Introducing enhanced security features for Algorithmia Enterprise
When it comes to implementing machine learning effectively, governance and security are top priorities for nearly every enterprise organization. With large amounts of sensitive data being gathered and stored within large online infrastructures, it’s essential that organizations put strict measures and controls in place to govern and secure the use of these systems and their data sources.
Algorithmia has always been committed to providing enterprise-grade security and governance to protect your business and machine learning investment. Algorithmia Enterprise secures and governs your ML across all data, models, and infrastructure, and removes barriers that make it difficult to implement ML within your existing IT policies.
We recently released new governance capabilities for Algorithmia Enterprise that provide expanded functionality to help you govern the use of ML in production. In addition, we’re proud to share that we’re also expanding our security features to provide even greater protection for your business.
The following new, enhanced security features are available today to all Algorithmia Enterprise customers.
Enterprise companies use a wide variety of single sign-on protocols and tools. To expand our SSO support to an even greater range of enterprise environments, we’ve added the following additional options for SSO:
- Single sign-on with SAML using the open standard to support single sign-on allowing for user’s login credentials to provide access to multiple resources. This makes it possible for identity providers to securely pass authenticated identities and their attributes to service providers.
- Active Directory group synchronization to provide a centralized location for administering user permissions and providing access to shared resources. This feature allows for synchronization of organization membership based on tags being included in the SAML assertion. The user will be added to the cluster according to which tags are present in their SAML assertion.
- JSON Web Tokens (JWT), which support transmitting data between parties as a JSON object. With JWT, users can log in via single sign-on and each request they make will include the JWT to provide access to routes and services.
Secret store for external resources
A major concern we hear from enterprise customers is the need to secure data, manage access to credentials, and transmit data and credentials safely within an organization while preventing unauthorized access. Many customers have implemented third-party tools such as Hashicorp or Spring Vault to address these security concerns.
This is why we’ve created a new, vault-based secret store, enabling you to create and manage credentials in a central location for access to data sources and web services.
The new secret store enables users to manage and share access to sensitive data sources in a secure manner without exposing credentials. It allows for easy management of data access, secure access to credentials, and simpler team collaboration.
You can use the new secret store directly in Algorithmia Enterprise, or choose to integrate with an existing internal secret store already in use at your organization such as those previously mentioned, among many others.
SELinux enforcing mode
Many enterprises have stringent security policies that require SELinux enforcing mode. This is why we’ve now added SELinux enforcing mode support, enabling customers with extremely high security levels to enforce the SELinux policy and deny access-based SELinux rules. So if your IT team requires you to use enforcing mode with the policies they’ve put in place, we have you covered.
Other recent security improvements
In addition to these new security enhancements, we’ve made a number of improvements over the past year that bolster our commitment to your security, no matter your unique enterprise needs.
Type 2 SOC 2 examination
We know that many organizations are required to comply with multiple industry regulations for their AI/ML, and that System and Organization Controls (SOC) compliance is one of the most common needs. That’s why we’re happy to share that Algorithmia recently successfully completed a Type 2 SOC 2 examination.
Many large enterprise corporations have their own internal certificate management for their network. Algorithmia supports using these private certificates for internal authentication so that these companies do not need to rely on public authorities.
Private container registry
For companies that want to utilize their existing private registry instead of pulling down Algorithmia components from our public registry, we can customize our installer to pull from their private container registry.
Private dependency mirrors
When high-security customers want to use their private mirrors to gain access to algorithm package dependencies, we now support the ability to provide them with the ability to load those dependencies internally. This allows data scientists to use the language and frameworks of their choice and ensure that they will run in their existing platform.
Algorithmia supports three forms of proxy support for traffic that leaves a customer’s network. If network traffic needs to leave the cluster to the public network, Algorithmia can support your authentication needs through:
- An unauthenticated proxy that ensures that traffic goes through a set IP address.
- An authenticated proxy that requires a username and password to be passed through the defined IP address.
- Man-in-the-middle proxy to support dynamic certificates generation.
Get started with Algorithmia Enterprise today
Algorithmia’s enterprise machine learning operations (MLOps) platform manages all stages of the production ML lifecycle within existing operational processes, so you can deliver more models, quicker, while protecting your business with advanced security and governance.
At Algorithmia, we take the security of your machine learning seriously, and that’s why we’ve built security best practices into our platform as a first-order consideration. Our new security features represent an enhancement of our robust security offering, and security will continue to be a major focus for us as we continue to expand on our feature set. New features and refinements will be made in order to support the most stringent security requirements for enterprise customers.
Ready to start using these new security features? All of them are available today to existing Algorithmia Enterprise customers. Not a customer yet? Get your demo today to learn how Algorithmia’s leading MLOps platform can accelerate your time to value for machine learning while protecting your business.