Module 12 Wrap-up: The Secure Admin

You have moved beyond "Just talking to a model" to "Governing a system." You understand that privacy is a technical feature, not just a marketing slogan. By running Ollama, you have built a system that respects the user and the law.

---

Hands-on Exercise: The Security Audit

Perform this 5-minute audit of your current Ollama setup:

1. Check Listening Address

Run netstat -an | grep 11434 (macOS/Linux) or netstat -an | findstr 11434 (Windows).

• Goal: You should only see 127.0.0.1:11434.
• Fail: If you see 0.0.0.0:11434, your server is exposed to your Wi-Fi!

2. Locate Your Logs

Open your log file: tail -n 20 ~/.ollama/logs/server.log.

• Look for any "Error" messages or "Unauthorized" connection attempts.

3. Encrypt the "Blobs"

Find your .ollama/models folder. If you are on a laptop, ensure that your OS-level Disk Encryption (FileVault on Mac, BitLocker on Windows) is turned ON.

---

Module 12 Summary

• Local AI is the ultimate privacy solution because data residency is guaranteed.
• Ollama is secure by default but needs a proxy for network access.
• Auditing ensures that AI usage aligns with professional ethics and corporate rules.
• Compliance with GDPR and HIPAA is drastically simplified by avoiding third-party data transfers.

Coming Up Next...

In Module 13, we tackle Performance and Scaling. We move from one model to a "Cluster" of models, exploring how to run Ollama in Docker and how to handle dozens of users at once.

---

Module 12 Checklist

• I have verified that my Ollama server is only listening on localhost.
• I know how to find and read the server.log file.
• I can describe the difference between PII and general text.
• I understand how a "Reverse Proxy" adds a password to Ollama.
• I have a plan for moving models into an "Air-Gapped" room if needed.