Case Study How Interstellar Labs Scaled Their Agent Platform to Enterprise with Unified.to

Designedtosafeguardyourcustomers'data

Unified safeguards customer data by design: no data storage at rest, ever. We pair this with SOC 2 Type II, GDPR, CCPA, HIPAA, and PIPEDA certifications, plus segregated multi-region hosting.

Data handling

Unified.to uses a passthrough, no-storage architecture: customer data never resides on our servers—it's fetched live from the source, transformed and then delivered to your system in real time. To minimize exposure, Unified never stores detailed logs.

Compliance frameworks

Unified is SOC 2 Type II certified, and GDPR, CCPA/CPRA, PIPEDA and HIPAA compliant. Our no-storage architecture removes PII persistence risk, simplifying security reviews and reducing audit scope.

Request any of our security report from our Trust Center.

Encryption

All data in transit uses TLS 1.2+. Minimal operational metadata is encrypted at rest with AES-256. Customer OAuth2 credentials and end-customer API tokens can be optionally stored in our customer's own AWS Secrets Manager.

SSO & SAML

Control access to the Unified's dashboard with SAML-based Single Sign-On. Enforce your IdP's policies (MFA, conditional access) and pair with role-based permissions and IP allowlisting.

Application security

Unified undergoes annual third-party penetration testing. Regular automated vulnerability scans are performed on containers and infrastructure. Every dev build is scanned with SAST. Runtime is covered by DAST.

IP address restrictions

Ensure only your servers can interact with Unified.to by restricting API access to specified IP addresses.

Data regions

Completely segregated data regions for maximum security.

United States

Europe

Australia

Additional resources

Security FAQ

Does Unified offer a one-prem or single-tenant cloud hosting?

Yes. Contact us to discuss our Enterprise plan which has options for on-prem or single-tenant cloud hosting.

What happens to data when a linked account is removed?

All associated configuration data is deleted immediately. Because Unified never stores end-customer data, there is nothing else to persist or erase.

Where are logs stored and who controls them?

End-customer data is never written to Unified's logs. Operational metadata is minimized and redacted. There is an option to stream detailed logs directly to your own Datadog.

How does Unified MCP handle sensitive data in LLM API workflows?

MCP makes only scoped, permissioned end-customer data available to your LLM tools. There is an option to remove PII sensitive data. There are additional restrictive configuration options to limit access.

Where is Unified hosted, and how is data residency handled?

Unified runs on AWS, leveraging enterprise-grade physical and network security. Customers can select any AWS region for credential and secrets storage, with multi-tenant options in the US, EU, and APAC. For enterprise deployments, we also offer single-tenant environments with isolated servers and databases on request.

Do you support SSO / SAML?

Yes. Unified supports SAML 2.0 and OIDC SSO. Connect your IdP (e.g., Okta, Microsoft Entra ID/Azure AD, Google Workspace, Ping, OneLogin) to enforce org policies like MFA and conditional access. Roles (admin/member) are applied in Unified, with optional IP allowlisting and per-developer/per-environment API tokens.

How does RBAC work?

Unified supports admin and member roles. Since we don't use email/password logins, access enforcement flows through your chosen IdP.

Can we restrict by IP?

Yes. Unified supports IP whitelisting, so only your servers can interact with Unified.

How do you test for security issues?

Security is embedded in our SDLC. Every build is scanned with SAST and regular automated vulnerability scans run on containers and infrastructure.

Is Unified.to SOC 2 compliant?

Unified.to has successfully completed the SOC 2 Type 2 audit and is now fully compliant to AICPA's Trust Services Criteria 2017 (SOC 2).

For more details, please visit our Trust Center or contact us.