Trustrorthy AI
Knowledge Base
Privacy and Security
AI systems must be designed to protect individual privacy and ensure data security. This dimension focuses on safeguarding personal data against unauthorized access and misuse. It involves implementing robust security measures and ensuring transparency about data collection, usage, and storage practices.
Consider a smart home device that uses AI to learn and adapt to the user's preferences. To adhere to privacy and security principles, the manufacturer must encrypt all data transmissions, provide clear information on data usage, and give users control over their data. Regular security updates and vulnerability assessments also help protect user privacy.
Organizations that have robustly implemented Microsoft Azure across their cloud ecosystem have an in-built advantage here.
You’ve likely seen a version of this building blocks diagram if you’ve been paying attention to Microsoft marketing over the last several years, but allow us to direct your attention to the foundational “identity, security, governance, and compliance” layer. Data security is emerging as one of the strongest cases to be made in favor of adopting a Microsoft-centric ecosystem rather than piecing together “best of breed” ecosystems from amongst disparate software vendors. Just as Apple has been able to create highly integrative user experiences by controlling its consumer technology end-to-end, so too do we believe Microsoft will increasingly create highly integrative data security experiences by (more or less) controlling its data platform technology end-to-end.
Figure 27: Microsoft’s major platforms or product families build upon one another. Fabric, Dev Tools, and Power Platform sit atop Azure services, and in turn Microsoft 365, Dynamics 365, and the industry-specific components are end-user applications dependent on the platform services sitting beneath them.
Privacy and security has been a significant area where existing infrastructure has raced to keep up with the evolution of generative AI technology in recent years. No technology company has a silver bullet, but in integrating both the security infrastructure and the data platform sides of the coin, Microsoft has made significant strides through its investments in technologies including Entra ID (formerly Azure Active Directory), Purview for data governance, the security models built into technologies like Dataverse and OneLake, and more. We’re far from the promised land of a fully integrated security model across the entire data estate, but we’re getting there. This is an incredibly exciting (albeit likely thought of as quite niche) area to watch in the coming years.