Cloud Security Overview
- AlphaSense servers are hosted behind a firewall
- with ingress and egress ports turned off, and are limited to a single HTTPS access on the server catering to user requests
- Subsystems are further isolated to Virtual Private Clouds
- without Internet access, which limits access to only specific named servers within the firewall, and via secure one-way encryption keys
- Customer data is isolated physically at rest
- through dedicated buckets (S3) for storing customers content and also isolated logically when being indexed and processed
- AlphaSense encrypts customers' content
- at rest and in-transit
We partner with Amazon for best-in-class cloud security
✔ Amazon Web Services’ state-of-the-art infrastructure, electronic surveillance, and multi-factor access control systems provide strong protection for users’ data
✔ Amazon’s data centers are staffed 24/7 by trained security technicians, subject to strict background checks, and access is authorized strictly on a privileged basis
✔ Access to servers is protected by multi-factor authentication (MFA) protocols, and user access control is managed by Identity Access Management tools, via secure communication sessions over SSL/TLS
Clients have full control over the data you upload into the AI platform.
✔ Bring Your Own Key (BYOK) and Bring Your Own Bucket (BYOB) support is available for organizations requiring full control over their encryption keys.
✔ Use customer-managed keys to generate and decrypt the data keys using a key policy.
✔ Generate, manage, and revoke encryption keys as needed, providing an additional layer of security and control over your data.
Enterprise Intelligence clients in the European Union can opt to have uploaded/integrated content stored at rest and processed within our designated EU SaaS infrastructure.
Key benefits of EU data residency:
✔ Content uploaded into AlphaSense (and metadata) will be stored at rest within our EU-based data centers.
✔ Data processing activities like indexing and tagging will also occur within the EU.
✔ Content is stored within the European Union by an AWS instance based in Germany.
✔ Bring Your Own Key (BYOK) encryption capabilities and static storage buckets are also available.
✔ Strict access controls, not using your data for AI model training, comprehensive data protection practices, and a GDPR-compliant Data Processing Addendum (DPA) remain in full effect.
Frequently Asked Questions
When EU Data Residency is enabled, your enterprise content uploaded into the AlphaSense Platform and also the metadata that is generated on top of the uploaded content such as user annotations, dashboards, etc will be stored at rest within our EU-based data centers. This ensures that the core data you generate and interact with on the AlphaSense platform remains within the EU.
Cloud infrastructure
AlphaSense is hosted on Amazon Web Services (AWS). Customer data is stored in AWS regions us-east-1 (Northern Virginia) and us-west-1 (Northern California) by default. Customers requiring EU data residency may opt into the EU regional hosting option, where customer data is stored in eu-central-1 (Frankfurt).
Data protection
Yes, for eligible customers. AlphaSense supports Customer-Managed Keys (BYOK) for customers with specific key management requirements. Under BYOK, the customer's encryption keys are used to encrypt customer-specific data within dedicated, isolated storage. Customers should discuss BYOK eligibility and configuration with their AlphaSense account team.
Data residency and privacy
AlphaSense offers an EU regional hosting option for customers with EU data residency requirements. Under EU regional hosting, customer data at rest is stored in the EU (eu-central-1, Frankfurt). Certain operational processing (e.g., authentication) may be routed through US infrastructure; specific architectural details and the routing model are available under NDA.
