SmartWeb’s Security Approach

SmartWeb is built through the integration of FlowHunt and LiveAgent, providing comprehensive AI chatbots, knowledge bases, and ticket management. To handle customer data securely, we implement the following multi-layered security measures.

Data Protection Strategy

Data Communication and Storage Security

  • Communication encryption: All communications are encrypted with TLS (HTTPS) to protect data transmission paths.
  • Stored data encryption: Databases and backups are encrypted and stored in secure storage.
  • Prevention of external service leakage: Data is exchanged only between FlowHunt and LiveAgent, preventing data leakage risks to third-party services.
  • Access control: Permission-based access management ensures only authorized users can access data.

For more details, please see: ➡ FlowHunt Security Measures

Privacy Protection Initiatives

  • GDPR compliance: Compliant with the General Data Protection Regulation (GDPR), properly handling data processing, storage, and deletion.
  • Japanese Personal Information Protection Act compliance: Established handling systems compliant with domestic laws.
  • Data minimization: Only collect and process the minimum data necessary for business operations.
  • Support for user deletion rights: Customer registration data can be safely deleted upon request.

Related pages: ➡ AI Chatbot Security Measures and Data Protection

System Security Measures

Multi-layered Security Defense

  • Defense in Depth: Protection through multiple layers including firewalls, WAF, intrusion detection, and DDoS defense.
  • Anomaly detection system: Automatically detects unauthorized access and behavior for early response.
  • Automatic security patch application: Continuously implement vulnerability countermeasures.
  • Backup and recovery system: Regular automatic backups enable rapid data recovery during failures.
  • International certification: Operating security management systems compliant with international standards such as ISO 27001.

Safe AI Operations

Secure Information Generation with RAG Technology

SmartWeb’s AI adopts RAG (Retrieval-Augmented Generation) technology. This technology ensures the following safety and accuracy when AI generates responses.

  • Limited information reference: AI does not search the entire internet but only refers to specified information sources such as your company’s website and internal documents.
  • Accurate and reliable responses: Responds based on the latest and accurate internal company data without relying on uncertain external information.
  • Training data separation: Registered internal data is not reused or shared with OpenAI or other companies’ LLMs.
  • Information leakage prevention: AI operates in a closed environment, utilizing only internal proprietary knowledge.

Operational Management Best Practices

Security Operations Guidelines

  • Knowledge data selection: Limit publication scope and manage confidential documents in separate workspaces.
  • Access right separation: Clearly separate administrators, operators, and viewers, operating with minimum privileges.
  • Data retention policy: Clarify history retention periods and automatically delete unnecessary data.
  • Audit log utilization: Regularly check access and operation logs to prevent unauthorized use.
  • File security assurance: Implement virus scanning for attached files and uploaded data.

Security Policy Summary

SmartWeb’s Security Commitment

  • Protect information with TLS encrypted communication and database encryption
  • Comply with international and domestic laws including GDPR and Personal Information Protection Act
  • Secure integration of FlowHunt and LiveAgent for closed data processing
  • Prevent misinformation and information leakage through limited AI responses with RAG
  • Operate security management systems based on ISO 27001