Security at Valohai
Valohai is an ML platform built for enterprises with privacy and security as driving principles.
Valohai will keep your data, workloads and models secured and private in your cloud or on-prem environment.
Data SecurityValohai encrypts sensitive data at rest and in transit for all of our customers. We use tools like Amazon Web Service’s Key Management System (KMS) to manage encryption keys.
- ▪ Production data segmented.
- ▪ Sensitive data is encrypted at rest and transit.
- ▪ Valohai requests permission to access source code but it's never stored.
Infrastructure SecurityValohai uses Amazon Web Services to host our application. We make full use of the security products embedded within the AWS ecosystem, including KMS and GuardDuty.
- ▪ Continuous monitoring Valohai's network and detection of security breaches.
- ▪ Remote access MFA and encryption enforced.
- ▪ Infrastructure performance monitored.
- ▪ Penetration testing performed annually.
Application SecurityValohai regularly engages some of the industry’s best application security experts for third-party penetration tests. Our penetration testers evaluate the source code, running application, and the deployed environment.
Sleep Easy When Data Security and Access Is ManagedWith Valohai, you can build organization, team and project-level access controls for compute resources and data. On top of that, Valohai never directly accesses your data so you’ll be in total control.
SOC 2 - Type 2Valohai is in the process of acquiring a SOC 2 certification. Compliance with SOC2 Type 2 has already been achieved and we are currently ongoing the audit observation period with an auditor. The certification and report will be available upon request starting late September.
EmployeesEmployees are trained to treat customer data with care.
- ▪ Annual security awareness training.
- ▪ Permission is granted on a principle of least privilege.
- ▪ Using secure passwords and a password manager.
- ▪ Using MFA on all devices.