10/22/2024 (released)
01/28/2025 (updated)
As AI capabilities continue to expand within our software, data privacy and security remain our top priorities. This article provides a detailed overview of the AI features integrated into our platform, including how customer data is handled and protected. We outline each feature's security practices, risk assessments, and the measures we’ve implemented to ensure compliance with industry standards. By being transparent about our data practices, we aim to help users make informed decisions when utilizing AI features in their workflows.
AI Features Overview
ℹ️ Note - iDashboards/TruOI has an AI Server which is used as a proxy for ALL AI features below. There is never any data sent or received, directly, between the customer and OpenAI. All data uses TLS (SSL) encryption to ensure secure data transmission for all server communications. |
Enablement of AI Features
ℹ️ Note - iDashboards/TruOI includes a set of licensing options that allow for the enabling, disabling, and configuration of specific features, including those related to Artificial Intelligence (AI). If all AI-related license properties are disabled, the software will operate without any AI functionality. In such cases, no AI components are present or utilized, and therefore, the associated security considerations, risks, and policies specific to AI do not apply to that installation. This flexible configuration ensures that organizations retain full control over the activation of AI features based on their operational needs and security requirements.
However, if the software license enables the use of AI features, the features may still be accessible, even if the application administrator prefers to avoid using them. In this scenario, please contact us immediately, and we will gladly assist in updating your licensing to remove any AI features as needed. |
1. AI Help
- Release Version: v12.5 (09/07/2023)
- Provider: Mendable (3rd party)
- Data Usage: Uses only data from iDashboards/TruOI. Customer-submitted questions are not stored or used as AI training data.
- Security: TLS (SSL) encryption secures data transmission between the end user and the third-party service.
-
Risk Assessment:
- 🟢 Very Low – Especially when product-related questions do not include sensitive information.
2. AI Command
- Release Version: v12.6 (11/30/2023)
- Provider: OpenAI (3rd party)
- Data Usage: Customer-submitted voice or text are not stored or used as AI training data.
- Security: TLS (SSL) encryption secures data transmission between the end user and the third-party service.
-
Risk Assessment:
- 🟢 Very Low – Especially when considering AI Command is used for product navigation and data questions -product-related questions do not include sensitive information.
3. AI Insights
- Release Version: v12.8 (04/16/2024)
- Provider: OpenAI (3rd party)
- Data Usage: Chart data is sent to OpenAI for analysis. Dashboard and Chart thumbnails (screenshots) are sent to OpenAI for analysis. Customer-submitted data is not stored or used as AI training data.
- Security: TLS (SSL) encryption secures data transmission between the end user and the third-party service.
-
Risk Assessment:
- 🟠 Medium – Consider which charts should be used for analysis because the data will be exposed to OpenAI.
4. AI Generate
- Release Version: v12.9 (06/06/2024)
- Provider: OpenAI (3rd party)
- Data Usage: Uses data only from iDashboards/TruOI. Customer-submitted questions are not stored or used as AI training data.
- Security: TLS (SSL) encryption secures data transmission between the end user and the third-party service.
-
Risk Assessment:
- 🟡 Low – Caution advised for potential exposure if sensitive data is included in questions.
5. AI Tasks
- Release Version: v12.12 (12/04/2024)
- Provider: OpenAI (3rd party)
- Data Usage: Data is sent to OpenAI for analysis. Customer-submitted data is not stored or used as AI training data.
- Security: TLS (SSL) encryption secures data transmission between the end user and the third-party service.
-
Risk Assessment:
- 🟠 Medium – Consider which data should be used for analysis because the data will be exposed to OpenAI.
AI Feature Comparison Table
AI Help | AI Command | AI Insights | AI Generate | AI Tasks | |
3rd party server integration | ✅ | ✅ | ✅ | ✅ | ✅ |
Establishes a Data Source (Customer data) |
❌ | ❌ | ❌ | ❌ | ❌ |
Establishes a Data Source (iDashboards and TruOI data) |
✅ | ❌ | ❌ | ❌ | ❌ |
Ingestion (embedded and stored) | ✅Only iDashboards and TruOI content | ❌ | ❌ | ❌ | ❌ |
Embeddings | ✅(OpenAI) | ✅ (OpenAI) | ❌ | ❌ | ❌ |
3rd Party Security References
-
Mendable
- Website: Mendable Security
-
Key Highlights:
- TLS 1.2 or higher encryption used for all data transmissions
- SOC 2 Type II Certified
- Regular penetration testing and vulnerability scanning
- SSO requirements enforced
-
OpenAI
- Websites: Security Overview, Enterprise Privacy, Trust Center
-
Key Highlights:
- TLS 1.2 or higher encryption for data transmission
- Data encryption at rest with AES-256
- SOC 2 and SOC 3 compliance
- Role-based access controls
- Regular penetration testing and vulnerability scanning
- SSO requirements enforced
-
Data Handling:
- Data used is stored by the database provider but is not used to train OpenAI's models.
- Data may be retained for up to 30 days for moderation, after which it is deleted.
- OpenAI does not own inputs/outputs and does not use customer data for training (where legally allowed).
- iDashboards/TruOI data is subject to a 1-day retention period.
Important Notes on Data Handling
- The AI features mentioned prioritize data security by encrypting transmissions and utilizing limited data scopes. The use of trusted third-party providers such as Mendable and OpenAI ensures compliance with industry standards for data protection.
- The risk assessments provided indicate the potential exposure levels. Avoid including sensitive information in queries where possible to minimize risks.
Comments
0 comments
Article is closed for comments.