SysAid Copilot Security System
    • 30 Sep 2024
    • PDF

    SysAid Copilot Security System

    • PDF

    Article summary

    SysAid Copilot: Building upon a Foundation of Security

    SysAid Copilot, like all SysAid products, has been built from the ground up with a strong commitment to a security-first mindset. Your data security is our top priority; we are SOC2-certified and compliant with GDPR standards.

    This document serves as an outline of the guidelines and details of our approach to building the SysAid Copilot system.

    Generative AI technologies powering SysAid Copilot

    SysAid Copilot utilizes OpenAI’s leading large-language models: GPT-4o and GPT Turbo.

    Both models are utilized as default Microsoft Azure OpenAI Services while providing the security and enterprise promise of Azure, with no usage of ChatGPT or ChatGPT Enterprise.

    You can find more details about Azure OpenAI Service data security here.

    SysAid Copilot customers have the option to choose OpenAI API as an alternative to Azure OpenAI Services; meaning access to more frequent model updates.

    Data, Privacy, and Security for Azure OpenAI Service

    Find more information here

    Data Protection

    Data Storage

    All AI-related data, including the Data Pool, is exclusively stored within the customer's SysAid database. We do not use external services for data storage.

    LLM Data Processing

    Customers’ data processing through Microsoft Azure OpenAI Services. APIs are protected with TLS encryption for secure data transmission. Additionally, there is an option for for Azure OpenAI users to select the processing region as either US or Europe.

    Data Extraction from Service Records & KB Articles

    SysAid enhances Chatbot intelligence and response quality by leveraging customers' existing Service Records, KB articles, and data sources (uploaded by the client) such as documents and links.

    To ensure privacy and confidentiality, we adopt several measures to prevent the sharing of personal or private information with other users:

    User-Focused Data Collection

    Collecting data only from fields that are accessible to end users.

    PII Removal

    Employing Microsoft Presidio - a robust data protection and anonymization toolkit hosted within the SysAid datacenter, capable of eliminating personally identifiable information (PIIs).

    Language Filtering

    Utilizing a sophisticated language model to filter out user-specific details from the text; extracting only the general knowledge.

    Authentication and Access Control

    Access Control

    Access to AI services requires SysAid application authentication, based on each customer’s access mechanism (SysAid supports different types of SSO solutions).

    Authentication

    SysAid permits customers to implement MFA solutions in accordance with their own access policies, and based on each customer's authentication mechanisms (e.g. Okta etc.).

    User Permissions

    Access Control follows SysAid user permissions, with chat access for authenticated end users and settings, Data Pool management, and monitoring restricted to SysAid administrators.

    Network and Data Center Security

    Location

    AI services are housed in AWS, the leading global Cloud Services Provider across three primary regions: US, Europe, and Asia Pacific.

    Security Details

    Amazon maintains and demonstrates SSAE-16 SOC 1, 2 and 3, ISO 27001, and FedRAMP/FISMA reports and certifications.
    Web servers and databases run on servers in secure data centers.

    Encryption

    Our built-in encryption methods are incorporated into the SysAid environment (AES-256) to protect customer data and ensure data privacy and protection for data at rest.

    Network

    We use standard secured network protocols and encryption via Secure Sockets Layer/Transport Layer Security (SSL/TLS) encrypted channels to protect customer data and ensure data privacy whenever data is in transit