printer friendly version

Onsite AI avoids cloud challenges

AI is everywhere and in everything these days; whether it is reliable or not, you have to mention it – and your AI strategy – or you are ‘behind the times’. The catch is that when using AI, we generally rely on a cloud-based system, which we know is not private nor secure. If you are asking the AI to update your CV, that may not be an issue, but when doing ‘work stuff’, we often expose private or sensitive information without knowing it.

Anyone involved in business security will know that there are risks in simply trusting your customer data or financial information to cloud systems, including cloud-based AI systems. Moreover, if you are going to rely on AI for business operations, you need to be sure that you do not lose connectivity, which loses access to your AI system.

US-based BlueFin has another plan for those looking to bring more AI in-house. “Most AI programs today depend on Wi-Fi or constant cloud connections, which can be a real liability for companies operating in secure or high-risk environments like airports, defence facilities, or healthcare systems. That reliance not only exposes sensitive data to external networks, but also creates a single point of failure if connectivity drops,” says Chris Chib, CEO of BlueFin Solves.

According to the company, BlueFin Solves is “dedicated to building AI that ships, scales, and delivers real impact”. Its portfolio includes Privora, a private GPT built for enterprises; Loopy, an AI sales rep that drives revenue; and VisionFleet, an enterprisegrade, scalable licence-plate recognition platform.

The company partners with organisations to “design and deploy advanced AI systems, from modern Agentic AI architectures to custom solutions tailored to unique workflows and data landscapes. Because not every enterprise trusts the cloud, its solutions are built to run onpremise, in the cloud, or in hybrid environments, delivering the flexibility and control of business demands.” SMART Security Solutions asked Chib for more information on what the company does and how it works.

How BlueFin Solves operates

SMART Security: An AI system that does not require a permanent connection to a remote data centre run by the service provider sounds secure, but what server/ data centre resources are needed to make this happen in a secure environment like an airport? Are clients required to invest in specialised technology? Is your solution designed to run on existing infrastructure or proprietary edge devices?

Chris Chib: We designed BlueFin’s architecture to run securely without a permanent internet connection because many of our clients – airports, defence facilities, and banks – require full data sovereignty. The solution does not depend on specialised servers. Instead, we deploy modular edge devices that integrate with a client’s existing IT infrastructure or can be installed as standalone secure nodes.

This approach removes the need for constant cloud connectivity, while retaining performance and security parity with centralised systems. For larger clients, we can also integrate with existing on-premises data centres using encrypted APIs, ensuring no sensitive information ever leaves the facility.

SMART Security: How would the customer ensure its AI is properly trained on its data? Most companies have both structured and unstructured data, and it is not always indexed or managed efficiently – it may even be physical documents. Also, how do you approach the initial training and customisation of your AI models for a new customer when their sensitive data cannot leave their facility for processing on your systems?

Chris Chib: BlueFin deploys a base AI model pre-trained on generalised business logic, then fine-tunes it locally using the client’s data: structured, unstructured, and even scanned physical documents. We integrate with existing document management systems, or, if needed, we provide tools to digitise and index physical archives.

All training and adaptation occur entirely within the client’s secure perimeter. Our engineers never access the raw data; instead, we provide encrypted training pipelines that run onsite. This ensures full compliance with data residency laws, internal governance, and confidentiality requirements, while still achieving a high degree of model accuracy and relevance.

Chris Chib.

SMART Security: What does BlueFin do to create the ‘basic AI’ which can learn about different companies’ data and processes? A bank can have an almost endless number of processes and process categories. How do you incorporate these into the AI? How much is automated and how much needs human supervision?

Chris Chib: Our foundational AI is built on a modular ontology that maps common enterprise processes such as finance, HR, customer support, and compliance to adaptable templates. These serve as the base layer that our system can then specialise through unsupervised and supervised learning.

Automation drives about 80% of this adaptation. The AI observes workflows, identifies document types, learns classification patterns, and builds relational context autonomously. The remaining 20% involves human-in-the-loop supervision to validate critical interpretations, particularly in regulated industries such as banking and healthcare. This hybrid approach balances autonomy with oversight, ensuring accuracy and reliability across complex enterprise ecosystems.

SMART Security: Is BlueFin’s vision to serve a specific high-security niche, or do you believe this localised model can challenge the cloud-centric paradigm in the broader market?

Chris Chib: We absolutely see BlueFin as more than a niche security solution. While our current deployments are in high-security sectors, airports, government facilities, defence, and finance, the long-term vision is to make localised AI mainstream.

As data privacy regulations tighten and cloud computing costs escalate, organisations are rethinking the economics of centralised AI. Localised AI delivers control, predictability, and compliance without sacrificing intelligence. We believe this model can complement, and eventually challenge, the cloud-first paradigm, especially as edge hardware becomes more powerful and affordable.

SMART Security: What specific security measures are in place to protect the physical devices at the client’s premises and the data it holds from internal threats, and of course, from malicious cybersecurity threats?

Chris Chib: Every device includes encrypted storage, tamper detection, and secure boot processes. We use AES-256 encryption for data at rest and TLS 1.3 for data in motion within the facility.

Beyond that, each deployment has layered access controls, multi-factor authentication, role-based permissions, and detailed audit logging. The system operates in a Zero-Trust framework: even if a network is compromised, AI models and data remain sandboxed and inaccessible.

SMART Security: Does the AI provide a chat interface, or can customers build custom interfaces for various business functions – sales, HR, IT, etc.?

Chris Chib: We enable customers to create their own custom interfaces tailored to department-specific needs. For example, HR might use a dashboard with document summarisation and compliance verification tools, while IT might use predictive maintenance interfaces. This modularity ensures the same AI intelligence can support multiple functions across the enterprise, all while operating locally and securely.

SMART Security: What services does BlueFin provide to get a customer up and running, and what happens when AI models/algorithms change or are updated?

Chris Chib: We provide end-to-end onboarding: hardware installation, system integration, and AI calibration with the client’s data. Once operational, updates and retraining are handled through encrypted update packages, approved and deployed by the client’s IT administrators, to avoid external data transfer.

When foundational models evolve, BlueFin releases modular updates that can be applied locally without disrupting operations. Our support team also provides lifecycle management, ensuring every client stays up to date with the latest algorithms while retaining full data control.

Find out more at www.bluefinsolves.com

Share this article:

Further reading: