Loading...
Flexera is committed to leveraging advanced technologies like Generative Artificial Intelligence ( GenAI) and other AI technologies (collectively “AI”) to enhance functionality, efficiency, and value of our products and services. Flexera uses AI in a responsible, secure, and transparent manner, consistent with its contractual commitments and applicable legal and regulatory requirements.
Most AI controls relate to the ISO 27001:2022 controls in section 8 and 9.
To ensure compliance, Flexera’s use of AI is governed by the following principles:
Customer Data Protection: No customer data is exposed to train AI models unless explicitly approved by the customer for a defined purpose. Certain features of our products (such as our content library) may be curated and augmented with AI, but the AI leveraged for those features does not expose any customer data and are solely required for product usage.
Purpose Limitation: AI is used only to support defined product functionality and operational outcomes and does not introduce autonomous decisionmaking or independent learning beyond those defined purposes.
Transparency and Choice: Flexera provides release notes to customers detailing any updates or additions of AI features incorporated into products in advance to allow, where applicable, opt in or opt out.
Security and Isolation: Features (such as entitlement ingestion) that may use customer data use static and non-learning AI models that do not retain, reuse, or learn from customer data. Customer data exposure in such circumstances happens under a per-tenant model. Flexera may provide the option for customers to opt out of using these features, provided that there will be a natural loss of potential value from the product due to reduced feature availability.
Responsible Deployment: AI systems are designed, reviewed, and monitored to reduce risk and unintended outcomes and are supported by appropriate human oversight.
Flexera’s focus is on integrating AI in a manner that prioritizes privacy and security, confirming that no customer-identifiable data is used to train any models. The AI technologies we implement, such as non-learning models for data augmentation, validation, and normalization are carefully selected to align with these priorities and rely on pre-trained or static AI models operating solely on Flexera-controlled datasets. AI capabilities do not alter Flexera’s existing data retention, deletion, or access control practices. This use aligns with Flexera’s commitment to delivering consistent, reliable core functionality while maintaining strict data separation.
When collaborating with customers, we ensure that any AI models developed or configured in connection with customer engagement operate in accordance with our data-protection commitments. We do not use customer data for training AI models unless specifically approved or provided by a customer for a specific purpose requested by the customer. Where AI capabilities involve customer-supplied data, Flexera employs static, non-learning models within a tenant-specific framework and does not retain or reuse such data for model improvement or cross-customer use. Our approach to custom AI model development is highly targeted; we utilize models that are small, purpose-built, and designed to perform specific tasks within constrained scopes, rather than broad, multitask models. This method not only increases the transparency and accuracy of our AI models but also works to minimize the risk associated with their use.
Access to these AI models and their outputs is restricted to Flexera, with appropriate safeguards in place to protect sensitive data. The presence of issues or errors in an AI model is mitigated via our contingency plans, including feedback loops, human review, and support from knowledgeable staff who are well-versed in the features and limitations of these AI technologies.
As Flexera continues to develop and deploy product capabilities that leverage AI, we continue to actively work on verifying compliance with emerging regulations and industry standards and assessing their applicability to the AI-enabled features in our products. This includes ongoing assessments and audits of our AI-enabled functionalities and models. Our commitment to continuous improvement extends to the monitoring and updating of these models where appropriate to improve their accuracy and effectiveness.
Flexera is committed to providing our users and stakeholders with the necessary training and support to work effectively with the AI capabilities we offer.