brain (1)GenAI Security and Compliance Assurance

Validating GenAI input data is essential, as verifying model outputs is often impractical. Legacy solutions such as DSPMs and rule-based methods become less accurate as data changes or is relocated.

Effective GenAI data security requires knowing if:

  • Sensitive data / IP / Copyrighted was used
  • Sensitive data was properly anonymized and de-identified
  • What data went in fine tuning / model training / RAG (Retrieval Augmented Generation) databases
  • Any compliance violations are not being breached (including regulatory policies)

Bedrock's unique AI Reasoning Engine (AIR) ensures GenAI data security and compliance assurance by offering industry-leading capabilities:

  1. Visibility: AIR discovers and categorizes GenAI data, assessing its materiality to the business. It utilizes fingerprinting to identify datasets involved in model training or RAG databases. And a Data Bill of Materials (DBOM) report provides a full understanding of data being used for GenAI model training / fine tuning and RAG.
  2. Detection: AIR establishes adaptive Trust Boundaries to monitor data and trainingusage outside established data perimeters. It alerts if IP / sensitive data or copyrighted information ends up in a RAG database or data for fine tuning.
  3. Response: AIR notifies on policy violations and can automatically remediate actions,such as preventing the ingestion of sensitive data into AI models.
  4. Risk Reduction: Reduce risks by leveraging Bedrock's workflows to prevent unintentional indexing of sensitive data into RAGs or model training, thus minimizing duplication and controlling access permissions.
Rectangle 13