Kumo AI Wins 2024 A.I. Award for Most Innovative AI Technology Learn more

03/07/2023

Kumo AI Cloud: A Secure and Reliable Platform

Arunkumar EliJure Leskovec

Kumo AI Cloud

Kumo.ai enables users across the enterprise to rapidly develop, evaluate and deploy state-of-the-art predictions in production in hours instead of months. 

Regardless of ML experience, developers/analysts can directly leverage predictions out of the box for use cases such as customer acquisition and retention, cross-sell, personalization, app notification timing, content personalization, next-best action, entity resolution, and more. Advanced ML practitioners can dig under the hood to deeply customize problem setup and modeling based on their domain knowledge, as well as extract high-quality vector embeddings for use in downstream applications.

The Kumo platform automates all the significant steps in a typical ML pipeline, such as target label engineering, feature engineering, model architecture, hyperparameter search, and model deployment. All of this is done through a declarative interface for defining Predictive Queries that is optimized for Graph Neural Network (GNN) specific approaches. The platform, which includes graphical UI, REST API, and Python SDK interfaces, is available as a managed SaaS offering with no hardware or software to install, configure, or manage.

Security: Our Top Priority

Kumo AI Cloud provides a reliable and high-performance platform for running ML workloads, ensuring that the applications are always operational when needed to meet the committed SLA.

  1. Data Encryption: All data within Kumo AI Cloud is encrypted at rest and in transit using industry-standard encryption algorithms.
  2. Identity and Access Management: Our robust system allows us to control access to the resources with support for role-based access control, multi-factor authentication, and single sign-on.
  3. Compliance and Certifications: Kumo AI Cloud complies with major industry regulations and standards, including SOC 2 Type 2 and the NIST Cybersecurity Framework. We continuously pursue security certifications and third-party audits.
  4. Continuous Monitoring and Incident Response: Our security team constantly monitors our infrastructure for potential threats, using advanced tools and techniques to detect and respond to incidents.

Reliability – Ensuring Business Continuity

Kumo AI Cloud provides a reliable and high-performance platform for your AI workloads, ensuring that your applications are always operational when needed.

  1. High Availability: Our platform features a highly available architecture with redundant components and automatic failover mechanisms to minimize downtime.
  2. Scalability: Kumo AI Cloud is highly elastic and scales with your business, allowing us to scale resources as your needs change easily. Our platform supports both vertical and horizontal scaling.
  3. Disaster Recovery and Backup: We have built-in disaster recovery and backup solutions to ensure quick data restoration in case of system failure or data loss.
  4. Enterprise SLA: Our service level agreement (SLA) is designed to ensure the highest uptime for the AI workloads, demonstrating our commitment to maintaining a reliable and consistent platform for your enterprise needs.

Achieving SOC 2 Compliance: What it means for Kumo and our Customers

Achieving SOC 2 compliance is a significant accomplishment for any digital company. At Kumo, we take data security and compliance seriously, proudly announcing our recent SOC 2 Type II certification. This attestation confirms that we have met the rigorous standards set by the American Institute of Certified Public Accountants (AICPA), demonstrating our unwavering commitment to security and compliance.

What is SOC 2 and Why It’s Important

SOC 2 (Service Organization Control Type 2) is an audit that assesses the security, availability, processing integrity, confidentiality, and privacy of a company’s systems and processes. In simpler words, SOC 2 is a certification that a company can obtain to prove that they take the security and privacy of their customers’ data seriously. This helps to reduce the risk of data breaches or other incidents that could negatively impact your customers’ trust in your brand or business.

As a SaaS company, we’ve always believed that protecting our customer’s data should be our top priority. Hence, our journey toward achieving SOC2 compliance began with our commitment to providing our customers with the highest level of security. We recognized that SOC2 compliance is the gold standard in security compliance, and we wanted to ensure that our customers had confidence and trust in our security measures.

Our Journey to SOC 2 Compliance: Lessons Learned and Key Takeaways

Obtaining SOC 2 compliance was a challenging but worthwhile process. It involves providing detailed information about security controls and undergoing an independent audit that examines information security policies, procedures, and practices, as well as the controls in place to protect customer data. The SOC 2 certification process provided us with an independent review of our architecture and processes, giving us confidence in our ability to provide a reliable service to our customers.

Over the course of achieving SOC 2 compliance, we’ve made considerable improvements to our architecture and processes, including the following:

  • A clear segregation of environments and roles to adhere to principles of least privilege and RBAC controls
  • Enhanced data protection in object storage and data processing systems, including encryption at rest and in transit as well as fine-grained access control policies to limit access to storage buckets and objects
  • Best practices for container security. For container creation, we applied best practices around using minimal base images, removing unnecessary packages, and keeping images up-to-date with security patches. For a secure registry, we leveraged vulnerability scanning and automated notifications for vulnerable images. 
  • Infrastructure-as-code and GitOps with infrastructure management tools and continuous deployment. This allowed us to manage application deployment and configuration through Git repositories, automating our deployment process and providing an audit trail of changes.
  • Enhanced monitoring and auditing capabilities – including cloud-native logging service monitoring all API activity, providing a comprehensive audit trail of all actions on the environment, as well as setting up observability around our container orchestration clusters to enable us to quickly and effectively detect and respond to any security incidents

Enhancing our platform security and the availability of our data and services is a continuous journey in which we are constantly learning and finding new ways of hardening our systems. 

Try Kumo AI Cloud Today

Kumo AI Cloud is built with security and reliability at its core, providing a trusted platform for businesses to harness the power of AI. By choosing Kumo AI Cloud, you can be confident that you are using a secure, reliable, and high-performance platform designed to meet the needs of today’s AI-driven businesses. Experience the difference with Kumo AI Cloud – request a demo or sign up for a free trial today at Request access to Kumo.