Data Security
Data protections as a priority
Secure your data
Ensuring data security is Keylabs number one priority. In order to maintain compliance with industry standards and regulations, Keylabs regularly reviews and updates all data processes.
We are committed to ensuring that our clients can rely on Keylabs to power their most critical projects. With robust access controls and managed, standardized, tested, and externally audited platforms, even the most demanding customers can be satisfied with our services.
To maintain customer trust, Keylabs is committed to the following actions:
Security Experts
Keylabs has hired world-class security experts to ensure its security.
Industry Standards
Maintaining a current understanding of security industry standards and best practices.
Threat Protection
Protecting against security threats.
Data encryption
Keylabs platform allows customers to upload data using UI, CLI, or Python SDK, which can be used for training, versioning, and deployment of models.
The ability to access information offline
Keylabs offers a fully on-premise solution for enterprises without internet access. Depending on customers needs, the software can be deployed in the cloud or on customers own hardware.
Keylabs supports on-premise data integrations with AWS, GCP, and more
Data remains on-premises when Keylabs is used. The result is a greater degree of control and privacy since sensitive information is not disclosed to third parties. With Keylabs, customers can connect to any data source and collaborate with multiple people in real time to create the most accurate annotations. It is also possible to whitelist IP addresses, which provides additional protection for customers' datasets.
Security certificates
The Keylabs cloud platform's infrastructure and operations have been certified to meet the following industry best practices:
Data Security FAQ
Keylabs has provided a list of frequently asked questions and information about data handling on the annotation platform, as well as information security measures across the platform.
Securing an organization
Keylabs' policy is to maintain an Information Security Program throughout the company. Based on the SOC 2 Framework, our Information Security Program meets company requirements. SOC 2 is an information security auditing process developed by the American Institute of Certified Public Accountants.
To ensure Keylabs' security and compliance, we undergo independent third-party assessments.
Penetration testing by third parties
In order to ensure that Keylabs security posture is not compromised, we perform an independent third-party black box and gray box penetration tests at least once a year.
In order to protect Keylabs customers' data, we have clearly defined and documented roles and responsibilities. Security policies must be reviewed and accepted by all members of our team.
Each member of Keylabs team is required to attend employee security awareness training covering industry standard practices and topics related to information security, such as phishing and password management.
On their first day of work, each member of the Keylabs team is required to sign and adhere to an industry-standard confidentiality agreement.
Verification of background information
All new team members are subject to a background check in accordance with local laws.
Protecting the cloud
We host all of our services on Amazon Web Services (AWS). Multiple certifications are part of their robust security program. If you would like more information about the security processes of our providers, please visit AWS Security.
Rest-based encryption
The data stored in all databases is encrypted at rest.
In transit, our applications utilize only TLS/SSL encryption.
Keylabs security team performs vulnerability scanning and actively monitors for threats.
Various cloud services are actively monitored and logged.
In the case of a hardware failure, Keylabs uses the backup services provided by our data hosting provider to minimize the risk of data loss.
When a failure affects users, we utilize monitoring services to alert the team.
Information security events are handled in accordance with procedures that include escalation procedures, rapid mitigation, and communication.
Security of access to information
A limited number of authorized employees are granted access to cloud infrastructure and other sensitive tools.
To protect access to cloud services, we use Single Sign-On (SSO), two-factor authentication (2FA) and strong password policies.
When it comes to managing identity and access, we adhere to the principle of least privilege.
All team members with access to sensitive systems undergo quarterly access reviews.
It is mandatory for all team members to adhere to a minimum set of password requirements and complexity.
To manage and maintain password complexity, all laptops issued by the company are equipped with a password manager.
Managing vendors and risks
In order to identify any potential threats, including the possibility of fraud, Keylabs conducts risk assessments at least annually.
Prior to authorizing a new vendor, vendor risk is assessed and appropriate vendor reviews are conducted.
Get in touch!
Feel free to contact with any questions, comments, or concerns you may have.
In accordance with our Terms of Use (https://keylabs.ai/termsofuseglobal.html) and Privacy Policy (https://keylabs.ai/privacypolicy.html):
Ownership of intellectual property. The parties to this Agreement are not entitled to any rights, implied or otherwise, to the content or intellectual property of the other party. This is except for those expressly outlined in this Agreement. According to the agreement between the parties, the Customer owns all Intellectual Property Rights in the Customer Data. Keylabs owns all Intellectual Property Rights in the Services and Platform.
Customer data use. Keylabs will not access or use customer data, except to the extent necessary to provide the Services and TSS.
Comments from customers. Customer feedback about Keylabs' services may be used by Keylabs without any obligation to Customer. Customer does not transfer ownership of any data loaded into our platform, nor does Keylabs have access to it if it is not needed to operate the platform.
---
It is the policy of Keylabs not to mix, transfer, or disclose any customer data to a third party unless explicitly instructed by the customer in writing to do so.
Classes of users
There are five categories of users on Keylabs: Team Owners, Administrators, Users, Workforce Managers, and Workers. Using privileges across these user classes, customers can restrict access to datasets within the team. For more information about these permissions, please refer to the documentation on User Classes or the adjacent tooltips within the Members tab of your team settings.
Providing data sets to others
There is an option to share a dataset and its export versions with the public within each dataset setting. When this feature is selected, a warning popup appears before it is activated. This setting is accessible only to Admins, Team Owners, and Users (if the users are also the creators of the dataset). By default, this option is turned off for all datasets. To restrict public access to your dataset, ensure that the dataset sharing option is set to OFF. On dataset cards, datasets with sharing set to ON are indicated as "OPEN".
Integrating S3
AWS S3 integration is available for certain pricing tiers within Keylabs. The purpose of this setup is to ensure that any image or video data that belongs to your business is never stored on Keylabs servers. For more information regarding this option, please contact our team.
Data archiving and deletion
The graphical user interface or API can be used to delete image data contained within datasets, classes, or datasets themselves. To ensure that the data can be recovered in the event of a mistake, image and video data are archived prior to being deleted.
Dataset access is granted to worker users through the Settings tab within each dataset. Upon receiving access, they are able to:
- Task requests: this system assigns the users a batch of images or videos defined in the settings and allows them to read and write them.
- Any image assigned to these users can be viewed.
Workers cannot view images that are not assigned to them, nor can they browse datasets in the same way that Users and Admins can. Workers cannot view their teammates' settings, billing, or performance statistics as well.
All customers' data is stored on AWS S3 servers located in Ireland (EU) and will not be moved to the storage outside of the EU.
Through Snyk, Keylabs performs quarterly vulnerability assessments.
Using various security audit services, Keylabs detects threats and monitors them continuously.
In transit, our applications utilize only TLS/SSL encryption.
Keylabs enterprise tier includes single sign-on capabilities. To add SSO to a customer's account, please contact our team.
Our enterprise tier provides access to monitoring summaries and alerts. For information regarding access notifications and email summaries on information security, please contact our team.
As sub processors in the operation of our software, NO third parties are involved.
If there are any regional data security requirements, please contact the Keylabs team. As part of our commitment to customers' data security standards, we are happy to provide references from customers within your region (if available) and explain how we comply with them.
Securing your data
Using Keylabs annotation platform comes with a commitment to data safety. Keylabs employs a range of security measures to protect valuable and sensitive data. This includes comprehensive infrastructure security if you choose to access Keylabs through the cloud. Alternatively, Keylabs can be installed on premises, guaranteeing you total control over access. We will continue to emphasize data protections as a priority by utilizing a diverse array of security measures and industry best practices.
Trusted by
and many others...
