Peak

Security.

Our AI-powered application is built with a robust security framework to ensure the safety, integrity, and confidentiality of user data. Below is a detailed overview of the security measures implemented across various components of our application.

dnsHosting

The application is hosted on Microsoft Azure, which provides a secure and scalable environment for our services. Azure offers a multi-layered security infrastructure with features such as:

  • Network Security: Advanced network security through virtual networks, network security groups, and Azure Firewall.
  • Identity and Access Management: Azure Active Directory (Azure AD) for managing user identities and access controls.
  • Compliance: Azure adheres to a broad set of international and industry-specific compliance standards.

cloud_uploadFile Storage

Our application utilises cloud storage to store data securely. Public access to the storage is disabled, ensuring that data can only be accessed through authenticated requests. This is further enhanced by:

  • Encryption: All data at rest is encrypted using Service-Side Encryption.
  • Access Controls: Role-based access control (RBAC) and shared access signatures (SAS) for fine-grained access control.

neurologyLLMs

The application employs large language models (LLMs) for various AI functionalities without training them on user data. This minimises the risk of data leakage and ensures that user data is not inadvertently used to improve model performance. Our approach includes:

  • Isolation: LLM models operate in isolation from user data.
  • Data Anonymisation: Any interaction with LLMs is anonymised to prevent data identification.

deleteData Deletion

In compliance with data protection regulations, we ensure that all user data is completely removed from our systems if a tenant is deleted. This includes data stored in:

  • File Storage
  • Databases

The data deletion process is automated and thoroughly verified to ensure no residual data remains.

saveData Retention

Data is retained only while the tenant is active. This retention policy ensures that data is available for the duration of the service while maintaining compliance with data protection standards. Key aspects include:

  • Regular Audits: Periodic reviews to ensure compliance with data retention policies.
  • User Control: Tenants have control over their data and can request deletion or export of their data at any time.

databaseDatabase

Our application leverages MongoDB for database management, which offers comprehensive security features such as:

  • Encryption: Data encryption at rest and in transit using TLS/SSL.
  • Access Control: Fine-grained access controls and authentication mechanisms.
  • Backup and Recovery: Automated backups and robust recovery options to ensure data integrity.

databaseVector Database

For handling vector data, we use Pinecone, which provides secure and scalable vector storage. Security measures include:

  • Access Control: API keys and role-based access control to restrict access.
  • Encryption: End-to-end encryption to safeguard data.
  • Compliance: Adherence to industry standards and best practices for data protection.

lockCertificates

All web servers are secured with SSL certificates to ensure encrypted communication between clients and servers. This prevents man-in-the-middle attacks and ensures data integrity and confidentiality during transmission.

keyPasswords

We enforce strong password policies to enhance user account security. Key measures include:

  • Password Complexity: Requirements for minimum length, use of special characters, and a mix of uppercase and lowercase letters.
  • Account Lockout: Protection against brute force attacks through account lockout mechanisms.