Security isn't a feature. It's the architecture.
Every deployment model Scrivly offers is designed around a single principle: your clients' data stays under your control. Not ours. Not a cloud provider's. Yours.
Three deployment models. One security standard.
Every Scrivly deployment enforces data isolation, citation traceability, and access control. The difference is where the hardware lives and how the network boundary is controlled.
Zero-egress architecture
Scrivly Local is a dedicated hardware appliance that runs inside your office. Documents are ingested, indexed, and queried entirely on-device. No data leaves the premises. There is no cloud sync, no telemetry, no background data transmission, and no internet dependency for document processing.
- All inference runs on local hardware with zero cloud dependency.
- No data is transmitted to Scrivly, third-party APIs, or any external service.
- The device operates on your local network. Internet is only required for software updates, which can be disabled.
- Matter isolation is enforced at the storage level, not just the application layer.
- Physical access control: the hardware is in your office, under your firm’s physical security.
Encrypted data isolation
Scrivly Pro delivers the same inference engine through a secure cloud deployment with firm-level data boundaries. Each firm’s data is encrypted at rest and in transit, isolated in dedicated compute environments, and inaccessible to other tenants or to Scrivly employees.
- Firm-level data isolation with dedicated encryption keys.
- Multi-tenant architecture with strict data boundaries. No shared context between firms.
- Data encrypted at rest (AES-256) and in transit (TLS 1.3).
- No Scrivly employee has access to firm documents or query history.
- Same citation traceability and matter isolation as Scrivly Local.
Hardware-controlled network isolation
Scrivly Secure is designed for environments where cloud connectivity is prohibited. On-premise GPU clusters run the full Scrivly inference stack in an air-gapped facility. A hardware-controlled network isolation boundary ensures that no data can leave the secured environment, enforced at the physical layer.
- Air-gapped deployment with zero network connectivity to external systems.
- Hardware-controlled isolation boundary, not software-enforced.
- Cryptographic proof of non-concurrent connectivity.
- On-premise GPU clusters under your physical and administrative control.
- Designed for defense, government, and highest-assurance matters.
Designed for compliance
Scrivly\u2019s architecture is designed to support compliance with the ABA Model Rules that govern attorney use of technology. Here is how each relevant rule maps to Scrivly\u2019s capabilities.
Competence
Attorneys must provide competent representation, which includes understanding the technology they use. Scrivly’s citation traceability ensures that every AI-assisted output can be verified against source documents. Attorneys do not need to blindly trust the AI. They can audit every response.
Confidentiality
Attorneys must make reasonable efforts to prevent unauthorized disclosure of client information. Scrivly Local processes all data on-premise with zero cloud transmission. Scrivly Secure adds air-gapped isolation. Both approaches exceed the reasonable efforts standard for protecting privileged communications.
Supervisory Responsibilities
Attorneys must supervise nonlawyer assistance, including AI tools. Scrivly provides complete audit trails for every query and response, with citation maps linking each claim to its source. This gives attorneys the oversight capability that Rule 5.3 requires.
How to verify our claims
We do not expect you to take our word for it. Here is how to confirm that Scrivly\u2019s security architecture works as described.
Network monitoring
Place Scrivly Local on your network and monitor all traffic with your own tools. You will see zero outbound data transmission during document processing. We encourage firms to run packet captures during evaluation.
Air-gap verification
Scrivly Secure includes cryptographic proof of non-concurrent connectivity. Your security team can independently verify that the air-gapped system has not been connected to an external network during operation.
Citation audit trail
Every Scrivly response includes a citation map. Click any citation to view the exact source passage in the original document. Run your own spot checks. Verify that the AI\u2019s claims match the source material.
Independent security review
We welcome independent security assessments and penetration testing by your firm\u2019s IT team or a third-party auditor. Schedule a consultation to discuss the scope and process.
Security is a commitment, not a checkbox
Most legal AI companies list security features on a marketing page and move on. At Scrivly, security is the reason the company exists. The entire architecture, from the hardware design to the inference pipeline to the citation system, was built to answer one question: how do you give attorneys AI that their malpractice insurers, their ethics boards, and their clients can trust?
The answer is not a feature toggle. It is the architecture.
Your clients' confidentiality is not negotiable. Your AI shouldn't be either.
See how Scrivly handles your firm's use cases.