Data Security & Management

Data Security & Management

This guide explains how Elqano handles data security and management. It covers where the application runs, authentication methods, data sources, and storage locations to help you understand how your organization’s data is protected.

Data Security

Where is Elqano bot/application running?

On premise: Elqano application servers run in the client’s Azure tenant.

Saas: Elqano application servers run in elqano’s Azure tenant.

A small package is also added into Teams to integrate the ChatBot with the server application and doesn’t require any interaction with documents.

Nothing is installed on user’s computers.

Playground Architecture

How is handled authentication in Elqano?

  • Web without SharePoint: SSO Authentication is handled via the SAMLv2 protocol using a Microsoft enterprise SSO application hosted on the Elqano tenant as an authentication server. The client must then provide us with the list of users who will have access to the solution.

  • Teams / Web with Sharepoint: double authentication:

    • SSO Authentication is handled via the SAMLv2 protocol using a Microsoft enterprise SSO application hosted on the Elqano tenant as an authentication server (to access Playground)
    • SSO Authentication is handled via the SAMLv2 protocol using the Azure Active Directory of the client as an authentication server.  (To connect to SharePoint)

Only users assigned to the SSO application will be allowed to connect to the app.

Note

An Elqano SSO app is present in Azure AD app gallery**

Where does Elqano data come from?

Elqano retrieves information from three distinct sources:

  • Microsoft SSO Login (Via SAMLv2 SSO authentication)
  • Microsoft Graph API if the client grants the connection to SharePoint. Otherwise, the client can directly send to Elqano the documents to be indexed.
  • Microsoft Teams (via API and HTTP callbacks), for apps available in Teams (Connect and Playground)

Where is stored the application data?

The application data is stored into 3 datastores:

  • PostgreSQL for the questions, answers, user activities and all app related data
  • AzureSearch for the indexed document content
  • Azure blob storage as temporary document store

On-premises: These systems are managed by the client Azure tenant.

SaaS: These systems are managed in Elqano Azure tenant.

The access to these datastores is secured and limited to the application servers only.

Where do users’ documents come from?

User’s documents are retrieved from Microsoft SharePoint Online via the Graph API or directly from the sending of the documents by the client.

Important

If the connection to Sharepoint is granted, the application does not scan user’s private documents stored on local computers or OneDrive or in emails and private Teams conversations.

If the options are configured in the application, users might also be able to attach documents from their local computers to the answers posted in the bot or in the web interface. These documents will then be stored on the document storage of the application in the Azure tenant of the client (On-premises) or in the Azure tenant of Elqano (Saas).

They will be accessible only via the application.

Where are the indexed documents stored?

During the indexing phase, documents are stored temporarily into the document store of the application (Azure Blob Storage) only for a short time.

Once indexed the documents are removed from the storage.

The document content is indexed into the application vector store (Azure Search) running in the Azure tenant of the client (On-Premises) or azure tenant of Elqano (Saas).

How are exposed SharePoint documents?

Elqano will never proactively expose SharePoint documents.

SharePoint documents shared via the bot will remain on SharePoint and only a link pointing to the document will be published in Teams messages. The permissions on documents defined in SharePoint will be applied.

Elqano is also able to ignore documents with sensitivity labels enabled.

Elqano’s SaaS architecture is built on a multi-tenant application design with tenant isolation ensured through authentication mechanisms. This approach guarantees secure and isolated access to data, maintaining strict separation and integrity for each tenant while upholding the highest security standards.

Design of multi-tenant app with database-per-tenant.

Source: Microsoft, Multi-tenant SaaS database tenancy patterns.

Is Elqano exposing private data over the internet?

No public data is exposed in Teams and/or in the web interface without secured authentication.

Is Elqano secure?

Elqano is using state of the art security mechanism:

  • Full HTTPS
  • Delegated SSO authentication via SAML
  • XSS/SQL injection enforced protection
  • Teams HTTP callbacks signature checks
  • Authenticated and filtered database access
  • Encrypted sensitive data into application database

Note

Security audits of the app as well as of the installation process and running instances are performed on regular basis (Next planned for beginning 2025).

Data Management Policy

Elqano needs to gather and use certain information about individuals. This policy describes how this personal data must be collected, handled and stored to meet the company’s data protection standards – and to comply with the law.

This data management Policy ensures Elqano:

  • Complies with data protection law and follows good practice
  • Protects the rights of customers, staff and partners
  • Is transparent about how it stores and processes individuals’ data
  • Protects itself from the risks of a data breach

Important

On-premises: Elqano database and application are installed on customer servers and rely on the customer servers’ security. All customers data (user data, documents, questions, answers…) stays on customer servers.

Once Elqano is installed on the customers server, it crawls platforms identified and selected with the client.

Data Accessibility

To continue to improve Elqano algorithm and keep improving user experience, a part of Elqano team, the support team, will have access to a selected part of customer data.

Those selected members, including customer success managers will have one personal access to customer’s admin Elqano account. They are not allowed to copy, share, or amend any customer data. Each customer success manager will sign an NDA with the customers he/she is in charge of.

Data Protection Officer

Gabriele Barbieri, dpo@elqano.com

Data disposability

Customer can request at any moment the deletion or transfer of data. The deletion or transfer must be done within 2 weeks after request. Users can request at any moment the deletion or transfer of their personal data. The deletion or transfer must be done within 1 week after request.

Robustness

Azure Health Checks

To ensure the reliability and performance of the Elqano application, we utilize Azure Health Checks. These checks continuously monitor the health of our application services, allowing us to proactively address any issues and maintain optimal uptime. This integration ensures that our infrastructure remains robust and responsive to user needs.

Monitoring User Indexation

Elqano implements a system to monitor user indexation to prevent excessive resource usage. By tracking the indexation process, we ensure that the system operates efficiently and that resources are allocated appropriately. This monitoring helps maintain the performance and scalability of the application.

Serverless Dynamic Task Orchestration

To optimize task scheduling and execution, Elqano employs Prefect push work pools. This approach allows us to schedule work on serverless infrastructure without the need to run a dedicated worker. By leveraging serverless capabilities, we enhance the flexibility and scalability of our operations, ensuring that tasks are executed efficiently and cost-effectively.

FAQ

Which types of documents can be analyzed?
All Office documents, PDF, Word, and PowerPoint. Perimeter is always selected and identified with customer.
How to manage documents with access rights?
The solution complies with the documents’ access rights.
Are conversations between 2 persons or emails analyzed?
No, they are not.
Does the data leave our environment?
  • On-premise: the application and the vectorial index are stored and managed from the client environment. All the data remains internal. Regarding the LLM, using an Azure OpenAI subscription, the client can choose which GPT model to use from the required and recommended models, and where the model should be hosted (which country, Europe).

  • Saas: the application and the vectorial index are stored on Elqano’s tenant. Each client has its own database. Through Elqano’s Azure Open AI subscription, clients benefit from GPT-4o, text-embedding-ada-002, GPT-4o-mini, GPT-4.1, o1, and o3-mini models, all hosted in Sweden, EU.