Why should your company be comfortable with using Masset’s AI?
- 1st-Party Infrastructure: Your data remains secure within our AWS and Google-powered infrastructure. We don't transfer your data to 3rd party services outside of our own infrastructure; everything is managed internally to minimize exposure risks. Both providers are bound to honor the privacy of Masset data as defined in their Privacy Policies and EULAs.
- Privacy Controls: Our AI respects your existing privacy controls. If a user lacks access to a specific file, the AI won't be provided the permissioned information, ensuring that sensitive information is protected.
- Sourced and Cited: Masset AI is required to cite and source its answers so you always know where it is getting its answers.
- No Training: Masset does not use your data to train its AI. You can rest assured that your data is not being baked into models.
- SSO Integration: We support Single Sign-On (SSO) for streamlined and secure access management, reducing the risk of unauthorized access.
- SOC 2 Certification (Coming Soon): We adhere to SOC 2 standards, ensuring stringent security and privacy practices to safeguard your data.
- Transparent Sub-Processor List: We maintain a clear and accessible list of our sub-processors, promoting transparency and accountability in our operations.
- Data Encryption: Both data at rest and in transit are encrypted to protect against unauthorized access, preserving confidentiality and integrity.
- Access Controls: Role-based access controls (RBAC) manage user permissions and restrict access to sensitive data and AI models, preventing unauthorized access and potential breaches.
- Audit Logs: We maintain detailed logs of key AI activities and user interactions for transparency and accountability, enabling traceability and ensuring compliance.
- Regular Security Assessments: We conduct periodic security assessments, including vulnerability scanning and penetration testing, to proactively identify and address potential risks, safeguarding your data and systems.
- Incident Response Plan: We have a well-defined incident response plan in place to quickly and effectively address any security breaches or incidents, minimizing potential damage and ensuring business continuity.
- Employee Training: We provide regular security awareness training to employees to educate them about best practices and potential threats, fostering a security-conscious culture and reducing the risk of human error.
- Data Anonymization and Masking: We ensure that personal identifiable information (PII) is anonymized or masked when processed by AI, which is especially critical for compliance with regulations like GDPR or CCPA and protects user privacy.
- Compliance with Data Sovereignty Laws: Masset handles data sovereignty responsibly, ensuring that data storage and processing align with local laws and regulations based on geographical location, upholding legal requirements and data privacy standards.
- AI Model Explainability: We implement mechanisms for AI explainability or transparency to help users understand AI decisions, especially in industries where explainable AI is critical (e.g., healthcare, finance), fostering trust and accountability.
- Automated Threat Detection: We utilize threat detection systems to proactively identify suspicious activities or potential data breaches within the infrastructure, enhancing security and enabling rapid response to threats.
- Backup and Disaster Recovery Plans: We prioritize business continuity by maintaining a secure, reliable backup system and disaster recovery strategy to ensure data availability and minimize downtime in case of emergencies.
Third-Party Audits: We incorporate regular third-party security audits or certifications to provide an extra layer of trust and validation for customers concerned with security, demonstrating our commitment to maintaining high security standards.