[San Francisco, United States = DigitalToday reporter Chi-gyu Hwang] As enterprise companies expand AI adoption, control and management have also emerged as major issues. There is a growing consensus that without proper controls, AI will struggle to take root at enterprise-scale companies, even if that might not be the case for individuals or small businesses.

At the same time, some say that strengthening controls over AI too much can be a burden from the standpoint of user experience. If control mechanisms are set too tightly, a paradox can emerge in which AI becomes difficult to use properly. That is why AI governance should be based on practical controls.

Data platform company Snowflake also appears to be accelerating support for balancing data governance with the use of AI.

Prasanna Krishnan (프라사나 크리슈난), head of Snowflake’s Collaboration and Governance solution Horizon business, met with a reporter at the company’s annual Snowflake Summit conference in San Francisco. "If governance is too strong, it blocks use, and if there is none, control collapses," he said. "Granular controls and automated settings make that balance possible," he added.

At this year’s summit, Snowflake unveiled new features to support collaboration with AI and data under controls. They include zero copy sharing, which allows direct access without copying or moving data, and open sharing, which enables data sharing even without a Snowflake account.

"Zero copy sharing does not replicate data, which reduces the governance burden and enables immediate access," Krishnan said. "Fidelity is requiring that all external data coming in be received only in a zero-copy way," he said.

Open sharing focuses on expanding the existing scope of sharing to users outside Snowflake. "Both zero copy and open sharing are headed in the same direction in that they broaden the scope of collaboration without moving data," Krishnan said.

At the summit, Snowflake announced updates to its data governance platform Horizon Catalog, focusing on integrating AI agent governance, data contextualisation and security.

Krishnan said the core of the update can be summarised in three areas: connecting enterprise-wide data assets, Horizon Context and governance.

First, the update makes it possible to connect all data within a company to Horizon.

"Even if data is outside Snowflake, Horizon can pull metadata and apply a single context and governance," Krishnan said. "Even if Iceberg tables are in an external catalog, Snowflake can apply masking and governance as-is through Polaris and the Iceberg API. Data stored in the AWS Redshift data platform can also be queried through Cortex," he said.

Horizon Context supports AI in understanding a company’s business context. It collects metadata across enterprise data assets and then enriches it by including lineage, or data-flow information. The focus is on having that context automatically activated when running AI queries or business intelligence queries.

"Through its automatic semantic view generation, Snowflake automatically collects existing metadata and business definitions in BI tools to create a draft semantic view, and people only need to give final approval or make partial edits," Krishnan said. "Cortex Sense analyses query history within Snowflake to identify relationships among data. The more usage increases, the higher the accuracy," he added.

On governance, Krishnan said, "Without governance, companies are reluctant to adopt AI in the first place." "The difficulty of configuration has long been a stumbling block," he said, proposing "intent-driven governance" as a solution.

Under intent-driven governance, users describe in natural language what governance they want, and Snowflake defines the specifications and generates the relevant SQOL. It then continues monitoring and sends alerts if situations arise that deviate from the intent.

"Governance design is divided into three stages: discovery, protection and audit," Krishnan said. "First, identify where sensitive data is, and apply granular access controls such as column masking. Even when an agent queries data, masking settings can be configured differently depending on the role. In the final audit stage, you can verify and distinguish whether the data was queried by a person or by an agent," he said.

"For all members within a company to gain insights from data and take action, AI models alone are not enough," he said. "Along with AI models, you need a well-managed data foundation, the ability to call tools and applications, and an orchestrator that coordinates them," he added.