Executive Summary
In this post, we explore the relationship between AI and end user computing (EUC) risk software like Apparity. EUC risk software can be a highly beneficial piece to managing the larger AI puzzle. For example, by using solutions like Apparity, organizations can effectively identify and inventory user-built applications that connect and integrate with AI platforms.
EUC risk solutions can also integrate with AI directly to offer automated insights and documentation for file content, provided a cautious approach is taken due to concerns with sensitive data.
Conversely, it is important to realize where EUC risk software has limitations in this area. These tools are most effective when part of a comprehensive, company-wide AI program with robust user controls.
The Role of AI in EUC Risk Management
Understanding the definition of an EUC is key when exploring this topic:
EUC definition: a file created, updated, and/or maintained by business users, outside of IT control, that is sufficiently complex and impactful to the business, typically supporting a critical business process, reporting, or similar function.
Currently, AI is most commonly leveraged within EUCs in a handful of ways:
- EUCs connect to AI platforms for various use cases like data analysis.
- Users leverage AI to build EUCs, including code generation, formula creation, or complete file creation.
While these use cases offer significant efficiency gains for end users, they also introduce risks that many organizations are cautious about. For instance, if an employee without Python expertise uses AI to generate a Python script, how can they ensure the code is accurate? Furthermore, how can they verify that the script is suitable for its intended purpose?
How EUC Risk Software Like Apparity Supports AI-Enabled EUCs
Apparity is currently best suited to help organizations in two ways when it comes to managing EUCs that utilize AI.
1. Identifying EUCs that Connect to AI Platforms:
Apparity can detect where EUCs link to AI models, flagging connection strings during discovery scans. For example, if Apparity identifies a connection string to an AI model, we can report and flag this within the results of a discovery scan. While Apparity maintains a library of common connection strings, it also supports customizable searches for company-specific strings.
2. Maintaining an Inventory of AI-Enabled EUCs:
Beyond identification, Apparity helps maintain a comprehensive inventory of AI-enabled EUCs. The software can be configured to include additional controls, questionnaires, and data collection requirements. For example, applications connecting to AI platforms might require workflows that require multiple users to attest that the EUC is regularly tested along with documentation uploads.
Limitations of EUC Risk Software in AI-Powered Environments
It’s risky to exaggerate the benefits of EUC risk solutions, especially in the new area of AI. AI is a large field used by many organizations. It serves many purposes, most of which do not involve EUCs. For example, highly trained professionals often create AI models, or AI might be used in areas like customer support.
Systems like ours are great for managing certain use cases, but still have limitations nevertheless. For example, if a user copies and pastes code generated from an AI solution, there is no reliable way to trace its origin. Therefore, we highly recommend combining our solution with a more comprehensive set of controls to manage broader AI risk.
Enhancing Apparity with AI Tools
Apparity is integrating AI into its processes, focusing on enhancing capabilities while addressing the sensitivity of EUC in financial institutions. We are working with both current and potential customers to safely apply AI.
- Increasing System Accuracy: Leveraging AI to improve accuracy in determining EUC impact and grouping similar file copies.
- Automated Documentation: Using AI to process EUC content, automating the documentation of files and their processes.
- Platform Recommendations: Employing AI to suggest alternative EUC platforms based on file documentation and usage patterns.
Given the sensitive nature of EUCs, especially in finance, Apparity is carefully exploring how AI can enhance our risk management solutions while collaborating closely with customers.