Data security and privacy is a primary component of hila Conversational Finance. There are several steps that we take at the application level, the platform level and the company level to safeguard our customers’ data. And, should the customer want the ultimate level of security, we can deploy entirely on-premises and air-gap our solution from the internet.
What is “air gap” and why is it significant?
Air-gapping something is a term taken from the defense industry. It’s essentially not connecting a company’s computers to the external internet. This is viewed as the “ultimate” in security, as there’s a physical barrier between the internet and the computers that house some of the most sensitive information a company (or country) has.
Conversational Finance Data Security:
Conversational Finance enables users to ask complex, natural-language queries against their systems of record. This data, be they ERP data or otherwise, is often some of the most crucial and protected data inside of the company.
We take significant steps to protect the data from any LLM. This protects the data from public models, of course, but these safeguards do not inhibit the performance of Conversational Finance, and therefore we have the same processes when the application uses an open-source model for SQL generation.
When a customer uses a public LLM, only the user question is sent, but none of the data that accompanies it. If we’re using a local LLM, then all data, including the question, remains inside of the customer’s firewall.
In addition, we do not extract data from the deployment. This includes user data, such as their questions and responses. We do train a model and add to our customer’s specific knowledge base, but this training is specific to our customer and not shared with others.
hila Platform security:
We enhance the security of Conversational Finance with the components necessary to completely self-deploy and run in an air-gapped environment. We can run Conversational Finance in a 16-core VM with 32 GB of ram. This includes all of the capabilities of the hila Platform (more information is available here).
The hila Platform also provides a simple way for administrators to assign roles and data access controls. This enables the limitation of data at the row level, which ensures that the information is not exposed to anyone inside of the company who should not see it.
Vianai Security
At Vianai, we have ISO 27001 and SOC2 certifications. These are important, independent verifications that validate that our company holds itself to the highest standards of cyber security. It also shows that our claims on data security are accurate.