Jump to content

Data Security Concerns Regarding Spotfire Co-Pilot


Niraj
Go to solution Solved by Ahmad Fattahi,

Recommended Posts

Dear Team,

Recently, I presented the Spotfire Co-Pilot demo to one of our oil and gas customers, and they were really impressed with the feature. However, they have raised concerns about data security, particularly since it involves exposure to OpenAI.

Do we have any documentation or references that address data security in relation to Co-Pilot.

 

Best Regards,

Niraj

 

Link to comment
Share on other sites

Niraj,

Thank you for raising bringing up your client's concerns about data security when using large language models (LLMs).

We take these concerns seriously and prioritize the protection of your data at every step. I would like to assure you that we follow strict security protocols when interacting with LLMs to mitigate any potential risks.

Here are some key measures we have in place to ensure the security and privacy of your data:

- Data Privacy: We take every precaution to ensure that sensitive data is only shared with LLMs when absolutely necessary. Any data processed is carefully managed, and we actively work to minimize the amount of data sent to the LLM.

- Secure Transmission: All data interactions with LLMs occur over encrypted channels (using HTTPS), ensuring that no unauthorized parties can access the information during transmission.

- No Data Retention: Many LLM providers, including OpenAI, have strict policies in place to ensure data is not stored after processing. We routinely review these policies with external vendors to ensure they meet these security standards. Furthermore, Copilot is LLM-agnostic, allowing you to select the LLM that best fits your data privacy requirements.

Feel free to contact us if you need any additional information. We'd be happy to provide more details and assist you further.

Regards,

Marcelo Gallardo

  • Like 3
Link to comment
Share on other sites

  • Solution

Niraj, please let us know if there are other questions in this context from your customers. We would also be happy to directly meet with the customers and address their security concerns.

Please also note that Spotfire Copilot will be each customer's own instance of the Copilot. It means that the customer will have the freedom to pick OpenAI, Azure OpenAI, Google's Gemini, Amazon Bedrock, or any other platform their security posture prefers. While Spotfire does what it reasonably can to secure all of the communication channels as Marcelo suggests, the LLM provider will have to declare their terms on their own. Most serious enterprise-grade LLM services explicitly commit to not retaining their customers' data or using the data/metadata to improve or retrain their models.

  • Like 2
Link to comment
Share on other sites

  • 2 weeks later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...