NEW: OpenAI Structured Outputs with Label Studio
Contact Sales
Security

Security and privacy are at our core

At HumanSignal, we blend security seamlessly into development and operations workflows to build safe applications that allow our customers to scale while giving them the flexibility to respond to important changes in their business objectives.

Download Security Brief

How we secure your data

When using cloud storage the app enables restricted access to the storage keys and credentials as well as limited access through pre-signed URLs.‍

In the case of a custom data provider (non-cloud storage), the app enables restricted access to the data URI stored in a database. The data access requests are verified and proxied with BasicAuth headers to the specified endpoints. This prevents the URI from being accessed elsewhere by unauthorized users. In this way, the app enables restricted access to the credentials.‍

API tokens can be reset at any time.

All data is encrypted at rest, sensitive data is encrypted in transit. Passwords are additionally hashed.

TLS connection is enforced across all product services including:

The HumanSignal Deployment Model

  • Data and control planes are separate entities
  • Data is loaded directly into the annotator browser, bypassing our servers
  • HumanSignal doesn’t need access to the data and doesn’t store the data
  • Optionally enable the VPN connection to protect URLs
  • Once connected TLS encryption is used for data in transit (when connecting and reading the URLs from bucket and sending annotations back to cloud storage)

HumanSignal holds a SOC2 Type 2 certification and is HIPAA compliant.

Secure User Management

The HumanSignal platform supports single sign-on using SAML to manage access to Label Studio using your existing Identity Provider, or with LDAP authentication. The HumanSignal platform supports the following identity providers:

  • Microsoft Active Directory
  • Okta
  • OneLogin
  • Ping Federate & Ping Identity & PingOne
  • Others that use SAML assertions

The HumanSignal platform also supports System for Cross-domain Identity Management (SCIM) version 2.0, a popular protocol to manage access for services and applications across an organization.‍

SCIM interacts with our customer’s SSO integration (for example, Okta), allowing them to manage access to The HumanSignal platform workspaces, and grant roles to individual users and groups.

See how the HumanSignal platform can work at your organization.