The Dark Side of the Cloud



Apr 24, 2024

Raise your hand if you’re using AI tools, in some way or another.

Did you know that every time you paste data into services like ChatGPT, your browser sends that data to be saved on a server in a big data center? We call this the ‘cloud’, but it’s actually someone else’s computer. A server doesn’t look like our laptop, but it’s a computer nonetheless.

Cloud-based services have become increasingly popular, promising scalability, flexibility, and cost efficiency. However, this convenience also comes with a dark side many don’t highlight- the ability to store and process confidential data.

While the cloud isn’t going anywhere, and shouldn’t- it’s important to be aware of the potential security risks associated with entrusting sensitive data to a third party provider.

The Risks of Cloud-based Services

  1. Data Breaches
    Cloud providers help to protect your data, but breaches can and will still happen. Unauthorized access to your data, whether through phishing, malware, or human error, can lead to sensitive information being compromised.

  2. Lack of control
    Cloud-based services have data retention policies that are defined in the Terms of Service. As a customer, you have limited control over what is kept or deleted. EU citizens who are under the GDPR can request to access their data and have it deleted, but the process isn’t straightforward.
  1. Lack of compliance
    Many industries have strict data privacy and security regulations, such as HIPAA in the healthcare sector. Cloud-based services may not always comply with these regulations, leaving your data exposed to potential legal risks.

  2. Lack of visibility
    While some cloud providers offer limited security monitoring, they may not provide the granular visibility into your data that you would gain with either on-premise or local solutions. This can make it difficult to identify and address security threats.
  3. Single point of failure
    Cloud-based solutions rely on a single infrastructure, which can be vulnerable to downtime or attack. If the cloud provider experiences a security breach, your data can be compromised.

How to Mitigate the Risks
While no system is completely foolproof, you can take steps to mitigate the risks associated with cloud-based servers and services:

  1. Research and choose a reputable cloud-based service
    Research and compare security credentials, track record, and customer reviews. Select a provider that adheres to relevant industry security standards, such as ISO 27001 and SOC 2. You should also understand the security measures the provider takes to protect your data, and their incident response capabilities, breach notification policies, and data encryption protocols.

  2. Use local solutions to meet the highest standards of data protection and security
    With AI technology constantly evolving, we should definitely leverage it to be more productive- however, current AI tools and copilots (eg. Microsoft Copilot) leverage servers and the cloud, potentially exposing both you and your company’s data to risk.

The safest measure would be to use a locally-run copilot that runs on your machine.

Opilot has built a solution to help you leverage AI models securely for a personalized copilot with full compliance and protection. If you’d like to find out more about what we do, please reach out to with the email title: ‘Tell me more about Opilot’.

This article was partially written by Opilot, utilizing Gemma2b’s local model on Ange’s 8GB RAM laptop.