Poster Session I
Project Type
Poster
Faculty Mentor’s Full Name
Christina Robichaud
Faculty Mentor’s Department
Management And Marketing
Abstract / Artist's Statement
The average modern enterprise uses hundreds of disconnected Software-as-a-Service (SaaS) applications, leading to a problem known as SaaS sprawl. SaaS sprawl leads to the fragmentation of data, which makes it difficult to locate files, increases the potential to use outdated versions of files, and causes an overall loss in productivity and workplace inefficiencies. To combat this, platforms like Dropbox, Microsoft, Google, and Glean are developing AI-powered unified search engines. These tools utilize natural language processing to index cross-platform files, allowing employees to instantly retrieve context-aware answers from a centralized hub.
However, this project argues that unified search engines currently present unacceptable security liabilities. By effectively eliminating security by obscurity, these tools magnify the risks of existing, poorly managed file permissions, allowing both unauthorized internal users and compromised accounts to instantly surface highly confidential data. Furthermore, the underlying retrieval-augmented generation architecture introduces severe risks regarding data tampering and corporate sabotage. While initially conceived as an extension of a degree-specific strategic analysis of Dropbox, this independent honors increment pivoted to assess the broader threat landscape of enterprise AI search. It concludes by making a definitive case for delayed adoption, arguing that organizations must halt deployment until comprehensive data audits and automated zero trust guardrails are fully implemented.
Category
Social Sciences
Company Data at Risk: The Case Against Unified Search
UC South Ballroom
The average modern enterprise uses hundreds of disconnected Software-as-a-Service (SaaS) applications, leading to a problem known as SaaS sprawl. SaaS sprawl leads to the fragmentation of data, which makes it difficult to locate files, increases the potential to use outdated versions of files, and causes an overall loss in productivity and workplace inefficiencies. To combat this, platforms like Dropbox, Microsoft, Google, and Glean are developing AI-powered unified search engines. These tools utilize natural language processing to index cross-platform files, allowing employees to instantly retrieve context-aware answers from a centralized hub.
However, this project argues that unified search engines currently present unacceptable security liabilities. By effectively eliminating security by obscurity, these tools magnify the risks of existing, poorly managed file permissions, allowing both unauthorized internal users and compromised accounts to instantly surface highly confidential data. Furthermore, the underlying retrieval-augmented generation architecture introduces severe risks regarding data tampering and corporate sabotage. While initially conceived as an extension of a degree-specific strategic analysis of Dropbox, this independent honors increment pivoted to assess the broader threat landscape of enterprise AI search. It concludes by making a definitive case for delayed adoption, arguing that organizations must halt deployment until comprehensive data audits and automated zero trust guardrails are fully implemented.