Trust in SAS® Viya® Copilot

 

SAS Viya Copilot is a cloud-based AI assistant that brings generative AI capabilities into the SAS Viya 4 platform. It works as a conversational copilot within SAS Viya platform applications to help users code, build models and analyze data more intuitively and efficiently. This feature is delivered as a SaaS (Software as a Service) component of the SAS Viya platform, and it leverages the scalability, security and reliability of Microsoft Azure AI services.

Below we provide an overview of how SAS Viya Copilot works, its integration with Azure, data flow and residency details, and our commitments to data security and privacy.

What is SAS Viya Copilot?

SAS Viya Copilot is a new feature of the SAS Viya 4 platform that uses generative AI (specifically Large Language Models, or LLMs) to boost user productivity across the analytics life cycle. It enables tasks like code generation, code explanation, data querying and model development through natural language conversations. SAS Viya Copilot offers a “human-in-the-loop” approach – it provides intelligent suggestions and automation while keeping you in control of final decisions and actions.

Can customers control whether or not to use SAS Viya Copilot?

While SAS Viya Copilot is not a separate product from the SAS Viya platform, it is a separately controllable feature operating on top of the existing SAS Viya platform. That means each customer can decide whether to use SAS Viya Copilot and can control that at the enterprise level.

How does SAS Viya Copilot work?

SAS Viya Copilot is powered by a combination of proprietary SAS technology and Microsoft Azure technology to help you securely access, use and manage your data. The key components are your SAS Viya 4 platform environment and the Microsoft Azure environment, which is controlled by SAS.

• Your SAS Viya 4 Platform Environment: Each customer’s SAS software and data reside in their own SAS Viya 4 platform environments. This could be your SAS Viya 4 platform deployment hosted by SAS (via SAS Managed Cloud) or managed by the customer (on a customer’s own cloud or s). When you use the SAS Viya Copilot feature (for example, asking a question or requesting code suggestions), that request originates from your SAS Viya platform system via a secure connection to the copilot service.
• SAS Viya Copilot Service: This cloud service powers the SAS Viya Copilot feature.  It runs on Microsoft Azure in a secure private tenant that is managed by SAS. When your SAS Viya platform environment sends a request to the SAS Viya Copilot service, a request is transmitted via secure API to the Microsoft-hosted service, where Azure-hosted AI models reside. The SAS Viya Copilot service is multi-tenant (serving many customers), but each customer’s data and requests are logically separated and secured (more on security below). The service does not retain your data and content; it is only stored transiently for processing the request.

An example sequence of steps is as follows:

1. A SAS Viya user submits a request using a feature that leverages the SAS Viya Copilot service (such as a prompt to a chat interface to explain a snippet of SAS language code).
2. The SAS Viya platform securely transmits a request to the SAS Viya Copilot service in the Azure environment specific to SAS, and the request results in one or more prompts to an LLM hosted in that Azure environment.
3. The SAS Viya Copilot service receives the response from the LLM, performs post-processing activities, and returns the result to the customer’s SAS Viya platform environment for review and assessment by the customer.

What data does SAS Viya send to the SAS Viya Copilot service?

Your data primarily stays within your SAS Viya environment, with only the necessary prompt information and contextual data going to the SAS Viya Copilot service. The exact data that is sent to the service depends on the feature, context, and request.

For example:

• If you ask for a summary of SAS language code, the code you asked about will be transmitted to the service.
• If you ask for suggestions on which statistical procedures would be appropriate for a specific data set, that data set or metadata about the data set (like column names) may be transmitted to the service.
• If you ask for recommendations about adding a node to a modeling pipeline, the existing pipeline would be provided to the service.

Important note: Before using SAS Viya Copilot, you should understand that your data may be transmitted to the SAS Viya Copilot service.  If you ask SAS Viya Copilot a question about a table containing personal data, that data may be transmitted to the service as context to help the service respond to your question.

How do SAS and Microsoft use customer data?

SAS processes a prompt to the SAS Viya Copilot service in order to serve the customer’s request, and then deletes the prompt and contextual data. The data is stored only transiently to serve the request. Like SAS, Microsoft processes your data to serve the request. Microsoft also applies automated abuse monitoring, which detects things like hate speech, self-harm language, or other policy violations.

Microsoft’s processing is described in detail on their site:

• Data, privacy, and security for Azure OpenAI Service - Azure AI services | Microsoft Learn
• Microsoft Data Access Management

Unless you have granted SAS access to your data (e.g., for hosted managed services or a consulting engagement), SAS personnel cannot access your data.  Likewise, SAS has opted out of Microsoft’s human review process, so Microsoft personnel will not review any of your prompts, outputs, or contextual data.

Important note: Neither SAS nor Microsoft is using your data for any other purpose, such as training AI models.

How is customer data secured?

SAS Viya Copilot uses a combination of strong security practices to protect customer information.

SAS uses a centralized framework for managing, developing, and deploying GenAI projects across the SAS Viya platform. Centralizing this framework helps ensure consistency and common approaches to security.

Data Security and Privacy Practices

Trust and security are paramount for SAS Viya Copilot. As a customer-facing generative AI service dealing with potentially sensitive business data and code, we have implemented strict policies and controls to safeguard your information. Below are the key aspects of how SAS Viya Copilot handles security, privacy and data protection:

• Ownership and Control: You retain ownership of all inputs (prompts or code you provide), and neither SAS nor Microsoft claims any rights over the code or text that the copilot generates for you.
• Confidentiality: SAS treats any customer data that flows through the copilot as confidential per the terms of our agreement with each customer.
• Stateless Cloud Service: The SAS Viya Copilot service in the Azure environment is designed to be stateless with respect to customer data. This means that it does not persistently store the details of your queries or your data sets. Once a prompt is processed and the result is returned, the service does not retain that prompt text or result.
• Encryption in Transit and at Rest: All communications between your environment and the SAS Viya Copilot service are encrypted using TLS (HTTPS). Within the Azure environment, data in transit between services (for example, between the SAS service and the Azure OpenAI model endpoint) is encrypted via TLS 1.2. For data at rest, although the copilot does not persist actual customer data, any ancillary data in the Azure environment is encrypted at rest by the Microsoft Azure service using AES-256 encryption for storage.
• Azure Cloud Security & Compliance: The SAS Viya Copilot service runs on the Azure environment and benefits from its robust physical and network security. Microsoft Azure data centers are certified for a broad range of security standards and compliance frameworks. Azure and other Microsoft cloud services compliance offerings - Azure Compliance | Microsoft Learn
• Tenant Isolation and Access Control: The SAS Viya Copilot service enforces strict tenant isolation. Each customer’s Copilot access is governed by unique credentials (such as an API key or OAuth token tied to their SAS Viya platform tenant). A customer can only invoke Copilot for their own environment, and the responses are delivered back only to that environment.
• Network Security: The service endpoints are protected by Azure Web Application Firewall (WAF) with Open Worldwide Application Security Project (OWASP) rules, and network security groups lock down internal traffic flow. Only required ports between the SAS Viya platform and the service are allowed.
• Least Privilege: The cloud components run with the minimum permissions needed. Admin access to production is restricted and tracked.

What geographies are involved in processing customer data?

Many organizations have policies or must follow regulations about where their data is processed and stored. SAS Viya Copilot supports geographic data residency choices to help meet those requirements.

Because the SAS Viya Copilot service is built on the Microsoft Azure environment, SAS leverages the Azure environment’s “Data Zone Standard” deployment model in order to enable geography-specific data processing. More information from Microsoft about Data Zones is available on their site: Azure OpenAI in Azure AI Foundry Models - Azure OpenAI | Microsoft Learn

The Data Zone Standard approach ensures that even if multiple regional servers are involved for performance, they are all confined to the chosen geography.

At initial availability, SAS offers the SAS Viya Copilot service deployment in two Data Zones: one in the United States (US) at Azure US-East and one in the European Union (EU) at Azure Germany West Central. When you enable SAS Viya Copilot for your SAS Viya platform environment, you will select one of these zones (typically this would align with the region where your SAS Viya platform is hosted or your preference for compliance).

Here is how geographic data flow works for each option:

• US Data Zone: If you choose the US region, your copilot requests will be handled by an Azure US data center. Currently, SAS uses Azure “East US” as the primary region for the Copilot service in this zone. The Copilot service may route the request to different Azure compute regions within the US for the actual AI model inference, depending on capacity – for example, the LLM might run in “EastUS,” “EastUS2,” “NorthCentralUS,” etc., based on availability.
• EU Data Zone: Similarly, choosing the EU option will ensure your Copilot service runs in an Azure European Union data center. SAS currently utilizes “Germany West Central” as the primary region for the copilot service in the EU zone. The Azure OpenAI model inference might be executed in one of the EU Azure regions (such as “West Europe,” “North Europe,” etc.), depending on capacity, but again, only EU regions will be used.

As a reminder, regardless of region, SAS Viya Copilot does not store data beyond the transient period to execute your request. Even within the chosen Data Zone, the service is designed so that only transient processing happens in the Azure environment.

How does SAS Viya Copilot enable trustworthy AI?

SAS is aligning with the EU’s approach under the AI Act for General Purpose AI Models.  See more information here: EU AI Approach | SAS

SAS leverages combinations of Microsoft AI safety mechanisms and our own safety mechanisms to provide a better user experience, protect against security risks, and prevent sensitive or disallowed content. For example, SAS leverages Azure content filters that detect things like hate speech, self-harm language, or other policy violations in prompts and responses. And as an additional safeguard, the SAS Acceptable Use Policy applies to Copilot usage.