Privacy-first data analysis with AI

Defog’s privacy friendly architecture and enterprise grade security keeps your data safe

Rishabh Srivastava


Jun 1, 2023

Defog privacy friendly architecture means that we never get access to your data. Defog only has access to your metadata (tables names, column names, column types, and column descriptions) – and uses these to convert natural language questions into machine-executable queries. These queries are then executed on your infrastructure, ensuring that your data never leaves your servers.

This makes Defog ideal for industries where privacy is of the essence – healthcare, fintech, insurance. But we take privacy seriously beyond just our architecture. We have taken measures to ensure that your metadata is always secure, the code generated is never harmful, and you can add filters to address take access issues.

Protecting your metadata

We make sure that your metadata cannot be reached by unauthenticated users. We have taken a number of steps to ensure this:

  • Your metadata available only through direct database access, and is not exposed by any HTTP API. This means that a user has to SSH into our server to get access to your metadata, which is impossible for anyone except our employees because of Google Cloud’s privacy controls
  • Utilization of Google Cloud Intrusion Detection System (IDS). We use Google Cloud’s IDS to ensure that any threats to our network are monitored in real time
  • Utilization of security measures on company issued devices to ensure that data on compromised devices is erased as soon as they are reported stolen
  • Preventing generation of harmful queries

    We have hard checks in place to ensure that the queries generated are queries that only read the data – and never update, delete, or otherwise modify the data in your database. Our model will never create a query that modifies the data in your database in any way.

    Addressing data access issues

    Our hard_filters feature makes sure that users cannot access rows or columns in your database that you don’t want them to. Case in point here!

    from defog import Defog
    defog = Defog()
    user_question = "can you show me the bank balance of all users?"
    answer = defog.run_query(
        hard_filters="show data only for the user_id 123"
    # only data for the user_id `123` will be returned
    # regardless of what the question is

    💡 Security and privacy is the heart of what we do. If you have any questions about our model, drop us a note at founders [at] defog.ai and we will get back to you straight away. You can make an anonymous report of illegal or unethical conduct by our staff via our whistleblower channel.

    ← More blogs