Maloni
Contact

Security & Privacy

Security controls and privacy-preserving practices used when building and operating AI-enabled systems.

Access and identity

  • Role-based access control and least-privilege permissions.
  • Separation of duties for model changes and approvals.
  • Service-to-service authentication for internal components.

Encryption and transport

  • Encrypt data in transit and at rest.
  • Key management practices aligned with environment requirements.
  • Secure secrets handling and rotation processes.

Logging and monitoring

  • Security event logging for access and changes.
  • Monitoring for anomalies and operational exceptions.
  • Retention and access rules for logs and audit data.

Privacy and data handling

  • Data minimization and purpose limitation by design.
  • Defined retention periods and deletion workflows.
  • Controls for sensitive attributes and regulated data categories.

Artifacts produced

  • Access and change logs for model/system operations.
  • Data handling notes (retention, deletion, access model).
  • Operational monitoring definitions and incident-ready evidence.

Related

  • Connected pillars: Model Training & Data; Compliance & Ethics
  • Applied pattern: AI Personal Model

Related links

AI Personal ModelModel Training & DataCompliance & Ethics

CTA

Contact Maloni to discuss requirements, constraints, and next steps.

Contact