Governance & Deployment
Deployment Models Demystified
On-premises vs. cloud vs. air-gapped, plus data retention and governance basics
AMiRIS® is Additive Assurance's in-situ quality assurance platform for laser powder bed fusion (L-PBF), built to convert layer-by-layer build data into decision-ready outputs—clear reporting, traceability, and governance-friendly evidence that Quality teams can stand behind and IT/Security teams can deploy with confidence.
With that context, the question behind most stalled projects becomes obvious: not "does it detect defects?", but "where does it run, who controls it, what do we retain, and how do we defend it in an audit?"
Most AM quality tools don't fail technically—they fail organisationally. The project gets stuck between Quality and IT because no one has translated "monitoring" into governance: who controls the data, who can access it, what gets retained for audit, and what happens when the network or policy says "no".
AMiRIS is designed for regulated production, so deployment and security isn't an afterthought. The platform supports cloud or on-premise deployment, and our large-format configuration is typically supplied with an on-premise server, because regulated environments often demand tighter control.
The right model for your program:
Cloud = Speed, Scale, and Lowest Operational Friction
Cloud deployment is the "shortest path to evidence" when your governance allows it. It typically reduces internal IT workload and can make updates and scaling simpler. The real question isn't "is cloud secure?"—it's whether your policy permits the required data handling, and whether your Quality function can defend the access model and retention plan during an audit.
Choose cloud when:
- •Policy allows external hosting, and
- •You want the fastest deployment and iteration cycles, and
- •Audit needs can be met through defined retention, access control, and reporting.
On-Prem = Maximum Control, Higher Responsibility
On-prem means AMiRIS runs within your network and storage boundary, under your controls. That can be essential when you have strict data residency, customer contractual constraints, or limited third-party access permissions.
But control comes with ownership: patching responsibility, infrastructure planning, and storage governance. On-prem is often the right choice when "who touches the data" matters as much as "what the data says".
Choose on-prem when:
- •Policy requires internal hosting,
- •Programme risk is tied to data sovereignty, or
- •Supplier access must be tightly constrained.
Air-Gapped = On-Prem with Isolation
Air-gapped isn't mystical. It's on-prem deployed in an environment that does not rely on internet connectivity. For the highest-sensitivity programmes, this removes an entire category of risk—namely external connectivity dependency. It can also simplify conversations with customers who mandate isolation.
Choose air-gapped when:
- •Your programme mandates isolation, or
- •Your security posture requires zero external connectivity dependency.
Data Retention & Governance
Whatever deployment you choose, success is determined by four governance decisions that IT/Security and Quality can sign off together:
Data Volume Planning
AMiRIS generates data at approximately ~30 MB per cm³ of build volume. For on-premise that needs storage planning, not surprise.
Retention Policy
Retention should be defined by audit need, not habit. What must be retained per part/build, for how long, and what can be summarised or archived?
Access Control
Who can view builds? Who can export? Who can administer? The goal is to make access rules auditable and minimised.
Reporting Outputs
Quality doesn't need "all the pixels." Quality needs decision-ready reporting and traceability aligned to regulated production.
Ready to Align Your Deployment Strategy?
If you want to shorten internal debate and move to an informed next step, we'll run a joint IT/Security + Quality call using a simple checklist: deployment model, retention, access control, storage sizing, and reporting requirements.
Contact Us