Your Data, Your Environment: Customization and Security with Neo.Tax’s Dedicated Cloud

At Neo.Tax, we understand that data security is table stakes in the tax world. It’s why we’ve spent hundreds of hours achieving ISO/IEC 27001:2022 and SOC 2 Type II certifications. It’s why we took steps to secure our customer’s data by adding IP whitelisting, rate limiting, and runtime protection via an in-app firewall; by incorporating static code analysis and open-source dependency scanning to protect against attacks like Shai Hulud; and, of course, by encrypting everything at rest and in transit using TLS v1.3 and AES 256-bit encryption.

But there’s one additional step we take, which is paramount in the AI and Tax space. For customers that want a truly white-glove level of security, Neo.Tax offers a Dedicated Cloud: a single-tenant hosting environment that customers can opt for if they want a truly air-gapped, physically segregated instance of the Neo.Tax application. In this dedicated cloud, each customer gets its own fully isolated version of Neo.Tax (e.g., https://acme.app.neo.tax), with dedicated compute, storage, networking, and model inference. Because all of our infrastructure is codified and managed via Terraform, we can provision a dedicated cloud environment for any customer within 24-36 hours.

We built this solution because we know that, more than ever, customers care about data privacy in this new AI-powered world. Here’s how we made it a frictionless experience.

A Dedicated Cloud Environment

Single-tenant hosting is when a single instance of software and infrastructure are deployed for a single client. This means nothing is shared including:

• Frontend CDNs
• Backend services
• Asynchronous workers
• Databases and storage providers
• VPCs, load balancers, and other networking endpoints
• AI models

All of this is codified in our Terraform repository, and we’ve parameterized this code so that it’s easy to instantiate a new deployment (i.e., a new dedicated cloud) for any given customer.

We can also customize things appropriately. For example, if a customer who’s based on the East Coast prefers to have their Neo.Tax deployment hosted a little bit closer to home for lower latency, we can choose which data center regions to deploy in with a simple configuration change. If a customer wants to connect their Snowflake or Databricks data warehouse to Neo.Tax, we can instantiate our databases to be co-located with that warehouse to reduce data movement costs. This becomes critical for larger enterprise customers, who have massively high volumes of confidential data—such as payroll wages, project management tickets, and knowledge base articles—to share with us. 

And for such customers, a dedicated cloud solution offers them the ability to fully audit and observe the Neo.Tax application and infrastructure—down to the IAM permissions and logs per machine. The customer’s IT team can define custom protocols and alerts to fit their security needs. And, if there is a security incident with the Neo.Tax application (unlikely, but you never know!), they can rest somewhat easier knowing that there is no shared access or data exposure between tenants, because each dedicated cloud offering exists within its own security perimeter.

We have already seen customers take advantage of this customization. For example, one customer wanted to limit which internal employees have access to the Neo.Tax via IP whitelisting; they did so by specifying the whitelisted IP addresses via ZScaler, then publishing those addresses to Neo.Tax. We incorporated them into their dedicated cloud environment, updated our network ACLs that are administered via Tailscale, and their internal employees never noticed a difference.

‍

What This Means For You

To summarize, the Neo.Tax Dedicated Cloud offers the following added security benefits:

Isolated Infrastructure: All Neo.Tax services—including application logic, databases, storage, networking, and AI models—run in a dedicated environment. There are no shared resources with other Neo.Tax customers.

Private Connectivity: Optional support for private network connections (e.g., AWS Direct Connect or site-to-site VPN) and/or application IP whitelisting, eliminating public internet exposure and enhancing control over ingress/egress.

Operational Governance: Customers may define their own backup schedules, maintenance windows, and data retention policies. Data residency requirements can also be enforced at the infrastructure level.

Ultimately, our Dedicated Cloud is more than just a security feature; it is a commitment to the highest standard of data privacy and control in the AI-powered tax world. By offering a fully isolated, single-tenant hosting environment, Neo.Tax ensures that your most sensitive data—from payroll wages to proprietary projects—is never shared, giving you a truly air-gapped security perimeter. This white-glove service allows for critical customization, including data residency enforcement and co-location with data warehouses, empowering your IT team with full auditing capabilities and complete operational governance. Ultimately, choosing a Dedicated Cloud means choosing unparalleled security, peace of mind, and a frictionless experience tailored to your enterprise's specific compliance needs.