Information Security and Data Privacy is the #1 prerequisite for any Huski.ai SaaS offering. Through the years, we have gone above and beyond to implement the following security architecture based on the industry standard principles of information security and data privacy, including but not limited to separation of duty, role based access control, data governance, and privacy-aware computing.
The following chart gives an overview of how these principles are implemented and how our system is secured. Let’s dive into details in the rest of the article.
Huski AI’s SaaS solutions are implemented on the AWS (Amazon Web Services) platform. AWS is a leading cloud provider which offers a range of functions, such as databases, elastic computing resources, content delivery and management systems, and microservice building blocks.
AWS puts security at the top of its priority list. The entire AWS offering is built to meet modern security requirements and it has been adopted by the most security-sensitive organizations such as Dow Jones, NASA, and US Department of State. AWS is also constantly evolving the security features such as identity management and access control, logging and monitoring, key management and encryption, networking intrusion detection, and Distributed Denial of Service (DDoS) protection.
Huski AI leverages AWS and implements the following security measures to ensure we have a reliable system against hacking and outside attacks.
Building, insights data which are derived from raw data with our AI algorithms, and the user activity data.
We adopted AWS Simple Storage Service (S3) and Aurora database, AWS Lambda, AWS Batch, and AWS EC2 and ECS (elastic computing and elastic cluster service) to do the raw data collection, cleaning, and insight driven discovery and development. The data redundancy and disaster recovery are built in with the above functions.
Our user historic activity data is stored in AWS Redshift cluster with AWS regions, availability zones, and secured connections throughout the whole internal data pipeline. The data is never touched by developers’ personal or company-provided computers and will stay in the same AWS region to compliant with certain privacy regulations, such as GDPR.
The Personal Identifiable Information (PII) is never accessed by the developers nor it is transferred outside of Huski AI’s AWS to any 3rd party. The PII is also separated from user activity history on www.huski.ai website before we do aggregated user behavior studies.
We also comply with GDPR to give our users full control of their activity data or personal information. Upon requests, we will delete all the activity trace from the users.
Our user terms and conditions can be found here.
Last but not least, we separate the developers into groups with independent access to their scopes of work only. We have a global team located in US and China. With the global presence of the company in the future, we may have additional team members in Europe or other places of the world. The AWS functionalities and the data they have access to are limited to their geolocation and their job functions.
Security and privacy are very active fields and the best practices may keep changing. Huski AI will be dedicated to make sure to keep up with the most recent advancements in the fields and provide a safe and reliable service to all of our users globally.
For questions or feedback, please reach out to us at firstname.lastname@example.org.