- “Cloud First”: To move federal agencies to the cloud, the government created a program known as FedRAMP, whose job was to ensure the security of new technology.
- Security Breakdown: ProPublica found that FedRAMP authorized a Microsoft product called GCC High to handle sensitive government data, despite years of concerns about its security.
- Potential Conflict of Interest: The government relies, in part, on third-party firms to vet cloud technology, but those firms are hired and paid by the company being assessed.
I work in health insurance. We are rolling out AI. It’s in the cloud so all your data is literally stored on Amazon servers. Was told it’s secure because we have a private tenant. No I hate this shit.
I’m fixing this - no LLM, no chatbot, all on-prem data sovereignty with reinforcement learning that uses less cpu than a browser.
We’re negotiating with a huge energy provider now, but I really want to get into election security- as long as it’s not for the current admin or another shit fuck dem that won’t do anything.
Private tenant doesn’t guarantee privacy, only the data cleansing policy does, since you’re certainly sending data outside the tenant to process by AI. Even if the model is local, each model instance must only have access to a single patient’s data to ensure privacy, else it’s possible an exploit could grab everything or to hallucinate someone else’s data.
I make this point and I am ignored.
Same here. I feel like I’m taking fucking crazy pills.
Why? Why are all our financials on OneDrive? Why is our system setup being done with a Entra-federated third party tool? Why does CoPilot have access to my email with possible HIPAA-privileged data in it? Why do we have to shut off our servers on the weekend if it saves so much money and doesn’t cost anything when idle?
I can’t believe these morons gave away personal computing because they just didn’t want to deal with having on-site hardware, and it doesn’t even save any money.
It’s a liability shield. “It’s not our fault. Sue Amazon.”
Weak excuse.
https://aws.amazon.com/compliance/shared-responsibility-model/
Capital expense vs operating expense. Same reason you might lease a car instead of buying.
A car eventually get paid off. These services do not. They bill forever and get more expensive every year. And nobody gets held responsible for anything.
True, but you also get hardware replacement every year, in the same way that you can get a new car with a new lease.
Most companies would be fine with not having surplus hardware to offload down the road, because it’s depreciated so much, and if they’re offloading it it’s probably because they’ve gone out of business.
Clearly it’s not the real reason one would presume, saving money. Selling data may be.