AI helps businesses grow faster and work smarter. Yet many entrepreneurs wonder: how secure is my data in an AI platform? At IttesAI, security is key. Our platform is specially designed for SMEs who want to innovate without worrying about data leaks or misuse.
In this article, you will discover how we approach AI security and what measures we take to ensure your company’s data security.
Self-managed servers
All data in IttesAI runs on servers managed by ourselves. They are protected with SSH and IP access control, accessible only from trusted office locations. For storage, we use:
- MySQL for structured data such as workspaces and users.
- Qdrant for text chunks defining AI context.
- Minio for files such as PDFs, Word documents and videos.
Each layer is set up with clear security and strict access control.
Encryption and secure transmission
We encrypt all MySQL data with AES-256. As a result, no one can read the information without a key. All traffic goes through HTTPS or TLS. For files in Minio, we plan encryption at rest, while access is already strictly controlled. Qdrant always works with TLS when transferring. This approach combines performance with maximum protection.
Secure login and identities
Sign in via Microsoft 365 with Entra ID and two-step verification, or via a credentials login that is extra protected:
- Passwords are hashed with bcrypt.
- New passwords are tested against the “Have I Been Pwned” database.
- We limit brute force with rate limiting and do not reveal sensitive error messages.
This ensures that only authorised users have access.
Collaboration with AI providers
At IttesAI, control is key. When we use external AI models, we send only the necessary data. This could be your query or a file you choose.
Free models often use customer data to make themselves smarter, but at IttesAI that is out of the question. We only work with paid APIs from trusted partners such as OpenAI, Anthropic, Google, Perplexity and Stability AI. Even with an integration like SharePoint, you decide which files the AI is allowed to know. Our partner Truto processes these files temporarily and then deletes them completely.
You stay in control
As a user, you always maintain control:
- You can delete all your personal data in one click.
- Administrators can delete entire workspace data.
- For each file or record, you decide what remains available.
In addition, you can make your own choices in retention policies, such as periodic deletion of data.
GDPR and retention periods
We keep only what is necessary for the platform to work correctly: your username (e-mail), possibly your password, uploaded files and conversations. Files in Minio have a default retention period of six months. Logs of failed logins are automatically deleted after one month and one week.
Conclusion: innovation with confidence
AI can bring huge benefits but only if your platform is secure and reliable. At IttesAI, your data always remains your property. With encryption, self-managed servers, secure login procedures and clear agreements with AI providers, we guarantee that your business data remains protected.
This allows SMEs to benefit from the power of AI without compromising on security.
Want to read up on all the details? Read our full security overview or contact us. Together we will look at how your company can securely deploy AI.
