Data governance

Oversight and full control of your data and IP, always

Data custodians stay in full control of what happens with their data

Data doesn't need to move

The Apheris federated data infrastructure ensures data always stays under the full control of the data custodian, meeting data residency requirements.

Asset policies define who can do what with data

Asset policies including fine-grained access controls, determine who has access and for what purpose.

Code audit to assess custom code

Optionally, an expert can review any custom code submitted to the platform to assess security and privacy implications before it can run.

Control how computation results are returned

Controls at the computational level enables selective disclosure of model performance indicators or similar, instead of full models. Alternatively, controls limiting the number of trained models to be released can be defined by the data custodian.

Built in privacy preservation

Modular control over privacy allows the data custodian to set the right level of privacy depending on the data type and business requirements.

Logging of data access and computations

Auditing and logging of user activities, actions, and executed computations assists with compliance obligations.

Set controls down to the computational level

Asset policies allow the data custodian to control who has access to data and what they can do with it down to the computational level.
When a user submits their computation, the Compute Gateway validates authentication, and enforces asset policies, including privacy, and algorithmic controls.
This keeps the data custodian in control and ensures the computation complies with the defined asset polices.

Private data stays private

To ensure compliance with regulation, Apheris employs checks at multiple stages including the user interaction.

Compute Gateway:

  • Ensures data is properly stored, accessed, and used
  • Auditing and logging of user activities, actions, and executed computations
  • Data custodian controls what happens with compute results
  • Data access layer supports auditability and traceability, data versioning, and data lineage and provenance

Compute Orchestrator:

  • Asset policies ensure computations adhere to pre-defined access and privacy controls
  • Role based access controls and asset policies

User - SDK

  • Data quality assessment
  • Model performance and evaluation
  • Enables output or model versioning and reproducibility
  • Allows users to submit code for approval by an external party

Securely access distributed data via the 5 safes framework

Apheris supports federated Trusted Research Environments with a robust, secure, and integrated system of internal controls, automated processes, monitoring, and risk assessment.

Safe projects

Collaborating parties leverage a transparent process for data access, being clear for which purpose they are using the data and resulting models. Traceable activities and computation results for participants, and auditability of data usage for approved projects, ensure trust among collaborating parties.

Safe people

Data access and usage is restricted to eligible users and all actions are traceable. Only accredited users can login to the Apheris platform with defined roles coupled to appropriate user rights. The logging system enables granular activity tracking for full auditability of which computations were run on which dataset by which user.

Safe settings

Data doesn’t need to move and stays under the full control of the data custodian. Data custodians control access to their data via asset policies. Industry-standard security controls are in place such as data encryption, no export of individual-level or raw source data, and the ability to track user activity.

Safe data

Collaborating parties agree on the data they are provisioning for federated training or analysis. Only necessary data (often de-identified) is registered in the platform. Data is encrypted both at rest and in transit. Individual-level data never leaves the Compute Gateway, and whatever aggregated data is returned is controlled via asset policies that the data custodian defines.

Safe outputs

Full control over the process to return results computed on the data. This prevents the unauthorized exfiltration of data from the Compute Gateway.

Any data, any size, anywhere

Want to learn more about how Apheris can help you power your infrastructure with federated machine learning and analytics?
Get in touch

Learn more

Article

Securing ML Models: Apheris' Contribution to ML Security

Together with the German Federal Office for Information Security we've developed frameworks and recommendations for ML practitioners to help secure ML models and maintain appropriate security measures.

Guide

E-book - Federated Data Ecosystems in Pharma & Healthcare

Breakthroughs in healthcare are faster and more reliable with federated data ecosystems. By processing patient data without risking its integrity, data collaboration is safer and more effective than data sharing. This e-book highlights real-world examples and explains how to implement a federated data ecosystem in pharma and healthcare.

White Paper

Beyond MLOps - How Secure Data Collaboration Unlocks the Next Frontier of AI Innovation

DevOps and MLOps are common methodologies in every company that wants to become software and data science driven by weaving AI into the core fabric of their business. Read what is required to securely collaborate with partners on data and AI at scale.