Ameesh Divatia is the co-founder & CEO of Baffle, a company focused on integrating data security into every aspect of the data pipeline to simplify cloud data protection and minimize the impact of data breaches.
Its platform offers a no-code, easy-to-deploy solution that secures sensitive data without affecting performance or requiring changes to applications. Baffle’s technology is compatible with major cloud providers such as AWS, Azure, IBM, and GCP. Serving a wide range of clients, from Fortune 25 companies to small and medium businesses, Baffle protects over 100 billion records worldwide, working with system integrators for efficient deployment.
What motivated you to co-found Baffle, Inc., and how did your previous entrepreneurial experiences shape your approach in the early stages of the company?
After my last company’s exit, I took a much-needed break to recharge and think about what I really wanted to do next. I’ve always loved building companies, so I started having conversations with an early-stage VC friend of mine, and he introduced me to Priyadarshan “PD” Kolte, who would become my co-founder. He challenged us with an intriguing question, disguised as a challenge: “How do you get value from data while still protecting it?” That challenge hooked me—solving tough problems is what I live for. There was a glaring gap in data protection, especially around simplifying encryption and protecting data ‘in use’. Nine years later, here we are, answering that question with Baffle.
With the rise of generative AI, how can companies ensure that their data remains secure while still leveraging the benefits of AI technologies?
This is a question every company dabbling in AI should be asking. Security and innovation often feel like two opposing forces, but they don’t have to be. The key is a breakthrough innovation called Privacy Enhanced Computation (PEC) that begins with encryption—keeping data protected at rest, in transit, and while in use. By encrypting sensitive data before it gets to the AI models first and then using PEC to process it, you can still get the insights you need without compromising security. It’s about staying ahead of the game, updating security protocols, and leveraging tools like Baffle to mitigate risks. You don’t have to sacrifice innovation for security.
Can you explain the specific role of encryption in protecting AI-generated data and models? How does it differ from traditional data protection methods?
Encryption for AI data is like wrapping your most valuable asset in bubble wrap—no matter how much it’s tossed around, it stays protected. Think of it as locking the data while you’re using it. Traditional methods focus on securing data when it’s not in use (at rest) or when it’s moving (in transit). But with AI, we’re adding a new layer of complexity because the data needs to stay encrypted even when it’s being crunched by models. Baffle focuses on this “data-in-use” protection, ensuring performance isn’t impacted but security isn’t sacrificed.
Baffle recently launched a data protection solution specifically for GenAI projects. Can you share more details about how this solution works and what makes it unique in the market?
Our GenAI solution is all about making encryption simple and efficient, even when you’re working with AI. It plugs into an existing AI pipeline by protecting data as it is being ingested. This is followed by a capability known as real-queryable encryption that processes the data without exposing it. Most importantly, you don’t need to change anything in your AI pipeline—no rewriting code, no hassle. Just plug it in and go. We’ve focused on ease of use and making sure security doesn’t get in the way of innovation, which is why customers are finding this solution so attractive.
Your platform emphasizes “no code” changes for implementing data protection. How does this approach benefit companies, especially those with large, complex data pipelines?
No one wants to break something that’s already working. With our “no code” approach, companies don’t need to rip apart their existing applications or data movers to add encryption. This is a huge benefit for large organizations with complex data pipelines because it means they can bolster security without risking disruptions. It’s faster, easier, and removes a lot of the headaches that typically come with integrating new tech.
How does Baffle’s Real Queryable Encryption differ from other encryption methods, and what advantages does it offer for companies handling large-scale data analytics?
Real Queryable Encryption is our secret sauce. Unlike traditional encryption, which requires you to decrypt data in the data store before analyzing it (and thereby exposing it), we let you run queries on the encrypted data itself. It’s like having your cake and eating it too—you get the insights without risking security. This is a game-changer, especially for companies dealing with huge amounts of sensitive data, like in finance or healthcare, where compliance is non-negotiable.
Data-in-use protection is a critical feature of Baffle’s platform. Can you explain how this works and why it’s essential for companies, particularly in the context of GDPR and other data privacy regulations?
When data is in use—being processed by systems—it’s usually at its most vulnerable. That’s why protecting it in real-time is critical, especially with regulations like GDPR, which require a posture known as ‘data protection by design’. Our platform ensures that even when data is being processed, it’s still encrypted. This approach eliminates that risky window of exposure where data breaches often happen, helping companies stay compliant and safe.
As AI models become more complex, what are the main challenges in securing these models against adversarial attacks, and how does Baffle address these challenges?
AI models are getting smarter, but so are attackers. Adversarial attacks—where bad actors try to manipulate the data that impacts an AI model’s output—are a growing concern. We tackle this by focusing on the data side. By encrypting the data that the AI models rely on, we make it much harder for anyone to mess with the model’s integrity. It’s like giving the AI model a locked vault of data—no one’s getting in without the key.
Can you discuss the importance of role-based access control (RBAC) in modern data protection strategies, especially for organizations using multi-tenant cloud environments?
In multi-tenant cloud environments, RBAC is a must-have. Imagine you’ve got a bunch of people all sharing the same cloud infrastructure. Without RBAC, it’s like giving everyone access to the whole building instead of just their office. Our platform integrates RBAC so only authorized people based on their individual role or credential, can access sensitive data, keeping things locked down tight and reducing the risk of breaches.
Baffle has seen significant growth in recent years, with your revenues doubling in the past year. What do you attribute this growth to, and how do you plan to continue this trajectory?
We’re riding a wave of demand because we’ve built the right solution for the right problem. Our growth comes down to one thing: we’re solving a problem that every company faces—data protection. With cyber threats on the rise and regulations getting tougher, companies are turning to us for solutions that work without slowing them down. Our focus on real-queryable encryption and ease of use is a big reason for that growth. Moving forward, we’re planning to keep pushing the envelope on innovation, expanding our products, and building strong partnerships that take us into new markets.
Thank you for the great interview, readers who wish to learn more should visit Baffle.
Credit: Source link