Relevance Generative Answering (RGA) data security

Secure content retrieval is a feature of the Coveo that allows for more efficient and secure searching and generation of enterprise content with Coveo security cache at its core.

Your enterprise data is stored in a secure Coveo unified index that’s only accessible to you and the people you authorize within your Coveo organization. Secure handling of your enterprise data applies not only at ingestion (crawling time) but also at query time.

By indexing your enterprise restricted documents with item and user permissions, and then applying those user permissions at query time, Coveo ensures that sensitive information is not inadvertently exposed through search results or generated answers. Through a Coveo-powered search interface, authenticated users only see the items that they’re allowed to access within the indexed repository.

In the context of generative AI, grounding refers to the process of providing a generative LLM (GPT LLM) with specific and relevant information that’s not available to the model based on its training.

While generative LLMs come with a vast amount of knowledge, this knowledge is limited as it’s not use-case or industry specific. To obtain a relevant output to a query for your enterprise, we must provide the generative LLM with the necessary information. In other words, we need to "ground" the model in the context of a specific use case. Grounding is an important security feature in generative answering, as it helps to ensure that the generated output isn’t only relevant but secure. Grounding holds the model to factual data and relevant user context when generating an answer.

Coveo’s secure content retrieval makes grounding possible. The Relevance Generative Answering (RGA) model uses the content that’s retrieved from your Coveo index to create the grounding context that will be provided to the generative LLM. RGA’s two-stage content retrieval ensures that Coveo controls the content that serves as the raw data from which the text is generated. The RGA model uses grounding and prompt engineering to construct a prompt for the generative LLM that includes detailed instructions, the query, and the most relevant segments of text from the retrieved content. Confining the generative LLM to just the most relevant text from your secured content ensures that the answer that’s generated is relevant and respects your enterprise content permissions.

By combining secure content retrieval and grounding context, RGA uses a technique called retrieval-augmented generation (RAG) to enhance the security, relevance, and reliability of content that’s generated by an LLM.

RGA leverages GPT’s linguistic capabilities to generate the answer. The GPT LLM is hosted on Microsoft Azure’s servers. The RGA model sends the prompt to the Microsoft Azure OpenAI server, the GPT LLM generates the answer, and the answer is then sent back to Coveo.

HTTPS endpoints ensure that communication between Coveo and the Microsoft Azure OpenAI server is encrypted and secure. This prevents potential attacks such as eavesdropping, tampering, or data theft.

TLS endpoints use cryptographic protocols to provide authentication, confidentiality, integrity, and non-repudiation services. This allows secure web communication between Coveo and Microsoft Azure’s servers.

To maintain data privacy, enterprises must retain complete ownership of their data. With Coveo and RGA, you remain the sole owner of your data.

Coveo logs usage analytics data related to RGA, and retains the data for a period of time as specified in Data retention.

You can create reports on the RGA custom UA events. To access data that’s not available through the RGA UA events, such as the user query and generated answer, contact your Coveo Customer Success Manager (CSM).