DAKSH is designed from the ground up with enterprise-grade security, strict privacy control, and full compliance with global and local data protection regulations. Unlike consumer-facing LLMs that often operate in opaque environments, DAKSH offers end-to-end visibility, encryption, and policy enforcement mechanisms that meet the standards of regulated industries, governance platforms, and high-trust digital services.
1. Secure Architecture and Data Protection
At the infrastructure level, DAKSH follows a zero-trust cloud-native architecture. All user requests — whether textual or voice-based — are routed through AWS API Gateway, where they are authenticated, rate-limited, and encrypted with TLS 1.3. API calls invoke Lambda-based microservices or isolated containers with scoped IAM roles, ensuring minimal surface area for threats.
All data at rest — including knowledgebase files in S3, embeddings in FAISS or Pinecone, and metadata in RDS/DynamoDB — is encrypted using AES-256 and managed via AWS Key Management Service (KMS). Key access is tightly scoped, and keys are rotated periodically in compliance with ISO 27001 standards.
DAKSH employs stateless processing — each query executes in a sandboxed environment that terminates after use, preventing memory persistence or session bleed. Logs are scrubbed of sensitive content before ingestion into analytics or monitoring systems.
2. Privacy, Consent, and PII Handling
DAKSH enforces strict privacy policies that prioritize user confidentiality and regulatory compliance:
-
PII Masking: Any personally identifiable information (such as names, emails, or phone numbers) detected in the query or response pipeline is masked or tokenized before logging.
-
Consent-Based Data Capture: Users interacting with DAKSH via public portals are presented with clear consent dialogs before voice or data collection. Opt-in consent is stored and auditable.
-
No Third-Party Logging: No conversation data is shared with or stored in external analytics tools unless explicitly enabled by the enterprise.
In enterprise deployments, role-based access to query logs is enforced to ensure only authorized administrators can view audit trails or usage histories.
3. Compliance with Global and Local Regulations
DAKSH is aligned with key data protection frameworks:
-
GDPR (EU): Data minimization, right to erasure, data portability, and explicit consent mechanisms are supported.
-
DPDP (India): Compliant with India's Digital Personal Data Protection Act, including data residency and breach notification mandates.
-
ISO/IEC 27001 Alignment: Security controls, audit mechanisms, and encryption standards mirror ISO/IEC recommendations.
-
HIPAA (for healthcare deployments): Optional configuration ensures that PHI is never logged, and session timeouts are enforced.
DAKSH also supports custom data retention policies, allowing organizations to define how long user interactions and logs are stored before automatic deletion.
4. Auditability and Governance Controls
DAKSH features a robust audit trail and logging framework. Every user interaction, retrieval event, and model output is recorded with the following metadata:
-
Timestamp
-
Request source (API/user/channel)
-
User role/context
-
Response status
-
Embedding ID references
Logs are immutable, tamper-evident, and can be routed to centralized monitoring tools such as AWS CloudWatch, ElasticSearch, or SIEM solutions.
Administrators are provided with:
-
Access control dashboards to manage users, roles, and permissions
-
Anomaly detection hooks to flag unexpected input patterns or abnormal access rates
-
Audit report generators to support compliance documentation and periodic review