{"id":2910,"date":"2024-12-19T17:22:27","date_gmt":"2024-12-19T17:22:27","guid":{"rendered":"https:\/\/www.praxonomy.com\/blog\/?p=2910"},"modified":"2024-12-19T17:26:18","modified_gmt":"2024-12-19T17:26:18","slug":"how-trusted-is-your-trusted-source","status":"publish","type":"post","link":"https:\/\/www.praxonomy.com\/blog\/how-trusted-is-your-trusted-source\/","title":{"rendered":"How trusted is your trusted source?"},"content":{"rendered":"\n

By <\/strong>Alan Hewitt<\/strong><\/a><\/p>\n\n\n\n

I worked for IBM for 30 years, and in that time I got used to the phrase \u201cTrusted Source\u201d when it applied to systems where there was a core repository of data which was then replicated more locally to the user to improve performance. When there was an issue or you wanted to verify the data you always went back to the central and core \u201cTrusted Source\u201d to make sure that you were working with the authentic version.<\/p>\n\n\n\n

It got me thinking that we use many systems where we treat the contents as a \u201cTrusted Source\u201d, where we have confidence that the information there should be trusted. At Praxonomy we pride ourselves that our Boardlogic product holds our clients information\/data securely, such that its users can rest assured that what they access there can be trusted and is protected, and we have chosen a data centre that conforms to that principal. <\/p>\n\n\n\n

Increasingly though, data is being held in a \u201cCloud\u201d which is run\/operated by a few very large Cloud Service providers. This brought to mind two quite recent developments where data was being held in very large cloud based systems, raising two questions:<\/p>\n\n\n\n

    \n
  1. Just how secure is my data, and how can I guarantee that it hasn\u2019t been hacked (accessed by others) and more importantly changed in any way?<\/li>\n\n\n\n
  2. As we are starting to hear that these large cloud based service providers are accessing our\/your data to prime\/train their LLM (Large Language Model) AI systems, should we be concerned?<\/li>\n<\/ol>\n\n\n\n

    I found the following article from Secureworld<\/em> which highlighted a recent data breach (I would strongly recommend that you read the article in full as it gives a lot of very useful information and recommendations): https:\/\/www.secureworld.io\/industry-news\/hackers-leak-leidos-documents<\/a><\/p>\n\n\n\n

    In this case the supplier involved was Leidos Holdings Inc.:<\/p>\n\n\n\n

    “Although we don’t have details about the root cause of the breach of the service provider, we have seen a lot of failure to implement MFA and strong authentication recently,” said Jason Soroko, Senior Vice President of Product at Sectigo. “Anyone implementing an online service must ensure they are using the strongest authentication possible, and this is especially true in supply chain scenarios.\u201d<\/em><\/p>\n\n\n\n

    The piece goes onto say:  <\/p>\n\n\n\n

    Chad Graham, Manager of Cyber Incident Response Team (CIRT) at Critical Start, offered this comprehensive take on the incident.<\/em><\/p>\n\n\n\n

    “The breach of Leidos Holdings Inc. through Diligent Corp.’s system raises significant concerns due to the highly sensitive nature of the data potentially exposed,” Graham said. “Leidos handles critical national security and defense information, including classified documents, project plans, and communication records. The exposure of such information could have severe consequences, such as, jeopardizing national security operations; revealing strategic defense plans; and exposing confidential government communications.\u201d<\/em><\/p>\n\n\n\n

    The article also refers to Microsegmentation as an approach to security that involves dividing a network into segments and applying security controls to each segment based on the segment\u2019s requirements. This is referring to how large scale cloud storage providers can segment their service to minimise the risk of unauthorised access. At Praxonomy we have chosen not to use a third party to hold our clients data securely as we have built our own system which has been developed to the highest levels of security and hack tested by a third party and verified.<\/p>\n\n\n\n

    On the second question above, I have seen in the media and on TV recently adverts from companies looking to put together a class action suit against the major cloud service providers where it would appear that they are using client\/customer data to train their LLM AI systems.<\/p>\n\n\n\n

    This article by Computer Weekly<\/em> outlines the actions that one law firm are taking against Microsoft and Google: https:\/\/www.computerweekly.com\/news\/366616407\/Barings-Law-plans-to-sue-Microsoft-and-Google-over-AI-training-data<\/a><\/p>\n\n\n\n

    An extract from the article says:<\/p>\n\n\n\n

    A Manchester law firm has started on-boarding clients for a probable class action against Microsoft and Google, which it believes to be unlawfully collecting and using peoples\u2019 personal data to train their artificial intelligence (AI) models.<\/em><\/p>\n\n\n\n

    Following a two-year-long investigation into the data practices of the tech giants, Barings Law believes the extensive information being collected about users \u2013 including voice data, demographic data, app usage information, metadata, payment details and a range of other personal details \u2013 is potentially being shared for the training and development of various AI large language models (LLMs).<\/em><\/p>\n\n\n\n

    Barings claims this is all happening without proper authorisation or consent from users, as while they may understand data is being collected, they may be unaware of the role this data plays in the training of AI LLMs.<\/em><\/p>\n\n\n\n

    If proven, this is a worrying trend, that your data, held in the Cloud could be accessed and used to train these companies AI systems and then, I assume, sold back to you in the form of AI based services.<\/p>\n\n\n\n

    So back to my opening comments on \u201cTrusted Source\u201d: how certain can you be when purchasing cloud based services from various suppliers which will hold your most critical and sensitive information? As a Board Portal supplier we recognise that we are entrusted with our clients most sensitive information and ensure that only our clients can access and see that data, and that it is kept in a highly-secure environment where we take protecting that information extremely seriously.<\/p>\n\n\n\n

    As we go forward, with the above in mind, maybe we should all be asking our suppliers, both current and future how they will adequately keep our data\/information secure and \u201cTrusted\u201d and the fact that it won\u2019t be used for any AI training purposes without our explicit permission.<\/p>\n\n\n\n

    Interesting times.<\/p>\n\n\n\n

    <\/p>\n\n\n\n

    Learn more about our secure, user-friendly board portal, Boardlogic here<\/a>
    Or why not schedule a demo with us     here<\/a><\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"

    Alan Hewitt wonders what we should be asking those who hold our data.<\/p>\n","protected":false},"author":5,"featured_media":2913,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_lmt_disableupdate":"","_lmt_disable":"","_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[5,2],"tags":[23,24,40,46,47],"yoast_head":"\nHow trusted is your trusted source? - The Boardlogic Blog | News, Updates, Industry Insights and Best Practices.<\/title>\n<meta name=\"description\" content=\"Alan Hewitt wonders what we should be asking those who hold our data.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.praxonomy.com\/blog\/how-trusted-is-your-trusted-source\/\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"How trusted is your trusted source? - The Boardlogic Blog | News, Updates, Industry Insights and Best Practices.\" \/>\n<meta property=\"og:description\" content=\"Alan Hewitt wonders what we should be asking those who hold our data.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.praxonomy.com\/blog\/how-trusted-is-your-trusted-source\/\" \/>\n<meta property=\"og:site_name\" content=\"The Boardlogic Blog | News, Updates, Industry Insights and Best Practices.\" \/>\n<meta property=\"article:published_time\" content=\"2024-12-19T17:22:27+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-12-19T17:26:18+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.praxonomy.com\/blog\/wp-content\/uploads\/2024\/12\/Security_lock.png\" \/>\n\t<meta property=\"og:image:width\" content=\"798\" \/>\n\t<meta property=\"og:image:height\" content=\"418\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Alan Hewitt\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Alan Hewitt\" \/>\n\t<meta name=\"twitter:label2\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.praxonomy.com\/blog\/how-trusted-is-your-trusted-source\/\",\"url\":\"https:\/\/www.praxonomy.com\/blog\/how-trusted-is-your-trusted-source\/\",\"name\":\"How trusted is your trusted source? - The Boardlogic Blog | News, Updates, Industry Insights and Best Practices.\",\"isPartOf\":{\"@id\":\"https:\/\/www.praxonomy.com\/blog\/#website\"},\"datePublished\":\"2024-12-19T17:22:27+00:00\",\"dateModified\":\"2024-12-19T17:26:18+00:00\",\"author\":{\"@id\":\"https:\/\/www.praxonomy.com\/blog\/#\/schema\/person\/65e6c9823ee91f9a97b66bca87b0b3ca\"},\"description\":\"Alan Hewitt wonders what we should be asking those who hold our data.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.praxonomy.com\/blog\/how-trusted-is-your-trusted-source\/#breadcrumb\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.praxonomy.com\/blog\/how-trusted-is-your-trusted-source\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.praxonomy.com\/blog\/how-trusted-is-your-trusted-source\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.praxonomy.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"How trusted is your trusted source?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.praxonomy.com\/blog\/#website\",\"url\":\"https:\/\/www.praxonomy.com\/blog\/\",\"name\":\"The Boardlogic Blog | News, Updates, Industry Insights and Best Practices.\",\"description\":\"The official blog for news, updates, industry insights and best practices from Boardlogic by Formidium \u2014 board meeting management software\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.praxonomy.com\/blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-GB\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.praxonomy.com\/blog\/#\/schema\/person\/65e6c9823ee91f9a97b66bca87b0b3ca\",\"name\":\"Alan Hewitt\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/www.praxonomy.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/65478671201548263097e2729eec6f6e?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/65478671201548263097e2729eec6f6e?s=96&d=mm&r=g\",\"caption\":\"Alan Hewitt\"},\"description\":\"Alan is a Non-executive Director at Praxonomy. Alan has worked in IT Services and Consulting for nearly 40 years including 30 years at IBM, where he was an Executive Partner in IBM\u2019s Global Consulting Business responsible for the development of the Workforce Transformation Practice. Since leaving IBM in 2010, he has worked as an independent Business Consultant working for major companies across industries and the world. Alan is a Fellow of both the IET and BCS.\",\"url\":\"https:\/\/www.praxonomy.com\/blog\/author\/alan\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"How trusted is your trusted source? - The Boardlogic Blog | News, Updates, Industry Insights and Best Practices.","description":"Alan Hewitt wonders what we should be asking those who hold our data.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.praxonomy.com\/blog\/how-trusted-is-your-trusted-source\/","og_locale":"en_GB","og_type":"article","og_title":"How trusted is your trusted source? - The Boardlogic Blog | News, Updates, Industry Insights and Best Practices.","og_description":"Alan Hewitt wonders what we should be asking those who hold our data.","og_url":"https:\/\/www.praxonomy.com\/blog\/how-trusted-is-your-trusted-source\/","og_site_name":"The Boardlogic Blog | News, Updates, Industry Insights and Best Practices.","article_published_time":"2024-12-19T17:22:27+00:00","article_modified_time":"2024-12-19T17:26:18+00:00","og_image":[{"width":798,"height":418,"url":"https:\/\/www.praxonomy.com\/blog\/wp-content\/uploads\/2024\/12\/Security_lock.png","type":"image\/png"}],"author":"Alan Hewitt","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Alan Hewitt","Estimated reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.praxonomy.com\/blog\/how-trusted-is-your-trusted-source\/","url":"https:\/\/www.praxonomy.com\/blog\/how-trusted-is-your-trusted-source\/","name":"How trusted is your trusted source? - The Boardlogic Blog | News, Updates, Industry Insights and Best Practices.","isPartOf":{"@id":"https:\/\/www.praxonomy.com\/blog\/#website"},"datePublished":"2024-12-19T17:22:27+00:00","dateModified":"2024-12-19T17:26:18+00:00","author":{"@id":"https:\/\/www.praxonomy.com\/blog\/#\/schema\/person\/65e6c9823ee91f9a97b66bca87b0b3ca"},"description":"Alan Hewitt wonders what we should be asking those who hold our data.","breadcrumb":{"@id":"https:\/\/www.praxonomy.com\/blog\/how-trusted-is-your-trusted-source\/#breadcrumb"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.praxonomy.com\/blog\/how-trusted-is-your-trusted-source\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.praxonomy.com\/blog\/how-trusted-is-your-trusted-source\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.praxonomy.com\/blog\/"},{"@type":"ListItem","position":2,"name":"How trusted is your trusted source?"}]},{"@type":"WebSite","@id":"https:\/\/www.praxonomy.com\/blog\/#website","url":"https:\/\/www.praxonomy.com\/blog\/","name":"The Boardlogic Blog | News, Updates, Industry Insights and Best Practices.","description":"The official blog for news, updates, industry insights and best practices from Boardlogic by Formidium \u2014 board meeting management software","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.praxonomy.com\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-GB"},{"@type":"Person","@id":"https:\/\/www.praxonomy.com\/blog\/#\/schema\/person\/65e6c9823ee91f9a97b66bca87b0b3ca","name":"Alan Hewitt","image":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/www.praxonomy.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/65478671201548263097e2729eec6f6e?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/65478671201548263097e2729eec6f6e?s=96&d=mm&r=g","caption":"Alan Hewitt"},"description":"Alan is a Non-executive Director at Praxonomy. Alan has worked in IT Services and Consulting for nearly 40 years including 30 years at IBM, where he was an Executive Partner in IBM\u2019s Global Consulting Business responsible for the development of the Workforce Transformation Practice. Since leaving IBM in 2010, he has worked as an independent Business Consultant working for major companies across industries and the world. Alan is a Fellow of both the IET and BCS.","url":"https:\/\/www.praxonomy.com\/blog\/author\/alan\/"}]}},"modified_by":"Tim Gilkison","_links":{"self":[{"href":"https:\/\/www.praxonomy.com\/blog\/wp-json\/wp\/v2\/posts\/2910"}],"collection":[{"href":"https:\/\/www.praxonomy.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.praxonomy.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.praxonomy.com\/blog\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/www.praxonomy.com\/blog\/wp-json\/wp\/v2\/comments?post=2910"}],"version-history":[{"count":5,"href":"https:\/\/www.praxonomy.com\/blog\/wp-json\/wp\/v2\/posts\/2910\/revisions"}],"predecessor-version":[{"id":2918,"href":"https:\/\/www.praxonomy.com\/blog\/wp-json\/wp\/v2\/posts\/2910\/revisions\/2918"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.praxonomy.com\/blog\/wp-json\/wp\/v2\/media\/2913"}],"wp:attachment":[{"href":"https:\/\/www.praxonomy.com\/blog\/wp-json\/wp\/v2\/media?parent=2910"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.praxonomy.com\/blog\/wp-json\/wp\/v2\/categories?post=2910"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.praxonomy.com\/blog\/wp-json\/wp\/v2\/tags?post=2910"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}