Generative AI in Zero-trust Zone

Cloudflare, a San Francisco-based company providing content delivery network services, cloud cybersecurity, DDoS migration and ICANN-accredited domain registration services is making news once again. The company is extending its secure access service edge (SASE) and zero-trust services to ensure safe adoption of generatie AI technology. 

Once you give data to AI, you’ve lost it

In other words, through opening up its SASE and zero-trust services, the company seeks to help organizations measure and manage the use and integration of generative AI tools by preventing data loss. In other words, Cloudflare is putting additional security to restrict the data that an organization can feed to such tools and large language models (LLM). 

In a blog post, Cloudflare warns that every input fed into a prompt becomes a piece of data leaving an organization’s control. Given that generative AI tools and LLMs such as OpenAI’s GPT and Google’s Bard can be use for a variety of tasks at a workplace, a zero-trust option cannot be ignored. 

In a statement, Cloudflare co-founder and CEO Matthew Prince said, “AI holds incredible promise, but without guardrails it can create significant risks for businesses. It is far too easy, by default, to upload sensitive internal or customer data to AI tools. Once the data is used for training AI, it is virtually impossible to get out.”  

However, banning AI is not the solution

This perhaps explains why several large enterprises, known for their penchant for adopting big tech, have already restricted the use of generative AI tools at the workplace. In fact, a recent report from KPMG suggested that cybersecurity and data privacy were among the top concerns among US executives when it came to implementing artificial intelligence. 

And this is where Cloudflare wants to make a difference. It says companies should not be looking to block generative AI tools. Instead, they could use SASE capabilities with zero-trust security controls to lay down some guardrails that can eventually result in the safe usage of such tools in the future. 

Find a solution that sets up guardrails 

Which is where Cloudflare is looking to make a difference. Its ‘CloudFlare One’ allows the vendor’s SASE customers to apply such guardrails by reviewing or even blocking the use of generative AI tools and managing its integration. This is how CloudFlare can help: 

• For starters, it allows IT teams to deploy a secure web gateway feature to passively observe and track AI usage among employees, which automatically helps the IT department get the budgeting right for enterprise licensing plans. 
• The plans include service tokens that enable administrators to maintain a record of the API requests, thus controlling which specific services can access AI training data. It also enables the facility of revoking tokens while building ChatGPT plugins. 
• Cloudflare Tunnel provides an encrypted, outbound-only connection to the vendor network which can scrutinize every request against access rules set by the SASE or by those who regularly connect AI services to their infrastructure. 
• The zero-trust access control offers the capabilities to enforce authentication for each request made to the data that the organization decides to provide to these tools. 
• Finally, the data loss prevention service provides basic pre-configured options to check for data that looks like social security numbers or credit card numbers. It also enables custom scans for patterns based on specific data configurations. 

From Cloudflare’s perspective, the usefulness of generative AI tools is only going in one direction – up north. “The ability of AI services to coach and generate output will continue to make it easier for builders from any background to create the next big thing,” says the blog post while insisting that with this growth the security risk of these tools will grow too. 

Therefore, even as thousands of new builders launch the next wave of products inspired by AI coaching and generation, Cloudflare itself aims to stay a step ahead of the risks that these could involve by proactively generating solutions in the zero-trust space.