Samsung announced on the 9th that it will officially introduce external generative AI tools such as ChatGPT, Gemini, and Claude to all of its affiliates this month.
This is a core step in its “AI transformation” initiative, which applies AI across the entire spectrum of the eight major business functions: development, purchasing, manufacturing, logistics, marketing, sales, services, and management support. Each affiliate’s CEO will directly lead the push for innovation.
The scale is substantial. More than 50 presidents will begin a two-day intensive training program, the “AX Boot Camp,” this month, while about 2,300 executives will receive training in stages through August 12. Training for all employees will be completed within the year. In effect, Samsung is declaring that it will use external AI across the company.
Samsung is the very company that first blocked external generative AI most strongly. In April 2023, after an employee at its semiconductor division input equipment source code and meeting notes into ChatGPT, causing information to be transferred to an external server, the company imposed a full ban on generative AI access from company PCs in May that year. A warning that once-entered data could not be retrieved or deleted led 65% of employees surveyed internally to agree that it posed a security risk.
Now, three years later, the company has lifted that restriction itself. Samsung emphasizes that it is not ignoring security this time either. It has clearly stated its policy of simultaneously allowing external AI companywide while refining its security framework. The strategy is to broaden use while controlling risk—an attempt to have it both ways.
What has changed, then? External AI today is not the same as it was three years ago.
What Samsung feared in 2023 was, more precisely, “consumer” generative AI. Many free chatbots used by individuals were structured so that user input could be fed back into model training. Concerns that a single line of source code pasted in carelessly by an employee could become part of the model and appear in someone else’s response were not overstated.
The external AI companies now use is different in nature. According to the security industry, paid enterprise environments have made it standard contractual practice not to use input data as training data for the service provider’s models.
Data retention periods can also be set to near zero, and functions that keep data isolated within a company-specific environment are now close to standard. As the technical premise has changed, the equation that “using it means leaking data” has been weakened.
Samsung appears to be operating on that premise. The company has not disclosed exactly which tier of service it is adopting. However, it has made clear that full external AI access will be accompanied by enhanced security controls, and it has already conducted proof-of-concept tests from April to May with 2,500 employees in the Device Experience division to evaluate candidate services.
This is not a model in which all employees can immediately use the tools freely. Since the plan is to open access gradually after establishing operational procedures and security systems, industry observers believe this implies a controlled enterprise environment.
The balance of judgment has also shifted. The cost of blocking AI is now greater than the cost of not using it. If competitors write reports, generate code, and analyze markets with AI while one company remains stuck on a ban, the productivity gap widens.
That is why Samsung has chosen a two-track approach that runs its in-house model, “Samsung Gauss,” alongside external general-purpose AI. Sensitive internal data is handled by its own model, while the latest general-purpose capabilities are brought in from outside through a division of labor.
This trend is not unique to Samsung. The industry expects domestic companies’ generative AI adoption rate to rise from 55.7% in 2025 to around 85% this year. The age when blocking was the default is ending, and the new question has become how to use AI safely.
The fact that top management has taken the security issue directly into a business agenda rather than leaving it to the IT department signals something else as well.
The optimism is straightforward. If enterprise accounts contractually prohibit training use, and if control tools are layered on top to intercept data leakage, the risks can be reduced to a manageable level. This camp starts from the belief that not using AI poses an even greater risk.
The counterargument focuses on the gaps in the technology. Even if enterprise contracts prevent input data from being used for training, they cannot stop employee carelessness. The security industry points out that traditional data loss prevention (DLP) systems become ineffective in front of generative AI.
Conventional DLP solutions are designed to guard the exit points where files are attached and leave the system. But if an employee directly types sensitive information into a prompt window or pastes it in, no file is transmitted. That is “fileless leakage” that slips past the monitoring net.
There are also new threats. A representative example is prompt injection attacks, in which malicious instructions are subtly inserted to make the AI divulge internal information. Shadow IT, where unauthorized personal accounts are used secretly, is also outside the control perimeter. In one survey, nearly half of employees were already using AI tools routinely. That means instructions simply telling people not to use them cannot reverse the trend.
That said, tightening controls indiscriminately is not the answer either. Industries working with AI-specific DLP say that if systems are set to block from the outset, false positives that hinder normal work and employee pushback will flood in. Technology is only one part of the shield; in the end, people and rules must support it.
The implications of this decision do not stop with Samsung alone. It signals that the old equation of “blocking equals security” is being shaken.
Completely eliminating risk is impossible to begin with. Security itself is shifting toward making risk visible and reducing it to a manageable size.
The fact that a large conglomerate has officially embraced “full permission” becomes a reference point for latecomer companies. A two-track structure combining in-house and external models, governance directly overseen by top management, and layered defense built from both technology and training are likely to solidify into a new standard formula.
The remaining questions are speed and disparity. Large corporations with capital and personnel can build a full-stack security system on their own. Companies without those resources cannot follow the same path. At this point, concerns arise that the AI adoption gap could become a security gap, and then a competitiveness gap.
So what is the answer to the core question: how can companies use external AI while protecting security? The answer lies not in a single mechanism, but in layered design.
The outermost layer is contracts and accounts. If a company adopts enterprise licensing instead of free consumer versions, it can prevent input data from being used for training and directly control data retention policies.
It is a starting point, but not a free one. Enterprise accounts cost around $30 to $40 per user per month, which means that for a workforce of 4,000 employees, annual costs exceed 2 billion won. It is the first choice for organizations that can bear the expense.
The next layer is input-time control. Since information leaks through prompts rather than files, the defensive line has to move to that point as well.
AI-specific DLP tools and secure browsers can detect and block attempts to enter resident registration numbers or source code the moment an employee tries. The security industry recommends not turning on block mode from the beginning. It is better to first monitor what is flowing through one or two channels, then gradually move toward blocking after standards for distinguishing normal from risky behavior have been refined, as this reduces false positives and resistance.
The inner layer is data governance. Unless companies classify which information is sensitive and attach labels, no control mechanism will be effective. Organizing who can access which data and narrowing permissions to the minimum should come before technology deployment. Safeguards only work when the object they protect is clearly defined.
Structural design also matters. As in Samsung’s two-track model, separating tasks that may be sent outside from those that must never leave, and processing sensitive data in an in-house model or within a closed network, is effective. Keeping the most dangerous data off external channels from the start is the most reliable form of control.
The final layer is people. Samsung’s educational philosophy that “the CEO’s AI literacy determines success or failure” is not an exaggeration.
Contracts and DLP are both powerless against a single careless act by an employee. Training that makes it second nature what may and may not be entered, along with a dedicated team to catch violations, fills the last gap in the multilayered defense.
The problem is small and medium-sized enterprises. For those without the massive investment and dedicated staff needed for a full-stack security setup like a conglomerate’s, such a system is a pipe dream. The realistic path is not building in-house but subscribing.
Simply renting a proven enterprise service that defaults to no-training use, then adding a one-page internal guideline specifying prohibited input items and a short employee training session, can significantly lower the risk of incidents.
Considering that security audits can cost several million won and smaller deployments also begin in the hundreds of thousands of won, making use of the government’s AI support programs for small businesses can help ease the burden.
In the end, the essence of security lies not in tools but in rules and people. As the era of blocking gives way to the era of control, how external AI is used is no longer just a task for the IT department.