Generative AI Security Starts In Your Datacenter

News Room

Building and training your generative AI app on premises before extending it across your multicloud estate affords you the best chance for maintaining security and control.

Seeking quick wins, IT leaders are pushing their teams to build generative AI applications that can be used internally to surface business information.

Presumably, the value of what they’re building lies in the richness of the corporate data sets. The data is their crown jewels, their secret sauce, their insert-favorite-metaphor here.

A new app to surface marketing collateral? Probably includes their data. How about a tool that produces sales forecasts? It likely leans on their data. That app that serves up an actionable narrative from analyzing IT operations? Not very useful without their data.

The right app could accrue to something bigger over time, leading to a competitive advantage. Or so goes the strategic thinking in the C-suite.

The Paranoid Survive

Assuming you are among the IT leaders experimenting with GenAI you can’t deny that itch at the back of your brain. The gnawing feeling that it would be risky to host it elsewhere—at least until you’ve trained the model and have ironed out kinks such as bias, disinformation and hallucinations.

It’s a concern that organizations take seriously, as 45% of IT decision makers cited risks to data and IP as the No. 1 reasons they are hesitant about embracing GenAI, according to a recent Dell survey.1

It’s okay to be cautious but hesitate too long and you could find yourself chasing a train that has left the station. There is a case to be made that you can build and train your GenAI model internally, then run it wherever makes the best business sense once the data outputs are polished to a high degree of fidelity.

First, understanding the risks is critical. Building and training the model is a delicate operation.

LLMs Require Care and Feeding

LLMs train on unstructured data and generate text in response to various prompts. If sensitive or confidential data is used to train or fine-tune these models, it can be more challenging to control the dissemination of this data and opens the organization up to more risks.

The generative nature of their output means they are capable of inadvertently disclosing information from the training data, even if the data itself is not directly accessible.

As noted earlier, LLMs can inherit biases present in their training data, which can have ethical and legal implications for your business.

LLMs may also be exploited to create malicious code, such as phishing scams and other malware.

And if you’re being honest, you can’t always know how your employees may use the tools you provide them—or what their intent may be.

Sometimes the bad actions are inadvertent; the data used to inform LLMs may require additional protection to prevent unauthorized privacy or other disclosures. This extends to the macroenvironment, as data sovereignty rules govern how data is stored, processed and used in countries worldwide.

To that end, as you think about where to run your generative AI model, it may help to think about the way you would implement control measures implemented in a high-security government facility.

Just as a government facility prioritizes security, privacy, low latency, governance and overall control, an on-premises AI instance offers a similar level of meticulous attention to these critical aspects. By deploying your app behind your firewall and leveraging a Zero Trust strategy for data protection, you decide who has access, what data is shared, as well as how to respond to security concerns.

Like assets shored up in a government facility, running a GenAI app on premises ensures that all data remains within the organization’s environment, helping you retain control while reducing the risk of data breaches. Staff can fine-tune GenAI apps on their workstations as they get more comfortable with the new technology.

While security is a critical consideration performance, latency and costs also factor into the calculus. Seeking the right balance among all these variables, many organizations are taking hybrid approaches to bringing their GenAI services to fruition.

Indeed, 82% of IT decision makers said they were most interested in taking an on premises or hybrid approach to building their GenAI solution, according to a recent Dell survey.2 With apps gravitating toward data, a more nuanced approach will help you manage GenAI workloads.

GenAI in a Multicloud World

How might this work?

You can train and tune your GenAI proof-of-concept on-premises but run the application elsewhere in your multicloud estate—such as a public or private cloud, colo or the edge—once you’re confident that you can vouch for the integrity of the app and that it respects your organization’s security standards and governance requirements.

Dell’s APEX suite of as-a-Service solutions enables you to evolve to run workloads with optimal performance and agility in the locations that make the best business sense without compromising data protection and security.

For example, APEX enables confidential data to be segmented and isolated, placing GenAI information and IP in private clouds, mitigating potential data leaks. Deploying your GenAI app near this data minimizes latency while maximizing performance.

Combined with a Zero Trust approach that helps you harden, detect and defend your assets, you can maintain the control over your GenAI app that will protect your business—without sacrificing agility or innovation.

Learn more about how to manage your IT estate with Dell APEX.

Read the full article here

Share this Article
Leave a comment