Link copied to the clipboard.
- Falk Borgmann
It's almost a tradition that IT evolution in Germany is slower than in the USA. Typically, decision-makers here tend to only frantically spring into action once it becomes clear that there's no way around a particular technological development. Once left behind, one has to run faster than the leader to catch up. And what has been strategically neglected in recent months and years, the organization then tries to make up for in a few weeks.
Easy Choices Lead to Future Challenges
In the case of ML technology, most companies follow the same pattern. Every company that wants to be innovative is currently creating an RAG1 application, usually with an API2 from OpenAI or another US service in the background. It is not uncommon for the initial project to quickly lead to disillusionment as it becomes clear that ML solutions also need to be sensibly implemented and operated.
This disillusionment is not surprising because those who have neglected to actively engage with IT infrastructure over the past five years and instead relied solely on SaaS3 can hardly achieve anything without the easy-to-use cloud offerings from the hyperscalers. And those who have traditionally relied on the quasi-static ERP giants have little room left for IT decisions involving flexible infrastructure concepts.
Fortunate are those who have invested in the knowledge and training of their employees while keeping entrepreneurial flexibility in focus. Only those who understand how IT infrastructure and ML work and can combine them will be able to develop independent and sovereign ML solutions without relying on APIs from, for example, OpenAI. This advantage will become particularly important in the future because increasingly better systems will be able to analyze and process data ever faster, but will also bring new risks. The risk of dependence at the expense of entrepreneurial flexibility has never been greater than it is today. Additionally, companies find themselves in a tension field between flexibility and IT risks, including those arising from malware. Already today, the first malware programs use freely available language models as transport vehicles.
Cloud Act, GDPR, CrowdStrike, Azure Midnight Blizzard…
The list of risks is long, and it’s no secret that transparency, data security, and confidentiality of customer data are not at the top of the list for large US tech companies. The only way to be sure that your company's data isn't fueling the training and growth of US tech giants is to understand in detail how data is processed and ultimately remain in control of this processing. The security aspect also extends to the use of open-source models, for which there are currently few reliable security scans. Therefore, it is only a matter of time before the first large-scale attacks on corporate infrastructures become known.
Positioning Companies for ML Usage
The dilemma is how companies position themselves regarding the use of ML. Aspects of flexibility, dependency, know-how, data protection (GDPR), confidentiality, and cybersecurity need to be reconciled, which is anything but trivial.
To Stay Flexible and Secure, You Need Know-How!
In this series of articles, we want to explore various aspects and concepts and outline technical approaches on how a company can use ML sensibly without ignoring the challenges of confidentiality, data protection, and cybersecurity, and above all, without giving up entrepreneurial flexibility.
We will also use practical examples implemented by our team. We will show that this does not mean forgoing the benefits and use of cloud infrastructures. On the contrary, it means viewing the cloud as a supplier of IaaS4 or PaaS5 and producing critical services independently. However, this approach requires specific technical expertise in cloud infrastructures, data pipelines, open-source software, machine learning methods, and data compliance.
We are aware that our approaches can only be successful through a close integration of IT infrastructure and machine learning. With this series, whose parts we will publish successively, we will therefore provide some insights and share experiences from our work in recent years.
1 RAG – Retrieval-Augmented Generation
2 API – Application Programming Interface
3 SaaS – Software as a Service
4 IaaS – Infrastructure as a Service
5 PaaS – Platform as a Service