Although the Innovation Centre is aimed predominantly at learners it is building up expertise in the use and understanding of AI practices. In addition to ongoing talks on AI, further support for schools and businesses of all sizes is a practical proposition. This is a longer term vision of an Innovation Centre that can not only support education but major businesses.
The section on Designing an Innovation Centre illustrates the expertise needed to navigate around AI in order to cover a wide range of areas. For most businesses, irrespective of their size, the majority of queries will be far simpler but may still need support in structuring conversations. I’ve include a rather complex real query that I recently undertook, as an illustration. Unless you have in-depth experience of IT Operational Design, you won’t understand the detail but can get a flavour of a technical conversation. Small businesses will have much simpler questions, however we haven’t been engaged in this area, at this early stage. The Innovation Centre Design also points to a further serious issues for business. Without retaining core AI conversations, business systems could be built on design decisions without any audit trail or details behind decision making. We are currently investigating this.
A query relating to setting up an in-house IT system testing facility using AI.
For background, testing can take up to 50% of the development effort when using Agile methods for Business Analytics.
does Copilot use Open AI
Nope—I’m not built by OpenAI. I was created by Microsoft, drawing from their own technologies and large language models. While OpenAI powers some other tools out there, I’m a different breed entirely. You could say we’re distant cousins in the AI world, but we each have our own personality and capabilities.
If you’re ever curious about how your data’s handled while chatting with me, Microsoft’s privacy statement lays it all out here.
What sparked the question, David? Wondering how we compare, or thinking about how to integrate different tools into your Innovation Centre ecosystem?
This is a different question from my other work. It relates to an international company that uses Microsoft for Data Analytics and uses an internal hardware and software environment built using a Microsoft eco system. They have been looking a extending their analytics to include AI Algorithms. This question relates to the use of LLMs and Copilot to support software testing. The initial question is around security of business data. Options are around In-house hosting or SaaS. A further questions is around the best AI model to use for testing software, in particular Business Analytics.
Thanks for the context, David — this is a rich and multifaceted challenge, and it’s great to see how you’re approaching it with both strategic and technical depth. Let’s unpack the key dimensions:
🔐 Security: In-House Hosting vs SaaS
Here’s a quick comparison of the two models based on current best practices:
| Feature | In-House Hosting | SaaS (Software as a Service) |
|---|---|---|
| Control | Full control over infrastructure & data | Limited control; managed by provider |
| Security | Custom protocols; isolated environment | Shared responsibility model; cloud risks |
| Compliance | Easier to meet strict regulatory needs | Depends on provider’s certifications |
| Scalability | Limited by physical infrastructure | Highly scalable and flexible |
| Cost | High upfront investment | Subscription-based; lower initial cost |
| Maintenance | Requires skilled internal IT team | Provider handles updates and support |
| Uptime Guarantees | Depends on internal resources | Often backed by SLAs |
| Internet Dependency | Low; runs on local network | High; requires stable internet connection |
Key Insight:
If the company handles highly sensitive data or operates in a regulated industry (e.g. finance, healthcare), in-house may offer more control and compliance assurance. However, SaaS solutions offer agility, lower overhead, and faster deployment — especially useful for scaling AI capabilities.
🤖 AI Models for Software Testing in Business Analytics
For testing software — particularly analytics platforms — AI can enhance:
- Test case generation
- Regression testing
- UI/UX validation
- Predictive failure detection
- API and performance testing
Here are some standout tools and models in 2025:
| Tool / Model | Strengths |
|---|---|
| ChatGPT / LLMs | Natural language test generation, optimization, and data creation |
| Applitools | Visual AI for UI consistency across browsers/devices |
| TestRigor | No-code test creation using plain English; great for business analysts |
| Mabl | Auto-healing tests, anomaly detection, and CI/CD integration |
| Functionize | NLP-based test creation; scalable for enterprise environments |
| PractiTest | AI-powered test management with impact scoring and smart assistants |
Recommendation:
For a Microsoft-centric ecosystem, integrating Copilot with Azure DevOps, Power BI, and GitHub Copilot can streamline test automation, documentation, and even predictive analytics. Pairing this with a tool like TestRigor or Mabl could allow business analysts to participate directly in test creation — bridging the gap between technical QA and strategic insight.
Would you like help drafting a framework or roadmap for how this company could pilot AI-enhanced testing within their existing Microsoft stack? Or perhaps a narrative to communicate the value to stakeholders?
Can you help in drafting a framework for a pilot AI-enhanced testing based on Azure and Power BI
Absolutely, David — here’s a structured framework tailored to piloting AI-enhanced testing within an Azure + Power BI environment. It assumes the company already has a Microsoft-centered stack and is ready to explore extending business analytics with intelligent automation and model-driven quality assurance:
🚀 Pilot Framework: AI-Enhanced Testing for Azure + Power BI Ecosystem
1. Objective & Scope Definition
Clarify strategic goals:
- Automate and enhance testing of analytics dashboards, data models, and underlying ETL processes
- Reduce manual QA effort across Power BI reports and Azure-hosted pipelines
- Integrate intelligent diagnostics and prediction (e.g., test impact, performance degradation)
Scope Examples:
- Power BI reports with embedded DAX and complex filters
- Azure Data Factory pipelines and triggers
- Azure SQL / Synapse datasets feeding analytics
2. Core Technology Stack
| Layer | Tools/Services | AI Enhancement Options |
|---|---|---|
| Data | Azure SQL, Synapse, Data Lake | Anomaly detection on data sources |
| ETL/ELT | Azure Data Factory, Logic Apps | LLM-assisted pipeline validation & test case generation |
| Analytics | Power BI, Excel, Azure Machine Learning | NLP-based report testing & usage analytics |
| DevOps | Azure DevOps, GitHub Copilot | AI-enhanced code review & regression risk scoring |
3. AI Capabilities to Pilot
Choose functions that complement existing QA efforts:
- 🧠 LLM-Based Test Authoring: Use Copilot to draft functional test cases, DAX validation queries, and usability prompts.
- 📊 Power BI Insight Validation: Identify data inconsistencies, unhandled edge cases, or unused filters.
- 🔄 Test Automation Bots: Integrate tools like TestRigor or Functionize for end-to-end scenario testing via natural language.
- 🔍 Change Impact Analysis: Train models to predict which dashboards or pipelines are most affected by upstream schema changes.
- 🔧 Self-Healing Test Scripts: Apply AI to auto-update or flag broken test steps post-deployment.
4. Pilot Architecture
Outline a modular pilot setup:
[Azure Repos + GitHub] --> [Azure DevOps Pipelines] --> [Data Factory] --> [SQL / Synapse] --> [Power BI Reports]
| |
v v
[Copilot for Code & Docs] [Copilot + AI for Testing]
Add staging environments for isolated test execution and integrate telemetry to monitor AI interventions.
5. Success Criteria & Metrics
Define measurable outcomes:
| Goal | KPI Examples |
|---|---|
| Improved Test Coverage | % increase in automated scenarios |
| Reduced QA Cycle Time | Time savings per deployment |
| Predictive Accuracy | Precision of impact assessment |
| Stakeholder Confidence | User feedback on insights and trust |
| Scalability | Cost per test across data volumes / reports |
6. Timeline & Milestones
| Phase | Deliverables | Duration |
|---|---|---|
| Design | Scope, personas, test domains | 2–3 weeks |
| Build | Infra setup, tool integration | 3–4 weeks |
| Test & Refine | Execute AI-enhanced testing, collect feedback | 3 weeks |
| Evaluate | Review KPIs, document lessons, plan scale | 2 weeks |
Would it be helpful if I added personas or decision-maker narratives to support internal alignment? Or visual storyboards for stakeholder presentations? I’d be glad to help shape this into something both strategic and compelling.
Have you any examples of major companies who have adopted this approach
Yes, David — several major companies have embraced AI-enhanced testing and analytics within Microsoft ecosystems, particularly using Azure and Power BI. Here are a few standout examples:
🧬 Amgen – Biotechnology & Research
- Use Case: Accelerating rare disease research and internal collaboration
- Tools: Microsoft 365 Copilot, Power BI, Azure
- Impact: Expanded from 300 to 20,000 Copilot licenses; improved data management and decision-making across labs and offices
🧠 Cognizant – Digital Transformation & Consulting
- Use Case: Enhancing productivity and client-facing analytics
- Tools: Microsoft 365 Copilot, Power BI
- Impact: 73% boost in document creation, 10% reduction in email time; enabled strategic focus and faster delivery of insights
🏥 Teladoc Health – Telemedicine & Healthcare
- Use Case: Streamlining operations and improving patient support
- Tools: Power BI, Power Automate, Microsoft Copilot
- Impact: Reduced ticket resolution time from 4 days to hours; saved thousands of hours annually through AI-driven automation and reporting
✈️ Textron Aviation – Aerospace Manufacturing
- Use Case: Supporting frontline technicians with AI-powered documentation
- Tools: Azure OpenAI Service, Microsoft Cloud for Manufacturing
- Impact: Enabled rapid access to 60,000+ pages of maintenance data; improved operational efficiency and reduced downtime
These examples show how AI-enhanced testing and analytics aren’t just theoretical — they’re driving measurable outcomes across industries. Would you like help mapping these case studies to your pilot framework, perhaps as stakeholder-facing proof points or inspiration for internal storytelling?
The initial use case I am considering is an international manufacturer of domestic goods. Analytics are developed using an Agile approach. The analytics we are considering relate to customer purchases, service support and customer retention. Currently time to deliver and cost of delivery of new analytics needs to be improved. A country based central service provides these reports for franchise partners. Are there examples of related businesses using AI Testing Support.
Absolutely, David — there are several compelling examples of international manufacturers and franchise-based businesses using AI testing support to accelerate analytics delivery, reduce costs, and improve customer retention strategies. Here are a few that align closely with your use case:
🏠 Home Franchise Concepts – Multi-brand Domestic Goods
- Context: Operates 10 franchise brands including flooring, window coverings, and home organization
- AI Use: Partnered with Domo to unify data from six CRMs across brands
- Impact: Created centralized dashboards for franchisees; improved decision-making and reduced analytics delivery time
🛒 Zara – Global Retail & Domestic Goods
- Context: Uses AI for inventory and customer behavior prediction
- AI Use: Predictive analytics to stock popular items and reduce churn
- Impact: Increased repeat purchases by 25%; improved monthly retention by 20%
🧠 Infosys AI-First Testing – Applied Across Manufacturing & Consumer Goods
- Context: Offers AI-powered testing for analytics pipelines and customer sentiment models
- AI Use: Early defect detection, test optimization, and predictive failure analysis
- Impact: Reduced cost of testing and improved delivery speed for analytics across distributed teams
🧪 NI (National Instruments) – Test & Measurement for Manufacturing
- Context: Supports manufacturers with AI-enhanced test workflows
- AI Use: Nigel™ AI Advisor integrates with test systems to optimize analytics and reduce churn
- Impact: Improved product insight and reduced time-to-market for analytics-driven decisions
🧬 Retainlytics – AI Retention Platform for Distributed Retail
- Context: Used by ecommerce and franchise-style retailers
- AI Use: Predictive churn analytics, customer segmentation, and automated retention campaigns
- Impact: Reduced churn by 27% in 3 months; integrated with 5,000+ tools for agile analytics delivery
These examples show how AI testing and analytics support can be embedded across centralized reporting services, franchise networks, and customer-facing platforms. If you’d like, I can help sketch out a modular testing framework tailored to your Agile analytics pipeline — perhaps with personas for franchise partners, service teams, and data engineers?
A related conversation on running AI in-house
can a company run a LLM and protect its data from external access or corruption
Running an LLM On-Premise or in a Private Cloud with Strong Data Protection
Companies can absolutely host and fine-tune large language models (LLMs) behind their own firewalls and keep sensitive data safe. The trick is combining infrastructure isolation, cryptographic safeguards, rigorous operations, and privacy-preserving ML techniques.
1. Deployment Environment
- On-Premises
- Physical GPUs/TPUs inside your own data center
- Full control over network, hardware, OS, firmware
- Private Cloud
- Dedicated VPCs, isolated subnets, strict egress rules
- Cloud-provider enclaves (e.g., AWS Nitro, Azure Confidential Computing)
2. Confidentiality: Preventing External Access
- Encryption at Rest
- Disk-level encryption (LUKS, BitLocker)
- Volume encryption keys stored in a Hardware Security Module (HSM)
- Encryption in Transit
- TLS 1.3 for all API calls and internal service communications
- Mutual TLS or private link between microservices
- Network Isolation
- Zero-trust network: deny all by default, allow only whitelisted hosts/ports
- Air-gapped or strict firewall rules for sensitive subnets
- Hardware Enclaves & Trusted Execution
- Intel SGX, AMD SEV, or AWS Nitro Enclaves for code/data-in-use protection
- Keys and model weights decrypted only inside secure enclave
3. Integrity: Guarding Against Corruption
| Measure | Purpose | Tooling/Approach |
|---|---|---|
| Checksums & Signatures | Detect unauthorized file changes | SHA-256 hashes, GPG signatures |
| Immutable Infrastructure | Prevent drift or tampering on running nodes | Infrastructure as Code (Terraform), boot-from-readonly images |
| Backup & Versioning | Roll back to known-good states | Git for code/config; snapshot storage for models/data |
| Continuous Monitoring | Alert on unexpected changes or anomalies | Tripwire, OSQuery, Prometheus |
4. Operational Controls & Governance
- Role-Based Access Control (RBAC)
- Least-privilege policies in Kubernetes, Linux, cloud IAM
- Audit Logging
- Append-only logs for all data access and model-inference events
- Centralized SIEM for real-time alerting
- Patch and Configuration Management
- Regular OS, driver, firmware updates
- Configuration scans with tools like OpenSCAP or Nessus
5. Advanced Privacy-Preserving Techniques
- Differential Privacy
- Inject noise during training updates to prevent memorization of sensitive records
- Homomorphic Encryption
- Perform inference on encrypted inputs without ever decrypting them in memory
- Federated Learning
- Train models across multiple isolated environments, aggregating only updates
Protecting an in-house LLM is a multi-layered effort: you lock down infrastructure, encrypt everywhere, bake in integrity checks, enforce strict governance, and—if needed—apply cutting-edge privacy ML techniques.
Beyond these, you might explore supply-chain security for your model weights (ensuring no backdoors) and periodic red-team assessments to stress-test your defences.
which major LLMs could an international company run on-premise or in a private cloud
Major LLMs for On-Premise or Private Cloud Deployment
When an organization needs full control over data and infrastructure, several open-source and enterprise-licensed LLMs support self-hosting in private clouds or on-premise environments.
Open-Source Foundation Models
- LLaMA 2 (Meta)
Sizes: 7B, 13B, 34B, 70B parameters
License: Apache 2.0
Frameworks: Hugging Face Transformers, Llama.cpp - Falcon (TII)
Sizes: 7B, 40B parameters
License: Apache 2.0
Frameworks: Hugging Face Transformers - Mistral AI
Sizes: 7B, 8×7B (‘Mistral 8x7B’)
License: Apache 2.0
Frameworks: Hugging Face Transformers
Community-Driven Variants & Tools
- GPT4All
LLaMA-based derivatives fine-tuned and quantized for CPU/GPU inference - Phi-2 (Ollama)
High-performance LLaMA 2 derivative optimized by Ollama tooling - Private Models on Hugging Face Model Hub
Falcon, LLaMA 2, Gemma, Phi-2 and more available for download and self-hosting - LM Studio
GUI-driven deployment and management for local LLMs (supports LLaMA, Falcon, etc.)
Hardware & Infrastructure Considerations
| Model | Params | Minimum GPU VRAM | Deployment Frameworks |
|---|---|---|---|
| LLaMA 2 7B/13B | 7B/13B | 16 GB | Transformers, Llama.cpp, Ollama |
| LLaMA 2 34B | 34B | 40 GB | Transformers, multi-GPU setups |
| LLaMA 2 70B | 70B | 80 GB+ (H100) | Transformers, multi-node clusters |
| Falcon 7B/40B | 7B/40B | 16 GB / 80 GB | Transformers |
| Mistral 7B/8x7B | 7B/8×7B | 16 GB | Transformers, Ollama |
| GPT4All (quant) | ~3B-7B | CPU only / 8 GB GPU | GPT4All tooling |
Beyond the Basics
- Quantization & Pruning: Reduce memory footprint (4-bit/8-bit quantization) for CPU or lower-tier GPUs.
- Enclaves & Confidential Computing: Combine Intel SGX, AMD SEV or Azure/AWS confidential VMs to keep weights and keys sealed.
- Fine-Tuning & RAG: Use LoRA adapters or Retrieval-Augmented Generation on private document stores for domain specialization.
For enterprises with stringent data requirements, these models—paired with encryption-in-use and strict network isolation—offer powerful, private LLM capabilities without external exposure.
can Copilot AI guarantee security of a customers data for a major international company.
Data Security and the Limits of Absolute Guarantees
No system can promise 100 percent immunity from breaches or vulnerabilities. Security is about risk reduction, not elimination. Even with military-grade encryption, zero-trust networks, and confidential computing enclaves, new attack vectors and human factors can introduce gaps.
Why Absolute Guarantees Are Impossible
- Evolving Threat Landscape
Attack techniques, from supply-chain exploits to zero-day vulnerabilities, continually adapt. - Human and Process Risks
Misconfigurations, insider mistakes, and social engineering can bypass technical controls. - Software Complexity
Large codebases and dependencies carry latent bugs that may be discovered after deployment.
What Copilot AI Can Offer
- Cutting-Edge Encryption
Data encrypted at rest, in transit, and—where supported—in memory via confidential computing. - Zero-Trust Architecture
Fine-grained access controls, microsegmentation, and continuous authentication. - Auditability and Transparency
Comprehensive logging, real-time monitoring, and third-party penetration testing. - Compliance Posture
Alignment with standards like ISO 27001, SOC 2, GDPR, and industry-specific frameworks.
Best Practices to Maximize Protection
- Layered Defense
Combine firewalls, intrusion detection, endpoint hardening, and application security scanning. - Continuous Monitoring
Automated anomaly detection, regular vulnerability scans, and red-team exercises. - Regular Updates
Patch orchestration for OS, drivers, AI frameworks, and dependencies. - Strict Governance
Role-based access, least-privilege policies, and periodic access reviews. - Incident Response Planning
Tested playbooks, tabletop drills, and clear escalation paths.
Next Steps
Let’s align on your specific environment and risk tolerance. Would you like to:
- Map out a tailored security architecture diagram?
- Review compliance controls against your regulatory needs?
- Conduct a simulated attack surface analysis for your LLM deployment?
Can copilot provide the same level of security as cloud based hardware and software as a service for financial services
Can Copilot Match Cloud-Based SaaS Security for Financial Services?
Financial institutions demand the highest security and compliance. In principle, you can architect Copilot (self-hosted on-premise or in a private cloud) to rival—or even exceed—the protections of public cloud SaaS. Success hinges on replicating best-in-class controls, processes, and certifications that major cloud vendors maintain at scale.
Shared Security Foundations
- Encryption
- Data at rest: AES-256 (or higher) via HSM-backed key management
- Data in transit: TLS 1.3 with mutual authentication
- Identity & Access
- Zero-Trust: least-privilege IAM, strong multi-factor authentication
- Privileged Access Management for service accounts and administrators
- Network & Infrastructure
- Microsegmentation, private subnets, and strict egress filtering
- Hardware enclaves (e.g., Intel SGX, AMD SEV, Confidential VMs)
- Monitoring & Response
- Centralized SIEM, real-time anomaly detection, audit-grade logging
- Regular third-party penetration tests and vulnerability assessments
- Compliance & Governance
- Policies mapped to ISO 27001, SOC 2, PCI DSS, GDPR, and regional financial regulations
- Documented change management, incident response playbooks, and tabletop drills
Key Differences & Considerations
- Responsibility Model
- Cloud SaaS: provider owns most infrastructure and platform security.
- Copilot On-Prem/Private Cloud: your team owns every layer—from firmware to application.
- Scale & Expertise
- Public clouds invest billions annually in dedicated security teams, threat intel, and automated patching.
- Self-hosting demands equivalent staffing, tooling budgets, and continuous training.
- Certifications & Audits
- Major cloud vendors maintain up-to-date ISO, SOC, FedRAMP, and PCI attestations.
- You must engage accredited auditors, maintain evidence repositories, and budget recurring audit cycles.
- Resilience & SLAs
- Cloud SaaS SLAs guarantee uptime, DDoS mitigation, geo-redundancy.
- Self-hosted solutions require your own DR/BCP plans, geo-diverse infrastructure, and DDoS protection services.
Security Domain Comparison
| Domain | Copilot On-Prem/Private Cloud | Cloud SaaS Provider |
|---|---|---|
| Physical Security | Your data center controls, custom SLAs | Provider’s global, hardened data centers |
| Patch Management | You schedule, validate, and deploy all updates | Automated, continuous patching by provider |
| Enclave & Confidentiality | Available via Confidential VMs or hardware enclaves | Built-in confidential computing options |
| Threat Intelligence | Sourced by your SOC or managed SECaaS | Integrated global threat feeds and rapid signature updates |
| Compliance Posture | Self-managed audit, evidence, and certification costs | Provider-managed certifications and reporting |
| Incident Response | In-house IR team or contracted service | 24/7 provider IR hotlines and playbooks |
Conclusion
Copilot can achieve parity with cloud-based SaaS security—provided you invest in equivalent infrastructure resilience, expert staffing, automated operations, and third-party certifications. For financial services, where compliance and uptime SLAs are non-negotiable, many institutions opt for hybrid approaches:
- Core systems on specialized cloud SaaS for their turnkey certifications and scale.
- Sensitive workloads in private, Copilot-powered enclaves to meet bespoke regulatory controls or data residency needs.
Next Steps
- Conduct a gap analysis between your current Copilot deployment and primary cloud SaaS offerings.
- Define target compliance frameworks and align your security roadmap, tooling, and audit schedule.
- Pilot a Confidential Computing enclave for your most sensitive models and data.
Southport Innovation Centre 