Categories

Categories

Arist AI Safety & Security Overview

Maxine Anderson
Last Updated: 1 week ago

Use of AI in Arist

Arist utilizes artificial intelligence (AI) to enhance content creation, analytics, and the learner experience within our platform. To ensure optimal performance and flexibility, we leverage industry-leading large language models (LLMs) from both OpenAI and Anthropic. These models are accessed via secure API integrations, and Arist does not develop or train proprietary AI models.

AI-Powered Features in Arist

Arist incorporates AI across multiple areas of the platform to streamline content development and enhance user engagement and provide admin reporting value:

  • Creator AI: Supports course creation and editing by assisting users in structuring content, refining language, and generating training materials.

  • Analytics: May be used to score learner responses or summarize key insights and generate recaps to help administrators assess course effectiveness and learner engagement. Explicitly stated where used in-app.

  • Learner Experience: AI is selectively used within the learner interface where explicitly stated, offering personalized guidance and automated responses where applicable.

AI Integration and Model Security

  • AI Integration: Arist AI Creator seamlessly integrates AI capabilities into our Creator tool, assisting in the rapid creation of course content.

  • Model Utilization: The tool leverages both OpenAI and Anthropic models via secure API communication, ensuring that no customer data is stored or used for model training.

  • Defense-in-Depth: A layered security approach ensures there is no single point of failure, protecting the system against potential vulnerabilities.

  • Input Validation: Rigorous input validation techniques protect against anomalies, unexpected inputs, and potential malicious content.

  • Security Standards: Development aligns with OWASP Top 10 for LLM, regularly assessing and mitigating risks associated with:

    • ML01:2023 Input Manipulation Attack

    • ML02:2023 Data Poisoning Attack

    • ML03:2023 Model Inversion Attack

Data Security and Privacy

Arist is committed to safeguarding customer data and ensuring compliance with enterprise security standards. Key principles include:

  • No Model Training: Arist does not train any AI models. Both OpenAI and Anthropic have publicly stated that data sent via their APIs is not used to train their models. As a result, customer data processed through Arist’s AI features remains confidential and is not used to improve external AI models.

  • Data Handling: All AI interactions occur via API requests, ensuring data is processed securely without storage in third-party AI systems.

  • Enterprise Control: AI features can be enabled or disabled at an organization-wide level by the client’s designated Super Admin, providing full control over AI utilization within the platform.

Data Input, Processing, and Output

Data Input

  • Secure Ingestion: The AI tool ingests only client-provided materials such as course inputs, PPTs, PDFs, and other proprietary documentation.

  • No Persistent Storage or Model Training: No customer data is persistently stored or incorporated into the AI model's training dataset. The data is utilized solely for the specific course generation task.

  • End-to-End Encryption: Robust security protocols, including end-to-end encryption, ensure the confidentiality and integrity of proprietary information throughout the processing pipeline.

Data Processing

  • Private Data Storage: The data provided is encrypted and stored securely in Arist’s database (AWS RDS and S3 for files), alongside the rest of the organization's Arist data.

  • Temporary Use of AI Models: During course generation, data and pre-built prompts are temporarily processed by OpenAI and Anthropic models via their APIs. This data is not stored by OpenAI or Anthropic and is used only at the point of course generation.

Data Output

  • Tailored Content Generation: The AI system generates structured, modular learning content optimized for Arist's delivery platforms. It will only consider client information if provided at the point of prompting by the user. Outputs include text-based content, recommendations for visual assets (coming soon), and interactive elements (e.g., multiple-choice questions).

  • Adherence to Arist Instructional Design Standards: The generated content follows predefined instructional design patterns and is optimized for mobile consumption and spaced repetition learning methodologies.

Enterprise Compliance and Governance

Arist is designed to meet the stringent security and compliance requirements of Fortune 500 enterprises, including organizations in highly regulated industries such as pharmaceuticals and technology. Our AI security approach aligns with best practices for data protection, transparency, and administrative control.

For more information on OpenAI or Anthropic's model security, data usage policies, and documentation regarding model type, intent, features, potential harm, and bias, please visit: OpenAI Enterprise Security, or Anthropic Trust.

Was this article helpful?

Recommended Articles

Recent Articles