Azure Private Hosting for Zebra AI Enterprise Security Policy
This document provides a readable overview of Zebra AI’s additional security policies for our Dedicated Cloud offering, which runs exclusively on Microsoft Azure in your chosen region. For complete, binding details, please refer to our Terms of Service (ToS) and Privacy Policy (PP) and General Security Policy.
Table of Contents
Want to discuss more?
Contact SalesDedicated Cloud Overview
Zebra AI Dedicated Cloud provides an optional single-tenant environment where your organization’s data, user accounts, and AI workflows are hosted on exclusive resources – a separate server instance and database on Microsoft Azure. This approach offers additional performance, security, and customization benefits compared to our standard multi-tenant deployment.
Key Features
- AI Security by Default: All services run entirely within Microsoft Azure; no extra third-party communications with AI services or any other data provides are required.
- Exclusive Resources: Your own dedicated Azure server and database ensure consistent performance and isolation from other customers.
- Global Hosting Options: Choose from Europe, North America, Southeast Asia, or any other supported Azure region, so your data stays close to home.
- Enhanced Security: Advanced measures like strict access controls ensure only authorized users can enter your environment.
- Hassle-Free Licensing: We handle the licensing, so you don’t have to mess with billing integrations or external payment systems.
Encryption
We use industry-standard encryption at all stages:
- In-Transit: All communication between your client and the Zebra AI Dedicated Cloud servers is protected by SSL/TLS (HTTPS), ensuring data can’t be intercepted or tampered with in transit.
- At Rest: Any data stored on your dedicated Azure server and database is protected using 256-bit AES encryption. This applies both to temporary data (e.g., uploaded datasets) and to any persisted records (e.g., user profiles or stored chat histories).
Within the Dedicated Cloud setup, all services are hosted on Microsoft Azure in your chosen region, so your data never leaves the Azure network.
Login & Registration
You can use Microsoft SSO (single sign-on) to log into your Dedicated Cloud instance. During the first login, users grant permissions for basic profile data (e.g., name, email). The authentication token is stored as a secure cookie in the user’s browser, eliminating the need to log in repeatedly.
Access to the dedicated service will be provided through a special domain. For customers who wish to use their company domain to resolve to our server, please contact us for assistance with setting up custom domains.
Additionally, IP whitelisting can be implemented as an extra security measure to control access to the service.
Cookies
Like the standard Zebra AI service, the Dedicated Cloud stores a secure, encrypted authentication cookie in the user’s browser so they remain logged in. We do not read or track any cookies from other websites or services.
Uploading Your Data
When you upload data:
- It is received by your dedicated Zebra AI server, hosted in Microsoft Azure.
- The service processes the data within the same Azure environment for generating charts, summaries, and other AI-driven insights.
- Data is deleted immediately once your session ends (e.g., upon logout or page refresh) unless you choose to store certain outputs (like a chart or story).
- By default, we rely on Azure OpenAI for AI processing, so your data and the AI calls remain within Microsoft Azure data centers.
Incognito Mode
To help with compliance or extra privacy requirements, we can offer an “Incognito Mode.” When activated, no session data, including story history or queries and AI-generated outputs, is retained after you close your session.
Connecting with Power BI
If you integrate with Microsoft Power BI:
- You grant Zebra AI (running on your dedicated server) the permissions to read datasets or reports you choose to connect.
- A time-limited authentication token from Power BI allows your dedicated server to query the dataset.
- We only store dataset metadata (connection info, the DAX queries you ran) for convenience. The actual dataset results used during analysis are deleted from memory after your session ends.
Storing / Sharing Historical Chats (“Stories”)
By default, your Dedicated Cloud instance can store chat histories (stories) to let you review or share them later. However:
- You can disable or selectively delete stored stories at any time.
- If you enable “Incognito Mode,” no stories or chat logs are stored by default.
When you share stories with colleagues in the same Dedicated Cloud environment, we create copies in the database so all authorized users can see them. You can delete these copies at any time.
Dislike Dashboards or Charts
If you integrate with Microsoft Power BI:
- If enabled, any disliked chart or AI answer can be flagged and stored for internal review by your team (or by Zebra AI support, if you opt in).
- Since everything runs on your dedicated Azure instance, no external service is involved unless you specifically enable it.
Additional Usage & Error Tracking (Optional)
Unlike our standard multi-tenant service, in your Dedicated Cloud environment these integrations are optional.
- Application Analytics: If enabled, we can run analytics tracking on your dedicated server, or you can integrate your own analytics.
- Error and Usage Tracking: These services are disabled by default to prioritize privacy, meaning we do not collect any data. If you have specific requirements or would like to explore alternatives, please contact us to discuss availability and implementation options.
Where Does Your Data Go Outside of Zebra AI?
By default, nowhere – your Dedicated Cloud environment operates entirely on Microsoft Azure. If you choose to enable external services (e.g., external logging or your organization’s AI endpoints), we work with you to configure the minimal data flow needed.
Get Started Today
For questions or additional documentation, email us at ai@zebrabi.com