background

How does AskYourDatabase protect your data?

How does AskYourDatabase protect your data?
Sheldon Niu
Sheldon Niu

In this article, we'll explore the workings of the AskYourDatabase plugin and desktop application, focusing on how we safeguard your data.

How Plugin works

Here's a simplified diagram illustrating the process:

A diagram showing the process flow of the AskYourDatabase plugin. It starts with the user providing database credentials to ChatGPT, followed by the transmission of these credentials to the server. The server then attempts to establish a connection with the user's database, highlighting the steps involved in this plugin's operation.
Flowchart Illustrating the AskYourDatabase Plugin Process

To use the plugin, you need to provide ChatGPT with your database credentials. These credentials are then transmitted to our server, which attempts to establish a connection with your database.

However, this approach raises several security concerns:

  1. While we don't store your credentials, they are still disclosed in the ChatGPT chat history, potentially being used in training the OpenAI model.
  2. We don't interact with your database beyond establishing a connection. However, the ability to connect to your database from our server means that, in the event of a cyber attack on our server, there's a risk that hackers could access your database through our server.

Measures to Protect Your Data:

  1. We ensure that your credentials are never stored.
  2. All network communications are secured using HTTPS protocol.

Despite these precautions, we recommend the following steps to further secure your data:

  1. Create a read-only user account if your intention is solely to query data.
  2. Whitelist our static IP to allow database connections.
  3. Change your password after completing your tasks.

How Desktop works

The following image illustrates the desktop application's process:

AskYourDatabase Desktop connects your db locally and securely
How AskYourDatabase Desktop works

The desktop application establishes a connection to your database directly from your local computer (future updates will include SSH tunnel support).

Your credentials are securely stored in your local vault and are not transmitted elsewhere. Only your queries and the database schema information are sent to our server.

Our server acts merely as a conduit to OpenAI, and we do not store your conversations.

Thus, the desktop version maintains a high level of security for most use cases.

If privacy is a paramount concern (for instance, if you wish to prevent OpenAI from using your conversation history in model training), we recommend considering ChatGPT Enterprise.

We offer integration with ChatGPT Enterprise and are available for demos upon request.

Summary


Both the AskYourDatabase plugin and desktop application are designed with your data security in mind.

While the plugin requires careful handling of database credentials and adherence to recommended security practices, the desktop application offers enhanced privacy by handling connections locally and storing credentials securely on your device.

We continuously strive to balance functionality with security, ensuring that your data remains protected. For those with heightened privacy needs, our integration with ChatGPT Enterprise provides an additional layer of security, aligning with the most stringent data protection standards.


More Blogs

Databases for AI Apps: Why You Should Choose Neon DB | LLM Agent Tutorial

Databases for AI Apps: Why You Should Choose Neon DB | LLM Agent Tutorial

Building production-ready AI apps is not easy; you need a fast vector store, the ability to query databases on edge functions, and more. In this article, we will discuss how we choose a database when building the AskYourDatabase SQL Chatbot and why Neon DB wins.

Sheldon Niu
Sheldon Niu
Connect SQL databases to AI chatbot | LLM Tutorials

Connect SQL databases to AI chatbot | LLM Tutorials

It involves a lot of uncommon technique problems regarding to connecting SQL AI agent chatbot to your database, like access control, SQL accuracy, etc. This article teaches you how to build AI chatbot that connects to your SQL databases.

Sheldon Niu
Sheldon Niu
;