Data Security & Privacy
We are committed to keeping your data secure.
In today's fast-paced digital world, safeguarding confidential data has become an essential consideration for companies. The protection of sensitive data from unauthorized access, theft, or damage is crucial to avoid consequences such as loss of customer trust, brand damage, regulatory non-compliance, and financial repercussions. Ensuring data security and privacy is not only essential but also a critical component of modern business operations, including our own.
Secure Infrastructure Provider
PI.EXCHANGE’s production environment runs on Amazon Web Services (AWS). AWS upholds the highest security standards. All data is hosted in a secure AWS facility that is SOC 2, ISO 27001, ISO 27017, ISO 27701, CSA compliant.
Data Encryption in Transit and at Rest
Data is encrypted in transit (TLS) and at rest provided by the AWS S3 Server Side Encryption (S3-SSE). To process data it is securely accessed with a secure connection using TLS v3 encryption.
Data and Trained Model Access
In the PI.EXCHANGE hosted AI & Analytics Engine, no data provided by the user is copied or transmitted for any purpose other than preparing data, training models, generating predictions based on a trained model, or as otherwise required to support the user or via an Advanced AI Services engagement.
Trained models, input data, and predictive outputs are only accessible to the customer, with a small amount of metadata used for product enhancements. No data about the model is shared or used outside of this purpose.
All access to the platform is authenticated. To authenticate users use a signed and encrypted access token that is obtained after entering an 8-character (or more) password that consists of at least one: number, lowercase letter, uppercase letter, and special character then verifying their email.
The AI & Analytics Engine uses a Role-Based Access Control (RBAC) model for managing data and related assets within the product at 2 levels: organization and project level. A user’s data, projects, and models are segregated from other accounts and users as defined by the RBAC system.
Server Security and Monitoring
The AI & Analytics Engine is deployed in a secure and access-controlled multi-tenant environment only accessible via secured portals and APIs. This includes the API for the SDK and prediction API of the deployed models. We apply a Zero Trust Security model in our approach to the design and implementation of systems.
Deployment On-premise or Private Cloud for Enterprise
We do not store and transfer data outside of the client's chosen environment. If it is an on-premise deployment data is encrypted in transit and at rest provided by the MinIO Server Side Encryption. If it is a private cloud deployment we utilize the client's S3-compatible services.
Logs and Monitoring
PI.EXCHANGE understands that data is an organization’s most strategic and vital asset. As such, the security and privacy of data are our highest priorities. Changes to PI.EXCHANGE’s infrastructure is tracked and where there is a security impact is reported to clients.
Within the AI & Analytics Engine, all actions performed are accessible via logs. This means there is traceability of any user activity. These logs are only exposed to the user with appropriate permissions so internal audits can be performed.
System Availability and Resilience
The AI & Analytics Engine system is architected and configured to achieve High Available, Fault Tolerance, and for Disaster Recovery requirements. PI.EXCHANGE employs AWS Elastic Load Rebalancing to distribute incoming application traffic across multiple targets, increasing the availability of the application and safeguarding the Engine from various forms of DDoS attacks.
Internal Policies and Best Practices
PI.EXCHANGE ensures security, privacy integrity, and compliance via a Zero Trust and Zero Tolerance model. We follow a well-defined suite of Information Security Policies & Standards that guide the design, development, and operations of the product and services.
The AI & Analytics Engine is built with a security-by-design approach adhering to OWASP S-SDLC best practices. We employ state-of-the-art protection measures including, but not limited to, privilege account management, centrally managed endpoint protection, intrusion prevention system, and firewalls at different layers and segments of our infrastructure.
Collection and Use of Information
Use machine learning to solve your biggest problems with peace of mind.
We follow a strict Zero Trust & Zero Tolerance model.
The Engine is configured for High Available, Fault Tolerance, and Disaster Recovery requirements.
The Engine runs on Amazon Web Services (AWS). AWS upholds the highest security standards.
Data is encrypted in transit and at rest provided by AWS S3 Server Side Encryption (S3-SSE).
The Engine can be deployed flexibly to meet your security requirments.
Data-driven teams can unite to build value with data affordably and efficiently with a single end-to-end platform.
Experience how quickly predictive analytics and streamlined data analysis can build a better understanding of customers and efficiency in sales cycles.
Spend time on developing core IP, rather than data preparation and algorithm selection.