Your Trust, Our Blueprint: How We Secure Your AI Assistant Experience

AI AI Assistant

In an era where AI is transforming how we work, security isn’t just a feature—it’s the foundation. As you interact with the AI Assistant within our platform, we want you to feel confident that your data is protected, your privacy is respected, and the information you receive is reliable.

Here is a transparent look at the safety posture we’ve built to protect you and your organization.

A Focused, Reliable Intelligence

First, let’s get this out of the way – we do not sell your conversation data or use it for any purpose other than improving your experience within our software.

Our Assistant is designed with a singular purpose: to help you master our product and access your business insights safely. To ensure accuracy and safety, we’ve implemented two specialized engines:

1. AI Assistant (Docs)

This engine utilizes Retrieval-Augmented Generation (RAG) to answer questions based strictly on our official product documentation.

• Verified Sources Only: It never pulls from unverified third-party sites or “hallucinates” based on outside data.
• Product-Specific Guardrails: The Assistant is programmed to politely decline queries unrelated to our software, ensuring it remains a professional, high-utility tool.
• Public Safety: Because it only accesses documentation that is already public-facing, there is zero risk of revealing internal trade secrets or confidential company data.

2. AI Assistant (Data)

When you need to pull specific numbers or reports, our Data engine takes over, acting as an intelligent bridge to our reporting platform.

• Smart Parameters: If your request requires more detail (like a specific date range or category), the Assistant will ask you for those parameters to ensure the data is accurate.
• Seamless Reporting Integration: It intelligently translates your natural language requests into precise data queries, ensuring you get exactly the insights you need without needing to know complex code.
  

Data Privacy and Security by Design

We believe that you should have total control over your digital footprint. Our architecture ensures that your conversations and business data remain your own.

• Identity-Aware Permissions: Your security follows you. When you ask for data, the AI Assistant applies the exact same security filters as our standard reporting platform. You will never see data through the AI that you aren’t already authorized to see in your regular reports.
• Strict Isolation: Your conversation history is yours alone. We maintain rigorous “Multi-Tenant” isolation, meaning data never leaks between different organizations or even between different users within the same company.
• Profiling Protection: To minimize data profiling, administrators can choose to disable long-term history at the tenant level. This limits the AI to a single, active conversation context.
• The Right to be Forgotten: You can delete your history at any time. When you hit delete, it is permanent—we leave no trace behind.
  

Enterprise-Grade Infrastructure

We’ve partnered with Google to provide a world-class AI experience through the Gemini Enterprise Agent Platform. This partnership provides “battle-hardened” security for every query:

• Regional Sovereignty: All data processing stays within your tenant’s region. We utilize regional endpoints to ensure your data complies with local residency requirements.
• Zero Training Guarantee: Your data is never used to train Google’s global models. Your business inputs and the data results remain private to your organization.
• Encryption Everywhere: Your data is shielded at every stage using industry-standard encryption for data in transit and at rest.
• Advanced “Agentic” Defense: By using the Enterprise Agent Platform, we benefit from features like Agent Identity (ensuring every AI action is traceable and auditable) and Model Armor, which protects against prompt injections and sensitive data leakage.
  

Administrative Control

Safety is also about giving your organization the “off switch.” We provide administrators with granular controls:

• Access Management: Administrators can define exactly which system roles have permission to use the AI features.
• Instant Deactivation: Administrators can turn off all AI capabilities across the tenant at any time.
  

The 2Ring Commitment: Security Above All

At 2Ring, we don’t just build software; we build trust. Security is not a checkbox for us—it is the most important part of how we do business. Our internal culture and engineering practices are designed to protect you from evolving threats.

• ISO 27001:2022 Certified: We implement and adhere to the industry-recognized ISO 27001:2022 security standard. This means our entire information security management system is rigorously audited and aligned with global best practices.
• Secure SDLC (Software Development Life Cycle): Security is baked into our code from day one. By employing a Secure SDLC, we identify and mitigate vulnerabilities during the design and development phases, long before the software reaches your environment.
• Proactive Defense & OWASP Alignment: The AI landscape changes daily. We actively monitor security trends and specifically align our defenses with the OWASP Top 10 for LLM Applications. This ensures we are constantly defending against modern risks like prompt injection and data exfiltration.