Follow ZDNET: Add us as a preferred source on Google.
ZDNET’s key takeaways
- AI can boost productivity and improve data access.
- Tech leaders have had to halt rollouts due to data concerns.
- Long-fogotten insights emerge with AI prompts.
Agentic and generative AI have opened up information and insights to professionals in enterprises. However, evidence suggests that trend could be too much of a good thing. At a recent conference, veterans of enterprise AI rollouts issued cautionary words to professionals considering diving headfirst into AI.
The issues these professionals encountered even led to temporary halts in AI rollouts meant to boost employee productivity, as executives reassessed information that could be exposed internally. At the same time, the executives, who spoke on a panel at the recent Veeam conference in New York City, emphasized that AI wasn’t the source of the challenge. Both panelists’ organizations had accumulated vast stores of data, and one required a new governance structure.
Also: 96% of IT pros use AI now: Their top 7 agentic applications and biggest implementation roadblocks
Steve MacIntyre, senior vice president at Fidelity Investments, described how his 400,000-employee company saw data long tucked away in the recesses of its organization — on SharePoint sites or in network-attached storage, for example — suddenly surface via AI prompts. “It wasn’t an AI problem,” he said. “It was the productivity and the ability of AI to find things quickly.”
Wim Geurden, chief architect for enterprise tech at EY, described his company’s challenge as pinning down data ownership across its global network of independent affiliates — data that was also surfacing through its AI engine. “When big enterprise search was launched, all kinds of stuff started to surface in places that people went,” he said.
“EY Global doesn’t own any of the data. Every member firm owns its data. That is where the first questions were raised. What’s all this? How many SharePoint sites? We had multiple petabytes of data, and it was the Wild West. There was no lifecycle management on these SharePoint sites, and half of them had no owners. We didn’t know when they were last accessed.”
Also: 51% of professionals say AI workslop lowers their productivity – stop it in 2 steps
At Fidelity, information was emerging from a vast library of PowerPoint and PDF reports. “We have an entire history, decades of research notes at Fidelity, such as PDFs,” said MacIntyre. “We gave out a few licenses for Copilot, and immediately, two days in, legal came to me and said we have an AI problem. One of my team did a search to find something and AI came back with all the PowerPoints that were on SharePoint from years ago.”
AI is a “tremendous search engine that runs at speed,” MacIntyre continued. “Suddenly, it’s searching everything that it has access to, and surfacing that to us in a meaningful way. Everybody thought we had an AI problem, but what it showed was a problem of securing data. This issue hit home when we immediately realized that we had all of this data that we didn’t think we cared about — unstructured data — and along came LLMs, and suddenly all of that data becomes gold.”
Establishing guardrails
At EY, as the gates of its vast data stores opened to AI, the priority was to “find who owns the data,” said Geurden. “The second thing we did was we shut everything off.” Users could only access the Copilot tool if they were licensed.
Also: Building an agentic AI strategy that pays off – without risking business failure
The data ownership verification process included identifying and labeling the data found across the EY enterprise, Geurden continued. For example, labels included “confidential” or “financial services.”
AI itself offered a means to help label the company’s knowledge repositories of unstructured data, Geurden explained, noting the challenge of human labeling with a 25% annual turnover rate.
However, labeling needs to go deeper than simple high-level tags. “The first thing is we have to know what was there when the AI ran,” said Geurden. “We need to have the historical picture, the versions.” Then, “we have to go way beyond the labeling of confidential information. We need to have geo-restrictions, geo-labeling, line-of-business labeling, linked to our contracts, because we get an enormous amount of client data specifying what we can do and what we cannot do.”
Also: Over 80% of US government agencies already use AI agents – and it’s only the beginning
All of this metadata has to be codified into contracts, he added: “That’s the easy part. Then we have to codify it in some technological structure. That is, for now, still very, very cumbersome.”
Governance is the key to success across all aspects of these AI implementations, the executives emphasized. “We have to know what’s being used,” said MacIntyre.
“That brings into play the idea of shadow AI, shadow IT, all those kinds of things — and it goes back to the endpoint data. We have to know that the asset inventory is accurate. Are they aligned with the use cases that are registered and approved? That way, at least we know that if someone’s working on something, they should be using Claude, because it’s tied to a particular project that was approved for that.”
Also: These 4 critical AI vulnerabilities are being exploited faster than defenders can respond
Next, “we have to think about what’s the safe environment where we want these agents to run?” MacIntyre continued: “How do we want them to interact with the foundational models? What architecture do we put in place to funnel all that activity into a place that gives us the right visibility and telemetry so we can see that agents and applications using AI are behaving in the way that was intended? Or misbehaving?”
An additional challenge — perhaps the most vexing for all digital leaders at this time — is establishing agent identity, said MacIntyre: “How do you give an agent identity? They then become an employee. But what if my agent only lives for seconds? It’s a really interesting problem, and I don’t know if anybody’s solved it really well yet.”
