Финалист в номинации «Рост выручки»Подробнее
How do we ensure your data is secure?
Security Schema
Baseline Security Icon

1. Baseline security

HTTPS encryption of all external web traffic

OpenID Connect for API authentication

SIP (TLS) and RTP (SRTP) traffic encryption

State of the art Kubernetes deploys:

  • RBAC for API authorization for all clusters

  • HTTPS encrypted endpoints for Kubelets

  • Pod security policies

  • Networking policies

  • Restricted access to etcd

  • Audit logging

  • Infrastructure credentials rotation

Telephone numbers encryption Icon

2. Telephone numbers encryption

Telephone numbers are encrypted in the customer’s cloud and CSV call lists are generated with the encrypted data.

When Dasha places the call through the customer’s telephony, the hashed value is decrypted into a phone number.

Benefits:

  • It’s not personal data without phone numbers

  • A leak of employee phone numbers is a physical impossibility

A VPN tunnel for voice communications Icon

3. A VPN tunnel for voice communications

We open a protected communication channel which is invisible to TCP/IP protocol.

Benefits:

  • An outside observer will not be able to fabricate data or eavesdrop on communications

  • Data is incorruptible in transit

Requirements:

  • Will require both parties working together to ensure proper set up

Azure Data Encryption - at - rest Icon

4. Azure Data Encryption - at - rest

We use this service to encrypt physical hard drives at Azure instances

Benefits:

  • Even if the physical server is compromised, the data is safe

Same physical datacenter Icon

5. Same physical datacenter

We work with our Azure account managers to get the Dasha instance set up in the same room of the same physical datacenter with our customer’s instance. We then open up an encrypted VPN communication channel between the two.

Benefits:

  • We avoid the open Internet, lowering the likelihood of malevolent outside actions, data loss or data corruption by an astronomical margin

Requirements:

  • May be a lengthy process to coordinate

Leverage:

  • Our Azure partners are already working with us to ensure the quickest timeframes

Collected data encryption Icon

6. Collected data encryption

We can use asymmetric encryption (RSA) to encrypt the results of the conversation. The customer owns the private key used to decrypt the data and provides the public encryption key to Dasha.

While the AI is on the phone with the employee, each reply is encrypted using the public key and recorded in the Dasha Database as the encrypted value. The customer can decrypt the conversations on their servers

Benefits:

  • Full hands-off the data approach on behalf of team Dasha

  • Avoids any potential data leak

Cons:

  • Dasha team will not be able to train the model to improve performance

  • Slower processing speeds for new records and time to decrypt them on the server

No access to recordings and transcripts Icon

7. No access to recordings and transcripts

We can avoid storing recordings and transcripts on Dasha servers by pushing them directly to the customer’s Azure instances.

Benefits:

  • Full hands-off data approach on behalf of Dasha

  • Avoids potential data leaks

  • Only the customer has access to their data