SysAid Copilot: Building upon a Foundation of Security

SysAid Copilot, like all SysAid products, has been built from the ground up with a strong commitment to a security-first mindset. Your data security is our top priority; we are SOC2 certified and compliant with GDPR standards.

This document serves as a comprehensive guide and outlines the details of our approach to building the SysAid Copilot system.

Generative AI Technologies powering SysAid Copilot

SysAid Copilot utilizes OpenAI’s leading Large-Language-Models: GPT -3.5 Turbo and GPT -4 Turbo.

Both Models are utilized as default Microsoft Azure OpenAI API, with no usage of ChatGPT or ChatGPT Enterprise. You can find more details about Azure OpenAI Service data security here.

Data, Privacy, and Security for Micorosft Azure OpenAI Service

Find more information here

Data Protection

• Data Storage
  All AI-related data, including the data pool, is exclusively stored within the customer's SysAid database. We do not use external services for data storage
  

• LLM Data Processing
  Customers data processing through Microsoft Azure OpenAI Services. APIs are protected with TLS encryption for secure data transmission. Additionally, there is an option for for Azure OpenAI users to select the processing region as either US or Europe

Data Extraction from Service Records & KB Articles

SysAid enhances Chatbot intelligence and response quality by leveraging customers' existing Service Records, KB articles, and data sources (uploaded by the client) such as documents and links.

To ensure privacy and confidentiality, we adopt several measures to prevent the sharing of personal or private information with other users:

• User-Focused Data Collection
  Collecting data only from fields that are accessible to end users
  

• PII Removal
  Employing Microsoft Presidio, a robust data protection and anonymization toolkit hosted within the SysAid datacenter, capable of eliminating personally identifiable information (PIIs)
  

• Language Filtering
  Utilizing a sophisticated language model to filter out user-specific details from the text, extracting only the general knowledge.

Authentication and Access Control

• Access Control
  Access to AI services requires SysAid application authentication, based on each customer’s access mechanism (SysAid supports different types of SSO solutions)
  

• Authentication
  SysAid permits customers to implement MFA solutions in accordance with their own access policies, and based on each customer's authentication mechanisms (e.g. Okta etc.)
  

• User Permissions
  Access Control follows SysAid user permissions, with chat access for authenticated end users and settings, Data Pool management, and monitoring restricted to SysAid administrators

Network and Data Center Security

• Location
  AI services are housed in AWS, the leading global Cloud Services Provider across three primary regions: US, Europe, and Asia Pacific
  

• Security Details: Amazon maintains and demonstrates SSAE-16 SOC 1, 2 and 3, ISO 27001, and FedRAMP/FISMA reports and certifications.
  Web servers and databases run on servers in secure data centers
  

• Encryption
  Our built-in encryption methods are incorporated into the SysAid environment (AES-256) to protect customer data and ensure data privacy and protection for data at rest
  

• Network
  We use standard secured network protocols and encryption via Secure Sockets Layer/Transport Layer Security (SSL/TLS) encrypted channels to protect customer data and ensure data privacy whenever data is in transit