Highlights:
- With the current release, Immuta provides a multilayer architecture for protecting, monitoring, and auditing private information that RAG-based AI applications access.
- Immuta states that three lines of defense exist while securing AI applications, namely, the storage, data, and prompt layers.
Data security startup Immuta Inc. disclosed new audit capabilities and data governance for retrieval augmented generation-based generative AI solutions over several cloud platforms.
Applications for retrieval-augmented generation provide large language models with external information sources to enhance the relevance and accuracy of content created. To provide relevant information for the generating process, RAG-based models also retrieve relevant data from outside databases or documents.
With the current release, Immuta provides a multilayer architecture for protecting, monitoring, and auditing private information that RAG-based AI applications access. By doing this, the people in charge of managing data governance may take control of generative AI security at the data layer and de-risk their data.
The release aims to address a topic that is becoming increasingly prevalent: the distinction between employee use of AI and corporate data management issues. According to a recent Immuta survey, 88% of data professionals said that their staff use AI whether the firm has formally adopted it, and 80% of data experts believe that AI is making data security challenging. This raises the possibility of rogue or unsanctioned AI technologies and creates conflict between AI users and IT professionals.
Immuta states that three lines of defense exist while securing AI applications, namely, the storage, data, and prompt layers. Chief Product Officer, Mo Plassing, said, “While the initial focus for early adopters securing AI applications was at the prompt layer, this should not be the only focus – in fact, it should be treated as the last line of defense. With this release, we’re focusing on those first two lines of defense: the storage and data layers.”
To solve the first tier of AI application security or the storage layer, the company has worked with Amazon Web Services Inc. to develop a native Amazon S3 storage interface that imposes scalable and fine-grained access control on unstructured data stored in S3. To safeguard the initial level of protection, attribute-based access controls are brought down to the storage layer via this feature.
Unstructured data is converted for model training and chunked for use cases, including retrieval augmented generation at the data layer, the second line of defense. Due to this recent release, RAG indexes can now be found, categorized, and managed similarly to other conventional data sources.
When creating RAG indexes, data teams can use new technologies to secure sensitive data by granting access control to the storage layer through multilayered policies. In this way, they may manage access to RAG-based apps through the data layer and maintain a very accurate and granular metadata inventory of RAG indexes with topic-based classification. This provides domain-specific RAG policy, prompt/query-time policy enforcement, multiplatform RAG support from Snowflake and Databricks, and natural language policy authoring for data platform teams.
Operational monitors, which offer a continuous view of RAG operations and a single view of AI application data access across all supported platforms, can also be used by users to monitor and audit RAG index usage.
“Data teams are now able to leverage the significant investments they have made in their cloud data platforms and rapidly extend this work to their AI application workloads. With Immuta, they now have a single control plane for policy enforcement, visibility, and auditing that works across multiple cloud platforms and RAG models,” added Plassing.