How to be Artificial Intelligence Intelligent…

There is much skepticism surrounding Artificial Intelligence. How can you be smart about it?

I spoke to a team member in Silicon Valley’s research and engineering at Turing, VP of Marketing, Yi Jin, Ph.D. Being a robotics company at their core — they work on many projects, one of their latest is their AI-based rapid temperature scanner.

Like any measure of security, there are certain things to look for in AI. There are four categories including: hardware, software, data and organization that require attention. In this post, I have gone through each category to give you a breakdown of what they mean, and I’ve included some additional resources for further information.

Hardware
This is the physical aspect of what type of camera is being used. The Turing device/camera is compliant with the COVID19 safe harbor policy, which has to do with employer/ OSHA laws. The hardware (camera) also needs to be NDAA compliant, this relates to the manufacturer, as well as the camera components. There is even a NDAA ‘Blacklist’ of companies that are prohibited dealers and integrators due to unlawful practices. For more information on all these topics, see links below.

https://www.osha.gov/Publications/OSHA3990.pdf

https://www.nellyssecurity.com/blog/articles/complete-guide-to-ndaa-compliance-which-security-cameras-can-you-install-on-us-government-properties

https://www.security.honeywell.com/ndaa#:~:text=The%20John%20S.,the%20U.S.%20Department%20of%20Defense.&text=Together%20with%20the%20Series%2030,with%20NDAA%202019%2C%20Section%20889.

https://www.securityinformed.com/insights/rule-triggering-blacklist-provision-ndaa-ready-co-3425-ga-co-4261-ga-co-8578-ga-sb.1594979228.html

Software
Software is a collection of instructions and data that tell the computer how to work. To be safe from cyberattacks, the company in question needs to have some specific certifications. In this case, a certification is a cybersecurity achievement.

For example, one of the certifications Turing holds is the Cobalt certification. They underwent over 40 hours of hacking by professional hackers and resolved every vulnerability in their system. In addition, Yi also shared that their software is built on top of Linux operating system, as opposed to Android which is vulnerable to cyber attacks.

Data
Data is the information stored. Things you should look for include:

  • ISO27001 compliant with standard encrypted data. What does that mean? “ISO/IEC 27001 sets a globally recognized standard for the maintenance and protection of information systems.” (Core Business Solutions, Inc.).
  • Data encryption- only users with a certain key can access the data (password-protected).
  • HIPPA standard compliant- Standard for sensitive data protection (treatment, payment, operations in health/healthcare). Some information surrounding HIPPA may require extra measures of encryption.

https://digitalguardian.com/blog/what-hipaa-compliance#:~:text=The%20Health%20Insurance%20Portability%20and%20Accountability%20Act%20(HIPAA)%20sets%20the,them%20to%20ensure%20HIPAA%20Compliance.

https://www.thecoresolution.com/iso-27001-overview?creative=487667748653&keyword=&matchtype=b&network=g&device=c&gclid=Cj0KCQiAjKqABhDLARIsABbJrGmxWr4O1E00PwcVR3wIjZPNFkaWQhGgTfGgaQQKPiT2qwT6sI8sVSEaAruUEALw_wcB

Organization
Organization is how the data is set up and who has access, as well as who does not.

The certifications and compliances mentioned in the above (NDAA compliant, Cobalt certification, OSHA/HIPPA compliant), aid in ensuring that data is secure so that only the correct admins have access. SOC2 is an auditing procedure to ensure your data is protected securely within the organization. More information about SOC2 can be found here:

https://www.imperva.com/learn/data-security/soc-2-compliance/#:~:text=SOC%202%20is%20an%20auditing,when%20considering%20a%20SaaS%20provider.

Most importantly, how can you find this information? Always get an Infosec report! The safety compliances and certifications they have will be listed.

Here is a note from Yi Jin, the VP of Marketing at Turing Video…

“The mission of Turing Video has always been to use AI responsibly to enhance safety and security. We understand that a lot isn’t shared with the public about AI, which is why we are transparent about the technology we use – the current best-in-class AI available –our processes — we’ve uploaded hundreds of thousands of images ensuring proper facial recognition across races and genders – and our mission to ensure that businesses and employees are protected from COVID-19 while adhering to all of state and federal mandates of compliance. That means that our product the Turing Shield, and the cloud-based platform where its data is stored, is fully HIPAA compliant on a fully end-to-end encrypted platform. Complies with data access security protocols, and because we protect those who protect us in Federal Government, complies with both the COVID-19 Safeharbor Policy and the National Defense Authorization Act.”

“What does this mean in simple terms? We use best-in-class AI software, so our software gets smarter the more it is used. It detects fever with even greater accuracy, detects masks with high accuracy across all genders and races. The fully-encrypted cloud-based-platform stores the data in a way that is compliant with HIPAA standards, data-encryption requirements, and federal policies and standards. In the event of a sick employee or visitor, trained staff can retrieve accurate contact-tracing information to notify Public Health Services and potentially exposed employees and visitors within 24-48 hours, as mandated by most states. When we say we use our AI for safety and security, it’s important to us that everyone in the ecosystem, employees, visitors, employers, and the business as an entity, is protected. Without best-in-class AI and our brilliant product-design engineers, this level of safety just isn’t possible.”

“Turing Video is proud to be recognized for our AI innovation with a nomination for the 2021 Edison Award™ for Innovation in the COVID-19 Innovation category.”