A comprehensive approach to security & privacy

Your data is protected with end-to-end encryption in storage and in transit

✔ End user communication to AlphaSense servers is done via HTTPS secure web protocol and behind a user-authenticated login process

✔ All user requests are authenticated using one-way encryption against a secure database, and by named servers with specific access keys

✔ Client content is automatically encrypted using Advanced Encryption Standard (AES) 256, a secure symmetric-key encryption standard, using 256-bit encryption keys

✔ Database, search engine and system drives that store user data are directly encrypted

✔ Data is stored with scrambled names mapped to user provided names through a second secure mapping layer

✔ AlphaSense does not harvest user inputs to leverage or sell them to third parties.

✔ LLMs are never trained on customer uploaded data. We work exclusively with LLM vendors who adhere to a strict zero data retention policy.

✔ For Enterprise Intelligence customers, we do not use queries across client-uploaded content to train any models.

✔ Users do not have access to searches or prompts from other customers.

✔ Through Bedrock, we leverage LLMs through a private link, not any public endpoint.

✔ GenAI tools will not editorialize, ensuring less hallucination and higher accuracy.

✔ We have a 98% citation accuracy rate, meaning 98% of the time a result is cited correctly based on its source material.

The AlphaSense platform cannot access users’ private information, such as telephone number, birthdate, address, etc.

Frequent tests and audits maintain our safety standards over time

✔ The entire AlphaSense system is constantly monitored and any access in or out is logged for anomaly detection

✔ Web service uptime at the server level is continuously monitored for any unexpected incidents or high usage suggestive of denial of service attacks

The AlphaSense network is secured with firewalls and encryption

✔ AlphaSense servers are hosted behind a firewall with ingress and egress ports turned off, and are limited to a single HTTPS access on the server catering to user requests

✔ Subsystems are further isolated to Virtual Private Clouds without Internet access, which limits access to only specific named servers within the firewall, and via secure one-way encryption keys

✔ Customer data is physically isolated at rest through the use of dedicated storage when appropriate, and is always logically separated when being indexed and processed.

We partner with Amazon for best-in-class cloud security

✔ Amazon Web Services’ state-of-the-art infrastructure, electronic surveillance, and multi-factor access control systems provide strong protection for users’ data

✔ Amazon’s data centers are staffed 24/7 by trained security technicians, subject to strict background checks, and access is authorized strictly on a privileged basis

✔ Access to servers is protected by multi-factor authentication (MFA) protocols, and user access control is managed by Identity Access Management tools, via secure communication sessions over SSL/TLS