According to a recent survey we conducted, most large language model (LLM) use for business purposes is without regard to the risks associated with exposing sensitive data. As these models are based on information and data available on the internet, they cannot respond to proprietary queries without access to relevant information and data. Therefore, businesses risk exposing their knowledge and intellectual property without due care and consideration in order to obtain useful information..
The risks of exposing data and IP are ones that businesses are rapidly becoming aware of, and an increasing number of businesses are banning the use of public LLM models for business purposes. For instance, Samsung was forced to do so after a data leak. Furthermore, privacy and security are at the heart of newly emerging AI regulation, such as in the European Union. Finally, academic institutions like Harvard are looking to address risks through setting standards especially around security and privacy.
Potential of generative AI
Capturing knowledge and analysis is critical in managing businesses in today’s fast-moving and competitive environment. Even within an organization, knowledge is not easily captured. It can be contained in policies and procedures, communications, strategy reports, performance data, and employee know-how, to name but a few. In short, leveraging knowledge is difficult yet absolutely needed to operate effectively. A proprietary LLM has the capacity to help optimize knowledge capture for businesses and could be a source of valuable insights captured nearly in real-time. A key competitive edge.
Beyond providing insights, LLMs can optimize business processes such as enhancing customer service functions, complementing teams of developers in updating legacy code, and many other business optimizations. The combined potential is obvious and staggering (over $4 trillion according to a recent McKinsey report) if only the privacy and security issues could be easily solved.
Furthermore, the potential of combining proprietary knowledge securely with public LLMs or other datasets further enhances the potential for LLMs in the business context. However, it is a challenge to do this securely and privately with existing solutions. Data anonymization solutions, for instance, ensure the identity of the data owner and subjects are private but leak the overall knowledge and IP to the model which uses this information to train itself. Moreover, the anonymization inhibits the usefulness of the analysis that can be performed. A better solution is required to prevent IP and data leakage when using LLMs.
How best to unlock this potential safely
At encloud we leverage trusted execution environments to facilitate confidential generative AI. Our software makes this nascent technology easy to deploy. Trusted execution environments are a hardware solution provided by some major chip providers that have the capacity to act as a vault for your data. We manage the deployment of encrypted data within the vault with our dynamic access controls. The implication is that no actor has access to the data or the IP other than its owner.
The optimal solution for confidential LLMs is to train your own LLM and then augment it with public data, LLM models, and private data to which a company may be granted access. However, training an LLM model requires significant computation, and doing so with privacy assurance also needs highly specialized chips that are scarce and expensive for now. BloombergGPT is an example of a specialized LLM, but it is available to the public so privacy is not an issue.
For private datasets, an alternative is to combine private data and public LLM models in a secure way to fine-tune the LLM and retain the enhanced model rather than making it available to the public. The encloud app now includes a private compute capability that has been tailored to enable the combining of private data and knowledge with public LLMs with complete security and privacy. Our tooling is easy to use and has the capacity to generate enormous value for your business. Longer-term, we will also enable you to train your own models as well.
Are there alternatives?
Many companies will choose to forego privacy technology because they deploy a solution on their hardware or with a trusted third party. This is a choice, but at encloud we believe we offer a better alternative. Firstly, without a solution like encloud, businesses are exposing their data to others, perhaps their chosen cloud provider or chosen IT system integrator. Increasingly this risk is being scrutinized even by regulators, and alternative solutions sought to avoid this exposure. Secondly, even within a business’s internal confines there is a need for privacy. Not only do two-thirds of businesses already insist on encryption as standard for internal data, but the insights gleaned via an LLM might need to remain private to ensure management can optimally manage the business. Finally, the new EU AI regulation includes a requirements for organizations to use state-of-the-art security and privacy-preserving measures, like encloud.
Coming soon
The encloud app will enable its users to choose how their data is deployed. encloud is interoperable with the usual cloud providers and soon will be deployable directly on hardware, be it on-prem or a chosen third-party partner. In every case, your data will remain completely insulated and no actor, including the cloud vendor or hardware owner, can see it. The application is being launched in the coming weeks and we are looking for early adopters.
If you are interested to learn more please reach out to contact@encloud.tech.