6 ways Sendbird is embracing AI securely
No longer a futuristic concept, artificial intelligence (AI) is fast-reshaping how we work, innovate, and communicate in our everyday lives.
At Sendbird, we’re already building the next generation of AI for customer service. But as we create new ways for businesses to connect meaningfully with customers, we believe it's essential to build on a strong foundation of AI security and responsibility.
As the Chief Information Security Officer (CISO) at Sendbird, I’m excited to share our approach to enabling AI internally. For us, it isn't just about adopting new technology; it's about doing so in a way that upholds our steadfast commitment to the security and privacy of our company, our employees, and, most importantly, our customers. This is how Sendbird is navigating the AI revolution: with security as our guide.
Leverage omnichannel AI for customer support
1. Empowering teams with secure AI assistants
To help our employees work smarter and faster, we provide access to the paid, enterprise-grade versions of top AI assistants like OpenAI's ChatGPT and Google's Gemini. We use the enterprise versions because they come with a contractual guarantee: that our data, from the prompts and conversations to the ideas our team explores, is never used to train the public models of the AI providers.
Data integrity and privacy is a non-negotiable for us. It means our team can leverage the full power of these incredible tools to draft communications, brainstorm ideas, and automate workflows without risking our confidential internal information. Simply put, empowering our team and protecting our data are not mutually exclusive.
2. Supercharging engineers with secure AI coding practices
Our Engineering teams are the architects of our platform. To help them build, test, and innovate more efficiently, we’ve enabled the AI-driven GitHub Copilot for Business. Just like we use enterprise-grade ChatGPT, the decision to use the GitHub AI coding assistant is rooted in security.
The GitHub AI Copilot ensures that the code our engineers write and the suggestions they receive remain ours and ours alone. This allows our developers to benefit from AI-powered code completions and suggestions, accelerating development while ensuring our intellectual property remains secure within our virtual walls. We also work closely with our Engineering team to conduct rapid security reviews of any new AI models or updates before enabling them within GitHub Copilot, ensuring ongoing proactive AI risk management.
8 major support hassles solved with AI agents
3. Evolving vendor security reviews for the AI era
As a company that takes pride in its robust security posture, Sendbird’s vendor review process has always been rigorous. With the proliferation of AI, we’ve enhanced our due diligence to address the unique challenges and risks associated with AI-powered services.
When we evaluate any new vendor, especially those using AI, we now ask a series of targeted questions:
Data handling and privacy: How is our data processed and stored? What specific measures are in place to ensure the confidentiality and integrity of our data when interacting with your AI models?
Model training: Is our data used to train your foundational or customer-specific models? Do we have the explicit ability to opt out?
Abuse prevention: What safeguards are in place to prevent the malicious use of your AI services, and how do you monitor for and respond to such threats?
Data retention: What are your policies on data retention and deletion? How can we be assured that our data is permanently deleted upon request?
By asking these critical questions, we ensure that our technology partners share our commitment to data protection and responsible AI use.
4. Applying AI within the security organization
Beyond general enablement, teams within Sendbird’s security organization are proactively applying AI to bolster our security posture and operational efficiency. For example:
Our Security Engineering team has developed AI-powered automation to analyze code PRs (pull requests), flagging potentially critical changes for in-depth security review. This significantly enhances our ability to identify and mitigate vulnerabilities early in the development lifecycle.
Our Threat Detection and Response team utilizes AI to automate the processing and correlation of security alerts. This accelerates our ability to identify and respond to genuine threats, reducing noise and improving our incident response capabilities.
Our AI Governance, Risk, and Compliance (GRC) team has used Sendbird's AI agent builder to create an internal bot that provides our sales team with instant, accurate answers to customer inquiries about our AI security and AI compliance measures. It draws directly from our curated GRC knowledge base to provide timely, tailored, accurate responses to our customers.
Our IT team has also deployed an AI agent assistant bot in Slack to address a high number of common employee IT questions, enhancing our support efficiency by allowing IT personnel to focus on more complex issues.
Automate customer service with AI agents
5. Fostering AI expertise by investing in our people
We believe the most powerful tool in any security landscape is a skilled, well-informed team. To this end, Sendbird is proud to offer a stipend to our engineers to pursue education and training in AI.
By investing in the AI literacy of our team, we’re not only nurturing their professional growth but also building a workforce that can innovate safely, responsibly, and effectively. Fostering a deeper understanding of the principles, opportunities, and risks associated with AI use across our engineering team makes us better equipped to build secure AI products and to use AI tools wisely.
6. Protecting customer data with Sendbird’s AI products
This brings us to the most critical aspect of our AI journey: the trust our customers place in us. As we integrate AI into our product offerings, like our AI support agent, our commitment to protecting customer data is paramount.
We have established stringent contractual agreements with our Large Language Model (LLM) providers. These contracts explicitly forbid the use of our customers' data for training their base models. Any data processed by our AI services is done so solely for the benefit of that specific customer, within a secure and isolated environment. Your data is your data, and we ensure it is never used to train general-purpose AI models.
Building AI customer service on a trusted foundation
At Sendbird, we’re genuinely excited about AI’s potential to transform the way we work and provide value for our customers. However, as we navigate this exciting frontier and build new solutions in AI customer care, we’re doing so with a security-first mindset.
By empowering employees with secure AI tools, enhancing our vendor scrutiny, investing in our team's expertise, and upholding an unwavering commitment to customer data privacy in our products, we’re ensuring that our AI adoption is both ambitious and responsible. This balanced approach allows us to innovate with confidence and continue to be a trusted partner in secure, reliable, and enterprise-grade solutions in AI customer service.
