Published on

Code Security with AI Tools, Part II

Written by
Codeium Team

Not even a couple weeks ago, we talked about what recent security issues with Github and OpenAI highlight about companies using AI tools on their proprietary data, such as source code.

And then the Samsung ChatGPT incident happened. It’s easy to make the same claim as we did in the previous post - there is no doubt these tools are productivity wins, but you shouldn’t compromise your data security practices to use them. Data given to ChatGPT is used to train the model and can pop up in other users’ responses, and you don’t have control over data collection and deletion unless you remember to explicitly opt out. The only way to delete the data is to delete your ChatGPT account, in which case you are right back to not having ChatGPT anyways.

Almost any company of at least some threshold size would easily agree to invest O($10k)/year to get data security guarantees with these AI productivity tools. That is why fully self-hosted solutions make commercial sense to develop. The company will pay this amount in upfront hardware costs and licensing fees to set up the compute and software required to run these tools within their own private network (on-prem servers, virtual private cloud, etc). The data will therefore never be sent to or seen by any other party, including the company providing the self-hosting software.

This is what Codeium for Enterprises is for companies who have developers. We already have the self-hosted equivalent to Github Copilot, and are actively working on chat capabilities, which will bring ChatGPT-like functionality as well. Again, it is all self-hosted - your data is behind your firewall, airgapped, and never leaves your premises. Reach out if this security resonates with you.

A server rack in a nice office space.