Skip to main content

Overview

The 4Minds platform is built with security and privacy as core principles. Your data remains private, your models are deployed in single-tenant environments, and all transmissions are encrypted. We maintain compliance with major industry standards to meet enterprise requirements.

Authentication

JWT-based authentication

All API requests and platform access use JSON Web Tokens (JWT) for secure, stateless authentication. Tokens expire automatically and can be revoked instantly if needed.

OAuth support

Sign in seamlessly with your existing accounts:
  • Google - Use your Google Workspace or personal Google account
  • GitHub - Authenticate with your GitHub credentials
OAuth integration eliminates the need to manage separate passwords while maintaining security through trusted identity providers.

API key generation

Generate API keys for programmatic access to your models and data. You can:
  • Create multiple keys for different applications or environments
  • Set expiration dates for temporary access
  • Revoke keys immediately if they’re compromised
  • Monitor API key usage and activity

Data privacy

Single-tenant model deployment

Your models run in isolated, single-tenant environments. No shared infrastructure means your model weights, training data, and inference results remain completely private.

Private data storage

All datasets, models, and generated content are stored in dedicated storage that only you can access. Data is never shared across accounts or used to train other models.

Encrypted transmission

All data in transit uses TLS 1.3 encryption. Whether you’re uploading datasets, querying models, or receiving notifications, your data is protected from interception.

Compliance

The 4Minds platform maintains compliance with major security and privacy regulations:

ISO 27001

Our information security management system follows ISO 27001 standards for protecting sensitive data and managing security risks.

SOC-2 Type II

We undergo regular SOC-2 audits to verify our security controls, availability, and confidentiality practices meet industry standards.

GDPR

For users in the European Union, we comply with GDPR requirements for data protection, user rights, and privacy by design.

CCPA

California users benefit from CCPA protections, including the right to know what data we collect and the right to deletion.

Security best practices

To maximize security when using 4Minds:
  • Rotate API keys regularly
  • Use OAuth when possible instead of password authentication
  • Monitor your notification alerts for unusual activity
  • Review connected integrations periodically and disconnect unused sources
  • Keep your authentication credentials private and never share API keys
Security is a shared responsibility. We provide the infrastructure and controls, and you maintain secure practices when accessing and using the platform.