Kili security measures

Security measures implemented by Kili can be summed up in these three areas:

• Secure hosting
• Secure authentication and re-authentication
• Secure data storage

📘

As an additional security measure, you can anonymize your labeling team in Kili interface. For more information, refer to Managing project members.

Secure hosting

Kili offers a range of hosting options. From a simple SaaS solution to a 100% on-premise solution designed for customers concerned about data privacy. For details, refer to these topics:

• Kili on Cloud (SaaS) hosted on our infrastructure
• Kili on Cloud (SaaS) deployed as a managed application in Azure Marketplace
• Kili on Cloud with your own remote storage (on-premise data)
• Kili On-Premise

Secure authentication and re-authentication

The standard authentication method with Kili is secure multi-factor authentication using e-mail, password and an authenticator app.

You can also authenticate using the SSO options provided by GitHub or Google. Thanks to an integration with OAuth2 / OpenID Connect servers, this method will also work with our on-prem configurations.

📘

For increased security, after one hour of inactivity you will be logged out and have to log back in.

Secure data storage

On Kili Cloud, data is encrypted at rest.

If you're using the remote storage to work with Kili, when your annotators work on data, browser directly loads files from storage without backend processing on Kili servers. You can add data to your project by:

• Declaring URLs by uploading a CSV file
• Integrating your remote storage with Kili

📘

• URLs imported using a CSV file must be public (this is not secure for sensitive data).
• Kili supports secure native integrations with AWS S3, Azure Blob Storage, and Google Cloud.
• Remote storage integrations are currently a beta feature. If you encounter any issues, please report them to us at [email protected].