Solomon campuses are designed from day one to the security and compliance standards AI tenants audit against. What follows is the public summary; qualified counterparties can request the full architecture and policy set under NDA.
The program is led by a chief information officer with a twenty five year national security background. Every control in the architecture traces to one of five principles.
Every campus is engineered to a seven layer defense in depth reference model, mapped control by control to ISO/IEC 27001:2022, the SOC 2 Trust Services Criteria, and the NIST Cybersecurity Framework 2.0, with facility design informed by rated facility standards.
Concentric security zoning from the property line to the rack: layered perimeter controls, mantrap entry, multi factor and biometric access, and 24/7 monitoring designed into the campus, not retrofitted.
Least privilege for every identity, privileged sessions brokered and recorded, and behavioral analytics that flag anomalous activity across physical and logical systems alike.
Segmented networks engineered alongside the fiber architecture, encryption in transit and at rest, and data handling enforced by classification, not by habit.
Power, cooling, and building management systems treated as attack surface: OT networks segmented from IT, continuously monitored, and engineered for graceful failure.
Both paths are controlled, for our own teams and for every vendor that touches a campus.
Tiered background screening for every employee, contractor, and vendor with site or system access, repeated on a defined cadence, with a formal insider threat program behind it.
Three tier vendor classification with security questionnaires, audit report review, and sanctions screening before contract. Federally designated prohibited vendors are excluded outright.
Tamper evident seals verified against manufacturer manifests before installation, firmware verified against signed manifests, and a maintained bill of materials for critical systems.
Badged site access, contractor screening and safety requirements, and OSHA aligned programs from the first day of mobilization to the last day of commissioning.
SDS runs a staged dual certification program aligned to industry practice: SOC 2 Type I attestation first, a SOC 2 Type II observation window aligned to campus operations, and ISO/IEC 27001 certification on the same control foundation. Corporate controls are instrumented today on a continuous compliance platform; facilities are designed so the certification scope is built in, not bolted on.
A complete defense in depth architecture reference, the dual certification roadmap, and the operating policy suite covering communications security, insider threat, supply chain risk, and construction health and safety.
Tenant security teams are welcome: tell us your framework and we will map our controls to it.
Request the security briefing