<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=2826169&amp;fmt=gif">
Start  trial

    Start trial

      NEWroundel-anim-database-and-shileld-02The advent of generative AI has revolutionized various industries by enhancing automation and providing intelligent solutions. However, this rise also brings significant risks, particularly concerning data security.

      Fujitsu is at the forefront of addressing these challenges, ensuring that the organization’s data remains protected through advanced security technologies.

      Fujitsu ensures that you can leverage your business data for AI applications without compromising data security. Here’s how.

      Expansion of in-house data utilization for business specific generative AI

      As organizations increasingly leverage their in-house data for generative AI, the associated security risks also escalate. Traditional generative AI models primarily utilized publicly available data. However, the latest trend involves incorporating proprietary data, which necessitates robust security measures at the database layer to prevent data breach¬es.
      Tailored advisory services for IT planning in the banking sector, specialized clinical assistance with deep clinical knowledge, and corporate analysis for individual investors using reliable data from reviews are some of the use cases of today’s generative AI. These examples highlight the shift from using publicly available data to integrating specific in-house data.

      Growing security risks with data utilization

      Traditional generative AI models, which learn from publicly available data, struggle to provide accurate responses to industry-specific queries. RAG (Retrieval-Augmented Generation) enhances these models by integrating related information from a vector database, significantly improving the accuracy of responses to specialized questions.

      While RAG improves response accuracy, it also introduces new security risks, particularly in managing the vector database that stores proprietary data. Ensuring the security of this database is crucial to prevent unauthorized access and data breaches.

      Key database security risks for RAG

      • Misconfigured access permissions - Errors in access rights can lead to data leaks.
      • Prompt injections - Unauthorized data exposure through malicious queries.
      • Data tampering - Altered data leading to incorrect AI-generated responses.

      Misconfigured access permissions

      Adjusting access rights is essential when using in-house data. Properly configuring these rights can be com¬plex and error-prone, potentially leading to unauthorized data access. Ensuring meticulous design and implementation of access controls is critical.

      Prompt injections

      AI systems can be manipulated through malicious queries that bypass standard security protocols. This is known as prompt injection attacks. Implementing robust input validation mechanisms to detect and block such queries is essential to protect sensitive information.

      Data tampering

      Unauthorized modifications to data within the vector database can result in incorrect responses from the AI system. Implementing measures to detect and prevent data tampering is crucial to maintain the integrity of the AI-generated outputs.

      Comprehensive database security measures for utilizing in-house data

      Although a layer of security measures can be taken at the AI tooling and application level, database layer security is critical to protect your organization’s data assets. The complexity of managing access rights and the high variability of natural language inputs pose significant challenges, demanding a robust database system built on a foundation of security.

      Access permissions management

      Fujitsu Enterprise Postgres simplifies access control with the Confidentiality management feature by managing permissions directly within the database, reducing the risk of configuration errors and ensuring that only authorized users can access sensitive data.

      Data anonymization

      Implementing data anonymization techniques helps protect sensitive information from exposure. By hiding or anonymizing data before it is handed over to the LLM process, the risk of data leaks is minimized. Fujitsu’s data masking feature allows flexibility in the masking policies; for example, the columns that are not relevant to the accuracy of LLM processing can be masked completely while others are left anonymized.

      Tampering detection and audit logs

      Fujitsu Enterprise Postgres includes mechanisms for detecting data tampering and maintaining comprehensive audit logs. These features enable organizations to monitor access and modifications to their data, ensuring any unauthorized changes are promptly identified and addressed.
      By working with ScalarDL, non-tamperability is guaranteed, and tampered data will be detected when fetching data. This means compromised data will not flow to the AI system, completely preventing incorrect responses. In addition, the dedicated audit logs include information to help identify exactly when and what manipulation was conducted, in case of unauthorized access.

      Strong password policies

      Enforcing strong password policies further enhances security by preventing unauthorized access to the database. Fujitsu’s policy-based password management restricts access to accounts at the database layer instead of application layer by setting password restrictions and establishing rules for password complexity and preventing unauthorized logins.

      Fujitsu Enterprise Postgres comes with enhanced security measures described above, with no extra cost to future proof your data with security and reliability.

      Conclusion

      Fujitsu’s advanced security technologies provide robust protection for confidential data amid the increasing use of generative AI. By integrating comprehensive security measures within the database and utilizing innovative techniques like RAG, Fujitsu ensures that organizations can leverage their in-house data for AI applications without compromising data security.

      Topics: Database security, Fujitsu Enterprise Postgres, Security, Generative AI

      Receive our blog

      Search by topic

      see all >
      photo-matthew-egan-in-hlight-circle-orange-yellow
      Koshi Shibagaki
      PostgreSQL engineer, Fujitsu
      A software engineer at Fujitsu since 2022, Shibagaki specializes in developing Fujitsu Enterprise Postgres.
      With a keen interest in databases, security, and generative AI, Shibagaki leverages professional expertise, cultivated through a strong curiosity to tackle data security challenges.
      Our Migration Portal helps you assess the effort required to move to the enterprise-built version of Postgres - Fujitsu Enterprise Postgres.
      We also have a series of technical articles for PostgreSQL enthusiasts of all stripes, with tips and how-to's.

       

      Explore PostgreSQL Insider >
      Subscribe to be notified of future blog posts
      If you would like to be notified of my next blog posts and other PostgreSQL-related articles, fill the form here.

      Read our latest blogs

      Read our most recent articles regarding all aspects of PostgreSQL and Fujitsu Enterprise Postgres.

      Receive our blog

      Fill the form to receive notifications of future posts

      Search by topic

      see all >