Data protection meets artificial intelligence: security strategies for the AI-assisted corporate world

Like all of us, I have noticed all the buzz around AI, which has reached the corporate world with the big ChatGPT wave: Artificial intelligence can create value by supporting users, making their work easier and faster. Microsoft has also recognized this trend and developed Microsoft 365 Copilot, an AI tool for enterprise use based on Microsoft 365 data.  

As a long-term expert on information and data security, I felt it was necessary to analyze what using these tools means for existing security architectures and concepts, whether there is any impact on information security, and whether concepts need to be adjusted in response.  
 

The key element to AI is the data, also known as “big data.” The only way to add value through analytics is to evaluate as much data as possible through machine learning. Artificial intelligence can then use this information to recommend actions to interpret desired results. However, it is precisely this database that needs to be subject to the usual access restrictions. When AI is used, as in other situations, everyone should only be able to see what they are authorized to see. Another important aspect for this data pool is that the data in it must be encrypted without impairing the performance of the analysis through latency.

Beyond that, the protective goals of information security, confidentiality, and integrity continue to apply: Unauthorized access to the data must be prevented (confidentiality), and it must be impossible to modify the data unintentionally (integrity). In the case of Copilot, this is ensured through the Microsoft architecture and graph API, which still follow the same authorization concept. However, when AI is developed in-house, the infrastructure also needs to be designed in-house according to current architecture specifications.  

In my experience, companies do not generally keep their data in a single central location. Instead, it is spread around the entire infrastructure. Consequently, it is necessary to create a data infrastructure in which the data is provided on an aggregated basis for analysis. Modern Kubernetes cluster infrastructures are a good solution for this, as they also provide the necessary API connections to enable a constant flow of data reflecting changes in the data within the company.  

I recommend following the specifications of zero-trust infrastructure, least privilege, and last need to know for the security architecture of this kind of cluster. In brief, these three guidelines mean that access verification is required at all times, only minimal authorizations are assigned, and people only see what they are supposed to see.  

The analysis algorithms used within the cluster (generally shallow learning, or deep learning in the case of generative AI) can be designed outside the clusters by developers and then transferred over on a regulated basis. Adjustments in the ML/AI algorithms serve to improve data interpretation and generate more accurate results: Setting the information in the right context is the big challenge with artificial intelligence.  

I believe this approach, and modified, advanced architecture concepts can be used to harness the added value of AI for everyone. I also see this as a big opportunity for companies, prompting a rethink and reconceptualization of IT infrastructure for greater security and to prepare for future challenges even as the value added by AI is unlocked for employees. This means information security is not just present in the background, but also a tangible part of the company’s development. And I think that’s a wonderful idea.