Test With Confidence.

Secure by Design: VeloAI Security Architecture

At Inspired Testing, an ISO 27001:2022-accredited organisation, data security is at the core of everything we do.

Guided by the principles of the latest standards, we embed robust security practices into our product development process. Our flexible deployment options are designed to address your organisation’s unique data security, compliance, and operational requirements, ensuring privacy, control, and peace of mind at every step.

Feature	Option 1: API Integration	Option 2: Both VeloAI and OpenAI Model in Inspired Testing’s Tenant	Option 3: Client-Hosted Model
Data Privacy	API ensures data is not used for training. Session-based: no data is retained post-session.	All data processing stays within Inspired Testing’s tenant.	All sensitive data remains within the client’s infrastructure.
Architecture	Hosted in Inspired Testing’s private Azure tenant. Integrates OpenAI API for functionality.	Both VeloAI and OpenAI models are hosted within the tenant.	Frontend in Inspired Testing’s tenant, model in client’s tenant. Secure API facilitates frontend-model interaction.
Compliance	Compliance under Inspired Testing’s ISO27001 protocols.	Compliance under Inspired Testing’s ISO27001 protocols.	Fully customisable to meet client-specific compliance needs.
Operational Complexity	Minimal: OpenAI manages updates and scaling.	Medium: Inspired Testing handles updates, scaling, and maintenance.	Medium: Client manages model hosting, Inspired Testing manages frontend.

Option 1

Hosted in Inspired Testing’s Private Azure Tenant with OpenAI API Inte- gration [Default Option]

Data Privacy & Minimal Retention:

Session-Based Design: All data is processed exclusively during your active browser session. Once the session ends or the browser is closed, no information is retained, ensuring complete data privacy and minimal data exposure.
OpenAI API Integration: OpenAI’s API includes robust measures to protect user data and ensure privacy. As of March 1, 2023, data submitted through OpenAI’s API is not used for training or improving models unless customers explicitly opt-in. VeloAI has chosen not to opt-in, safeguarding user inputs from unintended data usage.
Future Feature: A planned enhancement will enable saving session-based information as files on client infrastructure or user systems. This feature will be implemented in strict compliance with client-specific data security protocols.

Architecture Security:

Private Azure Tenants: VeloAI operates within Microsoft Azure’s private tenants, leveraging enterprise-grade security features such as redundancy, DDoS protection, and high availability.
ISO 27001:2022 Certification: Our company is ISO 27001:2022 certified, ensuring rigorous data governance, robust security practices, and effective risk management.

Option 2

Both VeloAI and the OpenAI Model Hosted in Inspired Testing’s Private Azure Tenant

Enhanced Privacy:

All inputs and outputs are fully processed within Inspired Testing’s private Azure tenant, ensuring complete isolation and eliminating the need for third-party API interactions.

Architecture Security:

Private Azure Deployment: Both the VeloAI application and the OpenAI model are securely hosted and managed within Inspired Testing’s dedicated Azure infrastructure, providing unparalleled isolation, control, and data security.
Secure Configuration: Robust access controls and encryption are meticulously tailored to safeguard your data and ensure compliance with industry standards.

Operational Advantages:

Reduced Latency: Hosting the model locally eliminates reliance on external API calls, significantly reducing latency and enhancing performance.
Managed Service: Inspired Testing oversees all aspects of updates, scaling, and maintenance for both VeloAI and the OpenAI model, allowing you to focus on leveraging the solution without the burden of operational overhead.

Option 3

Client-Hosted Model with Frontend in Inspired Testing’s Tenant

Hybrid Architecture:

The VeloAI web application frontend is securely hosted within Inspired Testing’s private Azure | tenant.
The AI model resides in the client’s Azure tenant, with secure API communication facilitating interaction between the frontend and the model.

Privacy & Compliance:

Data Sovereignty: All sensitive data processing occurs exclusively within the client’s Azure tenant, ensuring maximum privacy and compliance with data sovereignty regulations.
Session-Only Data Retention: The frontend does not retain or store any data beyond the active session, safeguarding user information.

Operational Flexibility:

Managed Frontend: Inspired Testing handles the maintenance and updates of the frontend, guaranteeing consistent performance, enhanced security, and minimal operational burden for the client.
Customisable Model Infrastructure: Clients maintain full control over their model infrastructure, tailoring it to meet specific regulatory, operational, and performance requirements.

Your Role in Security

No matter which deployment option you choose, your active participation is crucial to ensuring data security:

Establish and Maintain a Security Policy: Develop and regularly update a comprehensive company data security policy and manual to guide practices and protocols.

Protect User Credentials: Never share assigned user accounts or password information to prevent unauthorised access.

Secure Your Devices: Adhere to endpoint security best practices to protect all devices connected to your systems.

Educate and Train Staff: Regularly train your team on the latest data security policies and practices to ensure awareness and compliance.

Why Choose Inspired Testing and VeloAI?

At Inspired Testing, we are dedicated to safeguarding your data with industry-leading security practices and tailored deployment solutions.

With VeloAI, you benefit from our commitment to ensuring safety, privacy, and compliance at every step.

Comprehensive Security: Our solutions are backed by enterprise-grade security protocols, ensuring your data remains protected at all times.

Tailored Deployments: Flexible hosting options, including private Azure tenants and hybrid architectures, are designed to meet your specific operational and compliance needs.

Contact Us

Ready to take the next step?

Contact our team to learn more about how we can support your unique requirements. Email us to schedule a consultation at VeloAI@inspiredtesting.com