It’s hard to believe that March is already here and I think we are all hoping that a new month might bring the biblical rainfall to an end! In this newsletter we highlight an often-ignored potential risk in the rise of GenAI – data exposure – along with a look at how you might optimise your computing power.
GenAI and data exposure risk
This article from InfoSecurity Magazine makes for rather sobering reading, focusing on the potential security impacts of the rise of generative AI use in the workplace. As employees look for help summarising documents, drafting content, analysing datasets and writing code, there is a real, and often unacknowledged, risk of data leakage. Inputting confidential corporate or customer data into public LLMs (that may train on this data) and unauthorised use of third-party AI tools that bypass corporate security controls can clearly open vulnerabilities. With such rapid change in day-to-day work practices, it’s easy to understand how “traditional” security protocols can quickly become outdated, creating potential loopholes. Tools such as data loss prevention and monitoring can prevent sensitive data from being uploaded or typed into browser-based AI apps whilst access control can ensure strict user authentication and authorisation for accessing AI tools. Ensuring data security requires clear policies of how GenAI should be used in your business and implementation of the right protocols to avoid unintended breaches.
Hybrid vs. “cloud-only”
In recent decades, cloud computing has been transformative with big shifts towards public cloud services such as AWS, Azure, and Google Cloud. However, many have found that this is not a panacea as whilst some workloads thrive in the cloud, others can be slower or more expensive. There is now an argument to say that a combination of public cloud services and private infrastructure – whether cloud or on-premise servers – might be the pragmatic answer. With such an approach, you have the flexibility to place each workload where it performs best, having taken into account cost (OpEx vs CapEx), performance (lags can occur from remote data centre locations), security and regulatory requirements. A hybrid cloud strategy can allow you to better balance resilience and flexibility according to changing demand in your business, whilst optimising costs. Furthermore, a hybrid cloud can help data sovereignty and strict compliance requirements to be met, keeping sensitive or regulated data on infrastructure you control whilst running analytics or other workloads in the cloud. The cloud landscape will keep evolving so building flexibility into your infrastructure with a blended approach can help your business thrive.
