Securing the AI Factory Dell Technologies data protection cyber resilience artificial intelligenceSecuring the AI Factory Dell Technologies data protection cyber resilience artificial intelligence

Artificial Intelligence

Securing the AI Factory

Taking an architectural approach to securing your data for AI.
By   |  

tl;dr AI adoption is accelerating, and security must keep pace. Start with your highest-value use cases, then secure the data they consume, the pipelines that move it and the models that use it. Align cross-functional teams early, apply OWASP-aligned controls, and leverage the Dell AI Factory and Dell Services to scale securely and with confidence.

With enterprise AI adoption, picking up steam, many IT leaders are recognizing the importance of making sure that their business-critical AI use cases and the data they use are properly secured. This is easier said than done, since AI use cases change existing workflows and who develops and uses them. AI use cases also consume enterprise data, particularly unstructured data, in new ways that may not have been addressed yet by security controls and teams. You also need to consider the security of your AI supply chain; that is, how secure are the models and data from outside your organization that you’re using.

This is a big, sprawling, challenge. Which teams should be involved? And how do you do this systematically instead of a patchwork of ad-hoc security add-ons?

This is a team sport. You’ll need to get cross-functional teams representing business, data, IT and security organizations involved at the outset to get aligned on expected outcomes, priority use cases and compliance requirements. See our earlier blog “The IT Leader’s Guide to Build Trust in AI Solutions” for how the Dell AI Accelerator Workshop can get these teams aligned. The Dell AI Factory provides a systematic approach to AI solutions, including data, infrastructure and an ecosystem to make it easier to incorporate security into your use case deployments. In this blog, we’ll outline how to approach AI security systematically and holistically.

Securing data for your use cases

The first task is to focus your team on the data that your high-priority AI use cases will consume, rather than securing all your data. Of course, this presumes that you have aligned with the business on your use case priorities. If you haven’t done that yet, consider an AI Accelerator Workshop to get business stakeholders engaged.

Once use case priorities are determined, the next questions concern the data consumed by these use cases, who has access to the data, how sensitive the data is, the quality of the data and how the use cases impact business workflows. These are architectural concerns, data strategy concerns and security concerns, so it’s vital that business and security teams are engaged to address these questions. If you haven’t got your security teams engaged already, you’re behind the curve and risk that security teams will shut down AI pilots.

Digging into the data and developer processes

Data security is not a new conversation, but enterprise data security has historically been focused on structured data in the context of application-driven workflows. AI models consume a lot of unstructured data and promise to reshape workflows and who accesses them. Fortunately, there are good tools for tagging and cataloging data for AI, including unstructured data, but security teams need to be involved to determine the level of security and protection for this data, given its new importance and role. And you should pay careful attention to protecting data across the full AI lifecycle. To secure the data in your AI supply chain, you need to pay attention to any public data and public models for your AI use cases and make sure that security controls are applied to that data to avoid importing security risks.

To assure secure AI development processes, you need strong DevSecOps processes to protect your model training, fine-tuning and production environments. You should consider how your AI model builders and data teams use data pipelines to automate the process of data preparation and AI data management. You’ll need to make sure that the pipelines are secured and that access controls for developers are in place to protect against model poisoning and to make sure that updates are applied in a repeatable and secure way. Finally, you’ll also need to pay attention to the data that AI models produce and assess their criticality and sensitivity. If you need help identifying risks, assessing attack surfaces and reducing the risk of data poisoning and exposure, consider engaging Dell Services AI security experts.

Looking holistically at AI security

Such a comprehensive view of security across your use cases and how your data is used for AI can sound like an ambitious undertaking. And there’s certainly plenty to do. This is why you need to take full advantage of the AI and security architecture from your key AI providers, the solution and security integration you can leverage across the ecosystem, as well as the services they provide to speed the adoption of this architecture. Dell Technologies developed a full-stack AI security and resilience architecture aligned to OWASP top 10 cybersecurity concerns for LLMs, as illustrated nearby. This architecture works across the Dell AI Factory and delivers expertly integrated partner technologies. Dell Services experts can tailor this architecture to your specific needs.

AI Factory security cyber resilience supply chain production holistic approach

Our comprehensive portfolio of AI security services includes advisory services for AI security and resilience to gain strategic alignment among your business and technical teams and develop strategy and architecture to address risks, as well as data security services In addition, Dell’s advisory services for AI data security reduce AI data security threats with expert guidance to identify attack surfaces, and align data security strategies to mitigate risk. Finally, for organizations that need an expert CISO-level resource to kickstart an AI security strategy, our CISO Advisor for AI can align investments, operations and governance with an overall strategy.

Getting into gear

While the security challenges for AI are significant, you don’t have to face these challenges alone. Dell Services are there for you at every step, to assure robust and secure architectures and processes and build your capabilities to deliver the great promise of AI to your organization, securely. Reach out to your Dell representative for more information and how you can get started so you can accelerate your progress to these important AI objectives.

Scott Bils

About the Author: Scott Bils

Scott Bils serves as the Vice President of Professional Services at Dell, where he is responsible for driving the strategy and growth of Dell’s Consulting, Learning, and Managed Services portfolio, and for Dell’s transformation practices in AI and Data, Multicloud, Resiliency and Security and Modern Workforce. He also leads Product Management for Professional Services Technology Platforms.     Scott brings over 20 years of experience across Corporate Strategy, Technology Services, Product Management, Marketing and Business Development. In his previous role at Dell, he built and led the Digital Transformation Consulting Practice. Before Dell, Scott held executive positions at Scalable Software, Troux Technologies and Trilogy, and also worked at McKinsey & Co. and Accenture. He holds both an MBA from the University of Chicago and a Bachelor’s degree in Finance from the University of Illinois Urbana-Champaign.