The Yabble blog

5 Data Security questions you should ask your AI provider

Written by Yabble | July 28, 2023

Change and uncertainty often go hand in hand. One of the best ways to combat uncertainty is through knowledge.  

It’s been a big year for AI and AI powered Insights with lots of advancements and lots of change. At Yabble, we pride ourselves on being an AI leader in the insights industry. This means we have an obligation to provide transparent knowledge and insight around the data security measures that are built into our AI insights solutions plus equip others with the right knowledge to feel empowered and informed when evaluating AI technology.  

Here are our top 5 data security questions you should be asking your AI provider and why they matter. 

  1. How are you able to wall off proprietary data from being used to train large language models such as OpenAI’s ChatGPT?
  2. Is your company following strong security protocols?
  3. How do you store and transfer data?
  4. Is the data used to train models just for me or do all users benefit from it?
  5. What are the security limitations of your AI model? 

1. How are you able to wall off proprietary data?

Why you should ask this: Walled Gardens are protocols ensuring your data is always protected and remains confidential. 

Yabble’s AI solutions are built with OpenAI’s large language models, this includes ChatGPT. Often new customers will ask us, how we stop their data being used to train these models or becoming public, the answer – Yabble is a Walled Garden.  

We have an enterprise agreement with OpenAI but are a wholly separate company.  We have negotiated with OpenAI to ensure that any data run through the Yabble platform is done via API. OpenAI does not use data submitted by Yabble customers via our API to train OpenAI models or improve OpenAI’s service offering. The data that is imported into Yabble is stored with Yabble not OpenAI and does not become public. So, when you use Yabble, you are getting  the benefits of OpenAI’s Large Language Models in a fully secured environment. 

"When people talk about using AI they immediately think about ChatGPT and they get worried about data sharing and data privacy.  We are a complete walled garden. So any data you put into Yabble remains private to you and it does not get used to train any of the openAI models.  You can feel safe and rest assured about using the Yabble AI tools." – Kathryn Topp, Founder and CEO Yabble 

2. Is your company following strong security protocols?

Why you should ask this: It’s important to understand the principles that drive the security standards and systems of your provider to provide reassurance that they’re keeping your data safe.   

Having strong security standards is essential to protect data, ensuring privacy and providing organizations with reassurance on the partners they work with. ISO and SOC are two of the best known and globally recognized standards which cover information security, confidentiality, availability, and integrity. They also take into account best practice across industries and help ensure robust systems that are well designed, including for the latest regulatory requirements. There is significant overlap between the frameworks, most organizations choose to work to one to offer a strong and robust approach to security. 

At Yabble we adhere to the SOC 2 framework, ensuring our security practices meet and exceed the high standards established by the American Institute of Certified Public Accountants (AICPA).  We consistently update and review our approach to incorporate best practice work with trusted partners like AWS as part of our infrastructure.  This approach demonstrates our commitment to maintaining a strong and consistent security posture. 

3. How do you store and transfer data?

Why you should ask this: It’s important to know if your files are safe and could be recovered quickly in the event of an unexpected computing crash or cyberattack and if your AI provider could avoid data loss and breaches. 

When you are using AI your data is likely to be transferred between applications via API’s.   It is important that the way your data is transferred is secure, so it can’t be hacked or hijacked.    

In addition, the way your data is stored is equally as important, it needs to be protected from security threats and outages. You also need to ensure your provider offers reasonable data deletion policies when your contract comes to an end.  

At Yabble, we employ cutting-edge encryption standards for both data at rest and data in transit to ensure maximum security for your information. Our data retention and deletion policies comply with industry standards, and we operate system backups in the event of outages. 

4. Is the data used to train models just for me or do all users benefit from it?

Why you should ask this: It’s our belief that your data is proprietary. It’s important to be aware of whether or not your AI provider plans to keep your data separate or share it with the masses. 

Did you know that many AI models, including Chat GPT, use your proprietary data to help train their language models and improve machine learning algorithms. This helps improve the accuracy of these models but can put your proprietary data unwittingly at risk/in the public domain. 

Because Yabble operates a Walled Garden approach, your data is only training the models in your organization’s Yabble environment. Our multi-tenant environment is designed with strict access controls and logical partitioning, safeguarding each client’s data while maintaining the highest levels of performance and reliability. 

5. What are the security limitations of your AI model?

Why you should ask this: You should always be aware of what personal information your AI provider has access to. The less access to personal information, the less chance for risk of mismanagement. 

Yabble’s AI technology will not currently scrub your imported data for personal information. We encourage and request any data that is uploaded into Yabble to be de-identified, thereby minimizing risks associated with handling personally identifiable information (PII) and maintaining data privacy. 

At Yabble, we have an unwavering commitment to ensure the safety, integrity, and confidentiality of your data. We prioritize security to ensure your valuable data is protected. Our comprehensive and multi-layered security measures have been meticulously implemented to provide a robust and secure environment for your information. Data peace of mind is our number one priority for our customers, especially in the rapidly evolving world of AI insights. 

 

In a world where data security threats have become all too common, it’s important to know what to look for, ask for, and expect from your AI provider. By asking these five critical data security questions, you can gain valuable insights into how they handle your data. And remember, data security is an ongoing effort, so ensure that you maintain open lines of communication and regularly assess the effectiveness of your AI provider's security measures. If you have further data security questions or concerns we’re happy to discuss our security measures anytime. Speak to one of the Yabble team today.