Atlan AI security

Updated September 07, 2023 15:52

🧪 Preview feature! This feature is only available to select users for a limited period of time. The purpose of this closed preview is to allow participating users to experiment with the feature and provide valuable feedback. Once released in its final generally-available form, Atlan AI will be a paid addition to your Atlan suite. If you'd like to participate in the closed preview, reach out to your customer success manager for more information.

💪 Did you know? Atlan uses Azure OpenAI Service to power Atlan AI. Atlan does not send any data to the AI service and only uses metadata for supported capabilities. For questions about data security, see below.

Learn more about how Atlan AI processes and stores your data:

What services does Atlan AI use?

Atlan uses Azure OpenAI Service to power Atlan AI.

What data does Atlan send to the AI service?

Atlan does not send any data to the AI service. Atlan only sends metadata for supported capabilities.

For example:

Atlan AI-suggested asset descriptions — table, view, column, database, or schema name.
Atlan AI-suggested questions and answers — table name and description, column name and description, and connector type.
Atlan AI-suggested lineage explanations — SQL transformations in lineage with upstream and downstream asset names.

Does Atlan use any metadata or data to train Atlan AI?

No, Atlan does not use your metadata or data for fine-tuning or training AI models.

Is the data processed through Atlan AI encrypted?

Yes, the data is encrypted in transit using TLS 1.2, AWS PrivateLink, or Azure virtual network peering. Atlan uses 256-bit Advanced Encryption Standard (AES-256) algorithm to encrypt data at rest.

How does Atlan ensure security development of Atlan AI?

Atlan AI follows OWASP Top 10 that includes application security reviews and Static Application Security Testing (SAST) tools.

Does Atlan AI comply with any governance or legal frameworks?

While Atlan is HIPAA and GDPR compliant, Atlan AI is currently not. As Atlan AI progresses from beta to production stage, compliance will be our key focus.

Does Atlan AI process PII or other sensitive data?

Atlan AI only processes user input and metadata, which typically do not contain PII or sensitive data. However, it is the organization's responsibility to ensure that PII or other sensitive data is not available in the metadata or shared via user input.

What is the data retention policy for Atlan AI?

Atlan does not store any data for Atlan AI.

How does Atlan manage security vulnerabilities for Atlan AI?

Vulnerabilities and incidents are managed in accordance with the existing program and policy.

How does Atlan manage the performance and scale for Atlan AI?

We utilize the scalability of our existing cloud infrastructure while relying on Azure OpenAI.

Atlan AI security

What services does Atlan AI use?

What data does Atlan send to the AI service?

Does Atlan use any metadata or data to train Atlan AI?

Is the data processed through Atlan AI encrypted?

How does Atlan ensure security development of Atlan AI?

Does Atlan AI comply with any governance or legal frameworks?

Does Atlan AI process PII or other sensitive data?

What is the data retention policy for Atlan AI?

How does Atlan manage security vulnerabilities for Atlan AI?

How does Atlan manage the performance and scale for Atlan AI?

Related articles

Get in touch

Related articles

How to use Atlan AI for documentation

How to use Atlan AI for data exploration

How to use Atlan AI for lineage analysis