Free cookie consent management tool by TermsFeed Security and Compliance [AI Capabilities]
Security and Compliance

Compliance

AI skills are only available for Cloud customers at this time. Self-managed and Appian Government Cloud customers don't have access to this feature.

Appian Cloud HIPAA or PCI-DSS customers: Before enabling this feature, please review its compliance to ensure it aligns with your organization's security requirements.

Regional availability

Tip:  Unless listed below, AI skills are available in all regions.

The following AI skills are available in select regions:

Region Name Region Document Classification Document Extraction Prompt Builder
Africa (Cape Town) af-south-1 Not Supported Not Supported Not Supported
Asia Pacific (Mumbai) ap-south-1 Supported Supported Not Supported
Asia Pacific (Seoul) ap-northeast-2 Supported Supported Not Supported
Asia Pacific (Singapore) ap-southeast-1 Supported Supported Supported
Asia Pacific (Sydney) ap-southeast-2 Supported Supported Not Supported
Asia Pacific (Tokyo) ap-northeast-1 Not Supported Not Supported Supported
Canada (Central) ca-central-1 Supported Supported Not Supported
Europe (Frankfurt) eu-central-1 Supported Supported Supported
Europe (Ireland) eu-west-1 Supported Supported Not Supported
Europe (London) eu-west-2 Supported Supported Not Supported
Europe (Milan) eu-south-1 Not Supported Not Supported Not Supported
Europe (Paris) eu-west-3 Supported Supported Not Supported
Europe (Stockholm) eu-north-1 Not Supported Not Supported Not Supported
Europe (Zurich) eu-central-2 Not Supported Not Supported Not Supported
Middle East (Bahrain) me-south-1 Not Supported Not Supported Not Supported
Middle East (UAE) me-central-1 Not Supported Not Supported Not Supported
South America (Sao Paulo) sa-east-1 Not Supported Not Supported Not Supported
US East (N. Virginia) us-east-1 Supported Supported Supported
US East (Ohio) us-east-2 Supported Supported Not Supported
US West (N. California) us-west-1 Supported Supported Not Supported
US West (Oregon) us-west-2 Supported Supported Supported

If your Appian environment isn't in a supported region listed above, you can elect to use these AI skills by sending your data to a supported region. This doesn't change your environment's region. Contact Appian Support to learn more.

Caution:  Changing your Appian environment's region will make any of these AI skills that exist no longer available in your environment. Multi-region environments and migration between regions are not supported.

However, if Enhanced Business Continuity is enabled for your environment and a failover occurs, AI skill data will be present when you return to your primary region. AI skill data isn't lost permanently in this case.

Single-region architecture

Note:  This section applies to the prompt builder AI skill and certain features powered by Appian AI Copilot.

Appian's AI architecture utilizes a single AWS region to provide a secure and scalable AI as a service solution. These capabilities are in-line with the architecture of Appian Cloud deployments, which also use AWS as the provider.

Our AI architecture is designed with private AI as the foundation and upholds those principles.

Multi-tenant AI service: Appian's multi-tenant AI service is shared among multiple customers in a given region and has multiple layers of control to restrict data access to respective instances. The service has tenant-level controls to restrict data access and encryption/decryption permissions, whether that tenant distinction is a separate customer or a separate environment for a single customer. This shared service approach allows for economies of scale.

Data transit and retention:

  • All of your data stays within the Appian Cloud environment.
  • All data in-transit is encrypted using TLS.
  • Communication between Appian and the AI service is authenticated using tenant-specific asymmetric signing to verify the identity of the requesting client application.
  • Communication between the AI service and Amazon Bedrock uses AWS Signature V4 authentication to verify the identity of the requesting service.
  • Stateless so no information is retained.

Learn more about Amazon Bedrock.

Records Chat security

Users can only chat with records they have access to. Record-level security is the responsibility of the customer to develop and maintain. No records data is retained in either the AI service or Bedrock due to their stateless nature.

Open in Github Built: Wed, Apr 10, 2024 (06:57:10 PM)

Security and Compliance

FEEDBACK