Data Security Overview

Digital Exhaust’s Machine Learning (ML) services run locally or in the cloud. Services are currently running in Google Cloud Platform (GCP) with Microsoft Azure and Amazon Web Services (AWS) runtime environments, delivering industry-leading security, privacy, operation monitoring, and compliance.

We offer three broad deployment constructs:

  1. Run all services in Digital Exhaust’s cloud environment.
  2. Run all services in the Client’s cloud environment.
  3. Run test services in Digital Exhaust’s cloud environment, then deploy in the Client’s cloud environment.

    All three constructs require some degree of custom threat documentation. Digital Exhaust’s threat document template is ten pages, which can reach 12-15 pages once the threat analysis is complete. This template is specifically designed for SOC-2 compliance audits and is typically sufficient for client needs.

    Cloud Security

    If data is transported to use cloud services, the following security measures need to be considered:

    • Cloud services generally are compliant at rest. Here is a link to the GCP compliance documentation.
    • Depending on sources and uses, Digital Exhaust will provide threat documentation for transporting and using the data.
    • Digital Exhaust does not have security compliance certification, but have plans to attain certification as it makes sense.

    Local Security

    Digital Exhaust is developing a push deploy solution that allows:

    • Local pipeline configuration and tests
    • Deploy to the client’s platform

    With this solution, we focus the threat documentation around the deployment, proving that outside parties never see the data. There are no copies or threats from data in transition. This solution depends on setting up IAM roles and infrastructure that allow us to safely deploy systems into a client’s infrastructure without exposing Digital Exhaust’s intellectual property or the client’s data.

    Hybrid Security

    Digital Exhaust can also deploy a hybrid approach:

    • Sample data for testing
    • Scrub the data of Personally Identifiable Information
    • Provide threat documents for the data under test

    Long-term solutions can be deployed inside the client’s infrastructure.