Secure AI Hiring for CISOs

For a CISO, AI hiring is approvable only if candidate data never leaves the environment, nothing is sent to a third-party model, the deployment is single-tenant and SOC 2 Type II, and every decision can be audited. Most SaaS AI hiring tools fail that test on the first line, because they route candidate data to external models. NODES is built to pass it. It runs inside your VPC with zero data egress and no external model calls.

Source: The Decision Traces study ran entirely inside the carrier's VPC with no candidate data leaving its infrastructure. Read it on arXiv.

The first question a CISO asks

Where does the data go. For a tool that sends candidate data to an external model, the review can end on that line, because the data has left your environment and entered a third party's. This is why so many AI hiring tools are blocked before their features are even discussed. See why enterprises block these tools.

The evaluation checklist

A CISO review of an AI hiring tool tends to work through the same questions:

Does any candidate data leave our environment, ever?
Is a third-party model in the data path?
Is the deployment single-tenant or shared?
Where are the models trained and hosted, and who owns them?
Can every decision be logged and audited?
Does it hold SOC 2 Type II, and does it support our data residency requirements?

How NODES answers each

NODES runs inside your VPC or on-premise, with zero data egress and no calls to OpenAI, Anthropic, or any third-party model. Deployment is single-tenant. Models are trained and hosted in your environment, and you own the weights. Every decision is logged for audit, and the model ingests no demographic data by design. It is SOC 2 Type II, and it supports AWS GovCloud, Azure Government, and fully offline deployment for air-gapped environments. See the architecture.

The compliance overlay legal brings

Security review rarely happens alone. Legal will weigh the rules that now govern hiring AI: New York City's Local Law 144, which requires an independent bias audit and public disclosure for automated employment decision tools; Colorado's AI Act (SB 24-205), effective June 30, 2026, which requires impact assessments for high-risk AI; the EU AI Act, which classifies employment AI as high-risk; and federal Title VII, which reaches AI tools through disparate impact. Explainable, in-VPC, audit-ready AI is far easier to clear against all of them. This is general information, not legal advice. See explainable AI in hiring.

What approval looks like in practice

A Fortune 500 insurance carrier had rejected six AI hiring vendors over 18 months, because each required sending candidate data outside its infrastructure. An in-VPC deployment that kept all data inside its environment cleared legal review in 17 days. Removing the egress objection is what made the difference.

Frequently asked questions

What makes an AI hiring tool approvable for a CISO? No data egress, no third-party model calls, single-tenant deployment, SOC 2 Type II, full auditability, and support for your data residency requirements.

Does NODES send candidate data to external models? No. It runs inside your VPC with zero data egress and no calls to OpenAI, Anthropic, or other external models. Models are trained and hosted in your environment.

Can NODES run in a government or air-gapped environment? Yes. It supports AWS GovCloud, Azure Government, and fully offline deployment with no internet connectivity.

How does it support compliance reviews? Decisions are logged and auditable, the model ingests no demographic data, and the in-VPC posture supports data residency, which makes review against laws like Local Law 144 and the EU AI Act more straightforward.