# Architecture

Subsalt is commonly deployed into secure, sensitive environments - as a result, the product is intentionally architected to follow modern security best practices. Most importantly, Subsalt never moves sensitive data out of it's designated environment, and never stores sensitive data on disk.

{% hint style="info" %}
We've got a detailed enterprise security manual appropriate for architecture and security reviews. [Reach out to our client support team](mailto:support@getsubsalt.com) to obtain a copy.
{% endhint %}

### Deployment models

Subsalt is available both as a cloud-hosted offering and a managed instances deployed in customer cloud environments.

* [Subsalt Cloud](/product/subsalt-cloud.md) runs in Subsalt-managed infrastructure
* [Subsalt Managed](/product/subsalt-managed.md) runs in customer cloud environments

### Architecture

The product is architected to enable de-identified data interactions at enterprise scale - customers can provide access to a single team or many teams across many organizations using the same components. There are three core components for Subsalt's product that coordinate to support a wide range of deployment configurations and use cases:

<table><thead><tr><th width="142.796875">Component</th><th width="331.6328125">Responsibility</th><th data-type="checkbox">Sensitive data access?</th><th data-type="checkbox">End user access?</th></tr></thead><tbody><tr><td>Secure Training Environment</td><td>Train and evaluate generative models on raw data</td><td>true</td><td>false</td></tr><tr><td>Access Point</td><td>Run queries to retrieve de-identified results</td><td>false</td><td>true</td></tr><tr><td>Hub</td><td>Coordination plane for connected training environments and access points</td><td>false</td><td>false</td></tr></tbody></table>

All components run in Kubernetes, and can be deployed in a single cluster or scaled across many clusters. The Secure Training Environment component is the only element of the system that ever has access to raw data, and is therefore typically deployed in a customer's sensitive data environment. Access Points do not have direct connections to Secure Training Environments (or raw data), and sensitive data is not accessed during the process of generating results for a query.

### Data minimization

Subsalt's application implements data minimization best practices to further reduce the risk to your datasets. You can be sure that:

* Subsalt's system only retrieves sensitive data from data sources that you've configured, and only for the purposes of producing synthetic, de-identified versions of the same data.
* Your raw data never leaves the Secure Training Environment(s), and is never persisted to disk. It is purged from the system as soon as the training and evaluation process is completed.
* Subsalt does not grant permission to others to access your de-identified data assets.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.subsalt.io/product/architecture.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.