topics, risk, and how it relates to
everything that came before.
Act. Sift AI determines what the conversation needs, whether a drafted reply, a route to the right team, an escalation, or a
quiet resolution. Your team reviews the work and sets how much Sift AI may handle on its own.
Two properties hold throughout. Every message follows this path; there is no route into Sift AI that skips capture and
agent review. And people stay in control: the agents do the analysis and drafting, but your team approves, edits, or
overrides every decision that matters. Consent, encryption, and audit logging wrap each stage. Sift AI operates in
Fortune 1000 and financial-services environments.

--- Page 4 ---
Data flow
Your data only moves the way you allow it to. It comes in from the channels you connect, passes a consent gate, and
lands in Sift AI's secure cloud, where it is stored and processed. AI inference runs at vetted, US-hosted providers, called
only from our backend over encrypted APIs. Approved replies post back to the original channel, and the resulting data is
available to your own tools through read-only access.
Y O U R  C H A N N E L S
Social
Messaging
Reviews
Community forums
+ more sources
Consent + signature verification
S I F T  A I  S E C U R E  C L O U D
ISOLATED · ENCRYPTED · AUDITED
Capture & normalize
Understanding agents
A FULL READ OF EVERY CONVERSATION
Content
Risk & safety
Context
Policy
Sentiment
Decision agents
Route to the right team · decide the next step
Act on their own only when confident
Encrypted storage
+ point-in-time backups
ENCRYPTED API CALL
External AI
inference
Gemini · OpenAI · Anthropic
US-hosted · no training
Human review
Your team approves, edits, routes, or overrides
TLS 1.2+ · ENCRYPTED AT REST · SSO + MFA · AUDIT LOGS · 24/7 MONITORING
O U T P U T S
Reply to original channel
Your tools · read-only API
AI assistants · read-only MCP
The whole journey: your channels pass a consent gate, then move through capture, the AI agents, and
human review inside one encrypted, audited boundary. Your data is stored there. AI inference is the one
outbound step: agents call vetted, US-hosted providers over encrypted APIs, under terms that bar training
on your data. Approved replies post back to the original channel; the resulting data is available to your own
tools through read-only access.
What protects it at every step
Nothing enters Sift AI until you connect a channel and grant access. That consent gate sits in front of every intake path,
and you can revoke it at any time. From there, data is encrypted in transit (TLS 1.2 or higher) and at rest, with no plaintext
protocols in production. Processing happens inside a hardened cloud environment with network, identity, and audit
controls around your data.

--- Page 5 ---
AI inference is the one outbound step, and it is governed. Agents call vetted providers (Gemini, OpenAI, Anthropic, and
other US-hosted inference) only from our backend, over encrypted APIs, never from your users' browsers. The providers
and models may change over time, but inference always runs US-hosted, under enterprise terms that bar training on your
data. We do not sell your data, and we do not use it to train shared models.
Infrastructure and resilience
Sift AI runs on AWS with no servers of our own to patch or lose. Every critical part is duplicated and spread across
separate data centers (availability zones) in the same region, so a failure in one does not take Sift AI down. Traffic shifts
to healthy capacity on its own.
Global edge
CDN + firewall
TLS 1.2+
M U L T I P L E  A V A I L A B I L I T Y  Z O N E S
R E D U N D A N T  A P P  T I E R
App node · zone A
App node · zone B
App node · zone C
R E P L I C A T E D  D A T A
Primary database
encrypted at rest
Standby replica
auto-failover
Secrets vault
no plaintext keys
Point-in-time backups
11-nines durability
24/7 monitoring
+ audit logging
Traffic enters at the global edge, is served by app nodes in three zones, and reads from a replicated
database that fails over on its own. Everything is backed up and continuously monitored.
The result is straightforward to reason about. The busiest services run several copies at once, spread across zones, so if
one zone goes dark the others carry the load. Your data is mirrored across zones with a standby ready to take over
automatically, in seconds to minutes, with no action from your team. Health, performance, and unusual activity are
monitored continuously, so problems are caught early rather than reported by your customers.
Channel ingestion
Sift AI connects to the channels where your customers already reach you. You authorize each connection, choosing
which accounts Sift AI may access, and you can withdraw that access at any time. Every message is checked for
authenticity and against your consent settings before it enters Sift AI, then converted into one common format.
Channels reach Sift AI in one of three ways. High-volume platforms push each message as it happens; Sift AI verifies the
cryptographic signature on every delivery and rejects anything that fails. Some platforms hold an open, authenticated
connection that Sift AI listens on. The rest are polled on a set schedule, where Sift AI requests new activity and skips
anything it has already seen.
Connections are made through each platform's standard authorization flow, so Sift AI receives only the access you grant
and never your account password. Channels are enabled per account and span four broad types.

--- Page 6 ---
TYPE
CHANNELS
WHAT SIFT AI TAKES IN
Social
X, Instagram, Facebook, Threads, TikTok,
LinkedIn, YouTube
Public posts, comments,
mentions, and direct messages
where the platform allows
Messaging
WhatsApp, Telegram, Slack, Discord, email
Private one-to-one and group
conversations
Reviews
Apple App Store, Google Play
Ratings, written reviews, and
developer responses
Community
Discourse, Higher Logic
Discussion posts, replies, and
private messages
New channels are added constantly, so this list is a snapshot rather than a limit, and any channel can be turned off as
quickly as it was turned on.
AI agent pipeline
Sift AI is not one big model trying to do everything. It is a team of focused agents, each with a narrow job and a strict,
structured output. They run over every message in turn. Any one of them can hand the conversation to your team the
moment something looks like it needs a person.
AGENT
WHAT IT DOES
Content
Extracts intent, sentiment, language, topics, and a description of any images
or video.
Risk and safety
Flags spam, abuse, and sensitive or personal information before it reaches a
queue or a reply.
Context
Links the message to related history, merges duplicates, and surfaces what
came before.
Policy
Checks the message against your own rules: escalation triggers, response
guidelines, and off-limits topics.
Sentiment
Scores tone and likely customer satisfaction.
Routing
Sends the conversation to the right inbox, team, and priority.
Decision
Chooses the next step: draft a reply, escalate to a person, resolve, or set
aside.
Automation is confidence-gated, so an agent acts on its own only when it is confident and you have allowed that action;
otherwise it hands the conversation to a person.

--- Page 7 ---
Each agent stays inside its defined job, with a set place to escalate, and does not improvise beyond it, which keeps
behavior predictable and reviewable. Where an agent scores a message, for its relevance, its risk, or whether it needs a
reply, it records a confidence level and a short reason, so a reviewer can see why each decision was made.
Human oversight and human-in-the-loop
Sift AI is built to assist your team, not to run unattended. Every decision the agents make shows up in your dashboard,
ready for a person to review. You decide how much the agents handle on their own, and you can dial it up or down at any
time.
You choose where a person is required: drafts and routing can wait for approval, and a reviewer can approve as-is, edit
the wording, reroute, or dismiss. You set how much autonomy the agents have and change it at any time, typically
starting with everything held for review and handing over more, one decision type at a time, as trust builds.
M O R E  A U T O N O M Y  A S  T R U S T  B U I L D S
Review everything
Agents prepare the work;
a person approves each action
Approve what matters
Agents draft and route;
people approve the key actions
Act within limits
Agents act alone only when
confident and you allow it
At every level, your team can approve, edit, reroute, or override
Every approval, edit, and override is fed back so Sift AI's drafts and decisions track your team's standards more closely
over time. Stepping in never bypasses a control: consent, audit, and encryption apply whether an action is taken by an
agent or a person. Agents never act beyond the authority you grant, and that authority is visible and adjustable.
Programmatic access
Teams do their work in the Sift AI web application: the inbox, queues, conversation view, and analytics. For teams that
also want Sift AI data inside their own tools, two additional interfaces are available. Both run over encrypted HTTPS, and
both enforce the same per-user permissions as the application, so a request can only reach data the requesting user
could already see in the app.
Both interfaces are documented, and neither can change anything in your Sift AI instance.
 
REST API
MCP SERVER
Used by
Your own apps, dashboards, and
exports
AI assistants such as Claude or
Cursor
Access
Read-only
Read-only
Authentication
Per-account API key in a request
header
Per-user sign-in (OAuth)

--- Page 8 ---
 
REST API
MCP SERVER
Reaches
Your account's data
Only the signed-in user's existing
access
Sends replies or
changes data
No
No
Notes
Rate-limited per key; full OpenAPI
reference published
Connection expires after 90 days;
admin-revocable
API keys and MCP connection URLs are treated as credentials, and an administrator can revoke either at any time.
Bringing in your own context. You can connect your help center, FAQs, and product documentation by URL. Sift AI
indexes that material and uses it to ground the replies its agents draft, so answers reflect your own content rather than
generic text.

--- Page 9 ---
Security controls
Everything in this document sits inside one security boundary. It covers who can get in, how data moves and rests, and
how we prove what happened.
Identity and access. Staff sign in through single sign-on with multi-factor authentication. Access is least-privilege and
reviewed quarterly. There are no shared logins and no long-lived keys in the runtime path.
Encryption. Every connection uses TLS 1.2 or higher, including database traffic, and data is encrypted at rest with AES-
256 via AWS KMS. Public endpoints all score A or higher on independent TLS testing.
Network isolation. Environments are fully separated. The public surface accepts only HTTPS, and internal services are
not reachable from the open internet.
Audit and monitoring. Platform, access, and network activity is logged, retained, and monitored for anomalies, so we can
answer who did what and when.
Change management. Infrastructure and configuration changes go through version control and automated deploys.
Manual edits are reverted on the next deploy, so every production change is recorded and reversible.
Vulnerability management and disclosure. We run vulnerability scanning, prioritize fixes by risk, and commission
independent penetration testing. If you believe you have found a vulnerability, report it to security@getsift.ai; we operate
a coordinated disclosure process and will work the issue with you.
Incident response. We maintain a documented incident response plan with defined roles and severity levels. If an
incident affects your data, we contain it, investigate the root cause, and notify you in line with our contractual
commitments and applicable regulations, including the breach-notification timelines under GDPR where they apply. We
record the findings from each incident and fold them back into our controls.
Compliance
Sift AI's information security management system is ISO 27001 certified. For SOC 2 Type II, our internal audit is complete
and the external audit is underway, with controls operating and evidence collected continuously. Sift AI is GDPR
compliant: intake is consent-gated, we minimize what we hold, and your right to revoke is preserved end to end. Section
11 maps these controls to the SOC 2 trust principles.
Business continuity
Sift AI maintains a tested recovery plan, rehearsed once a year against a full copy of the live environment and measured
against defined targets.
Our targets are a 40-minute recovery time objective and a 15-minute recovery point objective, meaning at most 15
minutes of data at risk in a worst case.
In the most recent test we simulated losing both databases at once. Full service was restored in 42 minutes with zero
data lost, because point-in-time backups let us rewind to the moment before the failure. In practice most failures never
require a recovery at all: the environment is duplicated across data centers, so a standby takes over automatically. We
record the findings from each test and update the plan accordingly.

--- Page 10 ---
Data governance
Your data is yours. We process it to do the job you hired Sift AI for, and nothing else. It is never sold, and it is never used
to train models shared with other customers.
We run no offices, data centers, or servers of our own. Everything lives in dedicated cloud accounts, and every piece of
data is classified so the strictest handling applies to the most sensitive information.
How we classify data
TIER
WHAT IT COVERS
EXAMPLES
Restricted
Personal data, credentials, and keys
Customer messages, access secrets
Confidential
Internal business data and source code
Internal dashboards, code
Internal
Operational data that is not sensitive
Logs, performance metrics
Public
Information meant to be public
Marketing site, public docs
Production runs entirely in hardened cloud accounts, separated by environment, with no on-premise servers to
compromise or lose. Any device used to reach production must run our management agent, which enforces disk
encryption, screen lock, and current patching, and keeps a live device inventory.
Where your data lives
Production data is hosted in the United States, on AWS in the US East region. The same encryption, access, and audit
controls apply across every environment. EU and EEA data residency is available on request for enterprise customers.
Retention and deletion
We keep your data for as long as your account is active. On request, or after your contract ends, we delete it within the
window your agreement specifies, and copies held in encrypted backups age out on their normal cycle.
Subprocessors
Sift AI relies on a small set of subprocessors: AWS for cloud hosting, and Gemini, OpenAI, Anthropic, and other US-
hosted providers for AI inference, alongside vetted providers for identity and observability. Each is assessed before use
and tracked in a maintained inventory. We provide the full subprocessor list, with the purpose and data scope of each,
under NDA.

--- Page 11 ---
SOC 2 control mapping
SOC 2 measures a service against five trust principles: security, availability, processing integrity, confidentiality, and
privacy. Our internal audit is complete and the external audit is underway. The table below maps the controls we run
today to those principles, so your security team can see the controls behind each principle.
CONTROL AREA
WHAT WE DO
PRINCIPLES
Access management
Single sign-on with multi-factor authentication.
Least-privilege roles, access reviewed every
quarter, and access granted at hire and removed at
exit. No shared accounts or long-lived keys.
Security, Confidentiality
Encryption
TLS 1.2 or higher on every connection, including
database traffic. Data encrypted at rest with AES-
256 (AWS KMS). Certificates rotate automatically.
No plaintext secrets anywhere.
Security, Confidentiality
Network security
Each environment isolated. Public surface limited
to secure HTTPS only. Internal services closed to
the open internet, with traffic logged and watched.
Security
Availability and
redundancy
Critical services duplicated across multiple data
centers. Databases mirrored with automatic
failover. Continuous health monitoring.
Availability
Backup and recovery
Point-in-time backups with high-durability storage.
Recovery plan tested annually: last test restored
full service in 42 minutes with zero data loss.
Availability
Change management
All infrastructure and configuration changes flow
through version control and automated deploys, so
every change is recorded and reversible.
Security, Processing
Integrity
Logging and
monitoring
Platform activity, access, and network traffic are
logged, retained, and monitored for anomalies,
with alerting on unusual behavior.
Security, Availability
Vulnerability
management
Regular vulnerability scanning and independent
third-party penetration testing. Findings are
prioritized by risk and remediated; a summary is
available under NDA.
Security

--- Page 12 ---
CONTROL AREA
WHAT WE DO
PRINCIPLES
Incident response
Documented plan with defined roles and severity
levels. Affected customers are notified in line with
contractual and regulatory timelines, including
GDPR where it applies.
Security, Availability
Vendor management
Third-party providers are vetted and tracked in a
maintained inventory. Outbound access is limited
to that known, approved list.
Security, Confidentiality,
Privacy
Data classification
Every asset is tagged by sensitivity, so the strictest
handling applies to personal data and credentials.
Confidentiality, Privacy
Privacy and consent
Data enters only after you authorize it. We minimize
what we hold, honor revocation, and never use
your data to train shared models.
Privacy, Confidentiality
Endpoint security
Devices accessing production run a management
agent enforcing disk encryption, screen lock, and
patching, with a live device inventory.
Security
For a detailed control matrix, our latest audit status, a data processing agreement, subprocessor list, or a completed
security questionnaire, contact security@getsift.ai. We share these under NDA as part of due diligence.
Frequently asked questions
What does Sift AI do?
Sift AI is an agentic platform for social and community teams. You connect your channels, and a team of AI agents reads
every incoming message, scores it for intent, sentiment, risk, and context, then drafts a reply and routes it to the right
team. Your people approve, edit, or override the decisions that matter.
Where is our data hosted?
In the United States, on AWS in the US East region. The same encryption, access, and audit controls apply across every
environment. EU and EEA data residency is available on request for enterprise customers.
Do you use our data to train AI models?
No. We do not sell your data, and we do not use it to train shared models. AI inference runs at vetted providers (Gemini,
OpenAI, Anthropic, and other US-hosted inference), called only from our backend over encrypted APIs, under enterprise
terms that bar training on your data. The specific providers and models we use may change over time and may include
open models, but inference always runs US-hosted, and the bar on training on your data applies to every provider we
use.

--- Page 13 ---
How is our data encrypted?
Every connection uses TLS 1.2 or higher, including database traffic, and data is encrypted at rest with AES-256 via AWS
KMS. There are no plaintext protocols in production, and public endpoints all score A or higher on independent TLS
testing.
Who can see our data inside Sift AI?
Access is least-privilege and granted through single sign-on with multi-factor authentication. There are no shared logins
and no long-lived keys in the runtime path, and access is reviewed every quarter.
Are you certified?
Sift AI is ISO 27001 certified. For SOC 2 Type II, our internal audit is complete and the external audit is underway. Sift AI is
also GDPR compliant, and we sign a data processing agreement.
Who are your subprocessors?
A small set: AWS for cloud hosting, and Gemini, OpenAI, and Anthropic for AI inference, alongside vetted providers for
identity and observability. Each is assessed before use. The full list, with the purpose and data scope of each, is available
under NDA.
Can we control what Sift AI ingests?
Yes. Nothing enters Sift AI until you connect a channel and grant access, and that consent gate sits in front of every
intake path. You choose which channels are connected, and you can revoke access at any time.
Does the AI act on its own?
Only within the limits you set. Automation is confidence-gated, so an agent acts on its own only when it is confident and
you have allowed that action; otherwise it hands the conversation to a person. You can start with everything held for
review and hand over more as trust builds.
What happens to our data if we leave?
We keep your data while your account is active. On request, or after your contract ends, we delete it within the window
your agreement specifies, and copies held in encrypted backups age out on their normal cycle.
How do you handle outages and recovery?
The platform is duplicated across data centers with automatic failover, so most failures need no recovery at all. Our
targets are a 40-minute recovery time objective and a 15-minute recovery point objective. Our most recent test restored
full service in 42 minutes with zero data loss.
How do you handle security incidents and vulnerabilities?
We maintain a documented incident response plan and notify affected customers in line with our contractual and
regulatory obligations, including GDPR timelines where they apply. We run vulnerability scanning and independent
penetration testing. To report a suspected vulnerability, contact security@getsift.ai.
How do we get more detail for a security review?
Contact security@getsift.ai for our control matrix, current audit status, data processing agreement, subprocessor list, or a
completed security questionnaire. We share these under NDA.

--- Page 14 ---
NIFTORY INC. DBA SIFT AI (“SIFT AI”) · SECURITY & TRUST · CONFIDENTIAL
QUESTIONS? SECURITY@GETSIFT.AI
