In a digital age where enterprises are tasked with protecting an extensive network of data, traditional methods of safeguarding sensitive information often fall short. Static, rules-based models for detecting data breaches rely heavily on the quality of training data, leaving gaps in security. How can organizations bolster their defenses against ever-evolving cyber threats?
In today's episode of the Tech Talks Daily Podcast, we are joined by Shamim Naqvi, CEO of SafeLiShare Inc., to explore the transformative potential of Secure Enclave technology in the cloud, also known as Confidential Computing. Shamim delves into how this cutting-edge technology can enhance data security, especially when leveraging third-party AI and ML models.
SafeLiShare's ConfidentialAI platform brings unprecedented security to enterprise data pipelines through digital fingerprinting and a tamper-proof, immutable ledger. This ensures comprehensive monitoring of every user, service, account, and machine, employing a zero-trust approach during runtime interactions. By integrating Confidential Computing, organizations can secure their AI workflows, pipelines, and ML operations against unauthorized access and breaches.
SafeLiShare provides runtime security for AI and ML workloads through Confidential Computing, ensuring data is protected during processing. This technology secures data within isolated hardware enclaves, making it inaccessible to external threats and providing auditable logs for compliance. Achieving high levels of security with minimal performance overhead (3-5%) makes this approach feasible for extensive use.
Confidential Computing is set to become pervasive across cloud and on-premises environments, driven by the increasing need for data security and regulatory compliance. Traditional encryption methods differ from Confidential Computing in that the latter protects data during processing using secure enclaves. SafeLiShare's ConfidentialAI enables the secure use of large language models by combining them with enterprise context data within secure enclaves. This addresses the main challenges in providing confidential context to public AI models while offloading key management to secure enclaves, resulting in significant security benefits.
Join us for an insightful discussion with Shamim Naqvi as we unravel the complexities of data security in the AI era. How can Confidential Computing reshape your approach to protecting sensitive enterprise data? Tune in to find out, and don't forget to share your thoughts on this evolving landscape.
[00:00:01] With the rise of third party AI and ML models and increasing data security challenges, how can enterprises safeguard their sensitive data during processing? Well in today's episode of Tech Talks Daily I'm joined by Shamin Nagfi, CEO of
[00:00:20] SafelyShare and my guest today is going to guide me through the concept of Secure Enclave Technology, which is also known as confidential computing. We're going to talk about how it can revolutionize data security when handling AI workflows and also how SafelyShare's confidential AI solution leverages confidential
[00:00:43] computing to create tamper-proof immutable ledger that monitors every user and interaction across the entire enterprise data pipeline. So I want to learn more about this approach, how it brings an unprecedented level of protection to sensitive enterprise data while also using third-party AI and ML
[00:01:03] models. Yep we'll demystify it all today. So buckle up and hold on tight as I beam your ears all the way to California where today's guest is going to uncover how this cutting-edge technology is expected to become a pervasive standard
[00:01:18] across cloud and on-premise environments. So a massive warm welcome to the show. Can you tell everyone listening a little about who you are and what you do? So my name is Shamin Nagfi, I'm the CEO of a company called SafelyShare
[00:01:36] which was started about two and a half years ago. We are a remote working company, there are about 10 people in the company and they all work from their homes. The company is funded by venture capital based out of the west coast of
[00:01:50] the US as well as the east coast and we are interested in providing runtime security to AI and machine learning workloads in particular and any sort of computational workload in general through the use of some new pieces of technology called confidential computing. And there's so much that I'm
[00:02:14] looking forward to talking with you about today. Just to set the scene for our conversation, can you just explain the basic concept of secure enclave technology and how it differs from let's say traditional security methods in protecting enterprise data? Just to ensure we have everyone on board from
[00:02:33] the beginning of our conversation. So the prevalent methods of data security are usually dubbed as using technologies called encryption at rest. So when the data is stored, the data is stored in an encrypted form and therefore there is
[00:03:01] no possibility without having the keys of encryption to read the data and make sense of the data as the data is stored in this form and that is called encryption at rest. Then the second type of technology that is used today is
[00:03:22] called encryption in transit which is when you transport data, you transport it in a secure encrypted manner. But the vulnerability happens when you are processing the data nowadays so all the different attack surfaces are now concentrated at runtime. So when you are analyzing the data, you are
[00:03:52] processing the data when the data is in your random access memory. That is when all the malicious actors can get to your data and the missing link is this runtime data security hole that needs to be filled. So that is called
[00:04:12] runtime security or runtime encryption. And one type of technology to fill that gap is the secure enclave technology and in the last few years hardware manufacturers have started to manufacture chipsets with certain cryptographic capabilities built into the chipsets themselves which allow
[00:04:46] applications to create runtime computing environments that are completely safe and cryptographically encrypted so your process when you are running your process your workload is being processed it is being processed inside this protected and isolated environment where the access is tightly controlled through
[00:05:10] these types of chipsets and the hardware itself guarantees that there is no other external process that can look at the runtime memory of your process as it is being executed. So those runtime protected and isolated environments are called secure enclaves and these types of machines are called confidential
[00:05:34] computing machines. All the general cloud providers today, Google, AWS, Microsoft Azure are all making such machines generally available and you can run your workloads on those machines today. You can lease out these machines, rent these machines, you can have virtual machines as many as you
[00:05:59] like and you can scale your workloads across such virtual machines and run them in these protected and isolated computing environments. Furthermore, the hardware generates logs that record all the accesses to memory so you have an immutable log that is generated by the
[00:06:31] hardware which is signed by the hardware, cryptographically signed by the hardware using a certificate authority and to say that your workload was run on such and such a machine, that the machine was protected by certain hardware generated encryption keys and that the runtime was completely secure
[00:06:55] and no other entity was able to access the workload. So all of that can be used for compliance or regulatory approvals etc. and you can present these audit logs as proof that the workload was completely secure when
[00:07:13] it was being run in memory. And with that scene perfectly set, I think it's a great opportunity to introduce everyone listening to SafelyShare's confidential AI which I believe utilizes things like digital fingerprinting and tamper-proof ledgers to enhance the security of sensor sensitive data. But for everyone
[00:07:34] listening that are hearing about this for the first time, can you just tell me a little bit more about how it does this? Yes, so a very common use case today in machine learning and AI is the use is to access these large language
[00:07:54] models. For instance, I'm going to describe a particular use case which happens fairly often. And when you access these large language models and you use natural language prompts, you sort of expect the responses to be
[00:08:13] focused to your prompts. And in general, the training data being used for large language models is not specific to your enterprises. It's of a more general nature. So it's very common to then add to your prompt company-specific
[00:08:33] information so that you get a more focused response back from the model. Well, this added data that you add to your prompt is called context. And the context can be private and sensitive to your company. And so there is a need to
[00:08:51] protect the context that you send to the large language model. And you need to protect the context and make sure that no other malicious party has access to your company proprietary and sensitive data, but you get to use it with this
[00:09:08] large language model and get proper and more focused responses back from the model. And so that is a use case called confidential retrieval augmented generation or confidential RAG. And SafetyShare offers a solution that allows your chatbot to be run in the secure Enclave technology so everything
[00:09:30] you tell the chatbot as a part of your context, the prompt itself and the context that you provide with the context, both are protected and isolated and confidential. And for any business leader that's listening to our conversation today, what would you say are the primary challenges that
[00:09:49] enterprises face when attempting to implement confidential computing? Because I would imagine you hear a lot from different customers around the world on some of those challenges. So it'd be great to hear through any trends around those challenges and also how your solution addresses some of those hurdles.
[00:10:06] Yeah, well, the big challenge, the big opportunity now and everybody seems to be interested in using Gen AI and generative AI is a powerful tool. It's extremely popular and lots of business leaders and lots of business users,
[00:10:26] enterprise users are interested and do use this Gen AI technology nowadays. And the challenge is exactly as I said, the challenge is can you provide confidential context, the context you provide to your Gen AI applications, can you provide the context in a confidential manner by using secure
[00:10:52] Enclave technology or some other means? So you don't, so you can access these public models and have them be more responsive to your prompts by using your company's specific data, but you at the same time want to protect your company
[00:11:11] proprietary and sensitive private data as well. So that's the challenge and the solution is the secure Enclave technology is one way of doing it. There may be other ways, but I seem to, but I am partial to using secure Enclave to do this.
[00:11:28] And can you also tell me a bit more about how monitoring things like every user, every service, every account and every machine with this zero trust model can improve security during runtime operations, because I think it's been a
[00:11:42] nice to have for businesses for so long, but it is a lot easier now than it used to be. But can you tell me a little bit more about that and the importance of it? Right. So one of the capabilities that secure Enclave technology does is that
[00:11:57] it uses this private, this piece of technology, this cryptographic technology called public private key cryptography, in which the hardware is capable of generating encryption keys. And these keys come in pairs, it's called
[00:12:16] a private public pair. And the private part of this pair of keys is kept by the hardware itself is never available outside of these secure Enclaves and the public pair is used to encrypt information and authenticate any access to
[00:12:35] these secure Enclaves. So whether it is a process or a machine or an application, it needs these keys to be able to access it and everything is through all types of access are monitored and controlled by these keys, which are only available
[00:13:00] inside secure Enclave. So you can think of essentially your data being isolated and protected and every access to that data by any process, by any application, by any machine is through the secure Enclave technology whose keys are being
[00:13:27] safeguarded by this by the underlying hardware itself. So you have to physically somehow get access to these keys before you can get access to the secure Enclave, which is a physical impossibility. And what would you say is the specific advantage or specific advantages that
[00:13:48] that confidential computing can offer when third party AI ML models are applied to sensitive enterprise data? Because a few years ago, people were a little bit anxious and nervous about this. That is changing now. But what advantages do you see from this?
[00:14:05] Well, fundamentally, security practices tend to rely on a small number, a minimal number of well protected constructs. And so there is a rule called Kirchhoff's Rule, which was done by a famous photographer says that everything in a
[00:14:30] secure system should be open except for one thing, and that is the private key. So secure Enclave technology is built on a similar zero trust principle. You don't trust any other entity, you trust the secure Enclave and you trust this piece of
[00:14:49] technology. And the trust lies in protecting the private key that the hardware holds. You can have all kinds of cryptography in your use cases in your applications. But unless you are protecting the keys that you use for encryption, it is
[00:15:10] all to naught. So the vulnerability is key management. If your keys are secure, then your workloads are secure, then your data is secure, your applications are secure, your computing environment is secure. But if you mismanage the keys, then you really have
[00:15:32] nothing at all. And the big advantage of confidential computing is that the hardware protects the keys for you. So you don't have to, you are spared the burden of managing the keys which are, which essentially are the crown jewels of your
[00:15:49] computing environment. So confidential computing alleviates the burden of private key management and by making sure that it takes on the burden of protecting the keys which you are using to secure your data. And I suspect we will have a few people listening around the world who might be
[00:16:13] listening thinking, this sounds great, but what does this mean about efficiency and performance, etc.? So how does the integration of confidential computing and secure Enclaves impact the overall efficiency and performance of those AI and ML workflows? Anything you can share around that?
[00:16:31] Well, all this encryption technology that I have described and the key management that I've described is being done at the hardware level. By the underlined hardware, there's very little being done in the upper software layers at all. So essentially,
[00:16:53] there is very minimal impact to the performance of the machine because you are running everything at the hardware machine level. So the machine is doing this and these machines are becoming more and more powerful and faster and faster as with
[00:17:11] time. Typically, when we run these workloads on these confidential computing machines, we do not see more than three or four percent performance degradation under the heaviest sort of encryption regimes that we have. So three, four, five percent is
[00:17:31] doesn't seem a very large price to pay for this type of additional runtime security. And it does feel like an exciting space at the moment. So if we did dare to look ahead a few
[00:17:42] months or maybe even years, what future developments do you anticipate in the field of confidential computing and data security for AI and ML operations? Anything that excites you there or you want to try closely?
[00:17:57] Yes, yes. I think that in the next couple of years, we'll see that all cloud computing will essentially become confidential computing. I see a pervasive use of confidential computing technology in all sorts of cloud computing applications. So your typical sort
[00:18:19] of working environment in the cloud is going to use confidential computing technology. And I think that on-prem computing installations, your private data centers, etc., will also start to use confidential computing for your on-prem workloads as well. So I see a
[00:18:39] great advent of this confidential computing becoming more of a conventional way of doing things than what we're seeing today. So all cloud computing in effect will be using confidential computing. So very large amounts of these cloud providers, the cloud
[00:19:01] computing tasks will be done by confidential computing because everybody needs this kind of data security and runtime security that I'm talking about. Love that. I love chatting with you today. And as someone that's right in the heart of this
[00:19:15] space, I think for most people listening, there is this almost urgency and pressure to be in a state of continuous learning to keep up to speed with the pace of technological change. And before we started talking, I know you're traveling continuously around the world as well and
[00:19:30] incredibly busy. So as someone in this space, can I ask where or how you self-educate, how you keep up to speed with the latest trends in the industry? Any tips you could offer there?
[00:19:42] Well, there's lots of conferences that one could go to and lots of reading material on the web. It's being a part of the ecosystem. So you read up on these new trends, you follow the
[00:19:58] technologies. There's no lack of information on the web today and there's no dearth of sort of experts who are willing to take the time to sort of explain the new technologies, etc. So there are
[00:20:13] podcasts and webcasts and webinars and seminars and conferences. One can hardly find the time to do all of these things. But I think one has to make time to keep up with all of the stuff that's
[00:20:25] happening in the world today. Computing is a very fast changing, fast trending world. AI and machine learning is even particularly more, is even more for whirlwind pace sort of activity. So
[00:20:41] it's quite crazy. But I think people that are the practitioners in this art somehow managed to do all of these things together. Wise words, indeed. And a perfect moment to end our conversation today. But before I let you go, for
[00:20:58] anyone interested in just learning more about anything we talked about today, finding out more about the company, the services you offer or just connect with you or your team, what's the best starting point for everything?
[00:21:11] Our website, safelyshared.com, S-A-F-E-L-I-S-H-A-R-E, safelyshared.com is a good place to start. Cloud providers have all sorts of reading material on confidential computing. That's another good place to start. And just go into a search engine and type in confidential computing.
[00:21:37] Awesome. Well, I'll ensure there's links to everything so anyone listening can find you nice and easily. We covered so much there, but particularly love talking about how secure Enclave technology in the cloud, aka
[00:21:49] confidential computing, can harden data security when using third-party AI and ML models on enterprise data and so much more. It's a complicated area, but you demystified it in a language everyone can understand. And just thank
[00:22:03] you for taking the time to do just that with me today. Thanks again. Thank you very much, Neil. And nice chatting with you. I think my guest insights have made it clear how secure Enclave technology is ushering in a new era of security for
[00:22:18] AI and ML workloads. And I love how this confidential AI solution not only protects sensitive data during processing, but also provides secure logs and monitoring for compliance. And with the minimal performance impact of secure Enclaves, the
[00:22:35] burden of key management is reduced while ensuring that proprietary data remains safe. As for the need for data security and regulatory compliance continues to grow, confidential computing looks set to become an indispensable tool for
[00:22:52] enterprises. But how will this transformative technology, how will it shape your organization's approach to data security and AI adoption? You've heard from me, you've heard from today's guest, now I want to hear from you. Email me tech
[00:23:07] blog writer outlook.com, Twitter, LinkedIn, Instagram, just at Neil C Hughes. Love to hear your thoughts on this one. But that's it for today. So thank you for listening as always, and until next time, don't be a stranger.