Documentation · Security

Security & Governance

Arion Flow is built for teams that care about privacy, isolation and predictability. This page outlines the core concepts so you can assess how it fits into your environment.

Core principles

  • Private-by-design: flows are designed around private workspaces, not global, public-sharing models.
  • Isolation where it matters: sensitive workloads can be run in more isolated environments.
  • Transparent architecture: you should be able to understand where data lives and how it flows.

Data and storage

Depending on deployment and configuration, Arion Flow can work with:

  • Mounted storage or object storage for models and artefacts.
  • Workspace-level configuration for where data should live.
  • Clear separation between your data and shared model infrastructure.

Access and roles

Access is controlled at the account and workspace level:

  • Administrative roles for managing accounts and workspaces.
  • Workspace-level access to limit who can see and run specific flows.
  • Options to separate environments (e.g. dev vs production) via different workspaces.

Regulated and high-control use

For more controlled environments, Arion Flow supports patterns such as:

  • Running in specific regions or private cloud environments.
  • Isolating high-sensitivity workloads in dedicated workspaces.
  • Designing flows so that the most sensitive data never leaves your environment.

Related information

  • Public-facing Security page (high-level overview).
  • For deeper architecture discussions, use the contact form and select an area of interest.