Risks and Best Practices for Using ChatGPT and Generative AI Tools
By DET IT - Published May 15, 2023
Photo by Zac Wolff on Unsplash
By DET IT
Dear Colleagues, Generative AI technology like ChatGPT is becoming more and more popular and using these tools can improve our work efficiency. However, there are also some risks as this technology cannot verify the accuracy of content, which may lead to inaccurate or misleading content or even copyright infringement. Therefore we recommend to use AI tools cautiously, and judge whether the generated content is both correct and legal.
Using this technology may also the following information security risks: • Data leakage: Entering the company's confidential or sensitive information into the generative AI service will bring about the risk of data leakage. For example, in different incidents employees of the South Korean tech giant Samsung are suspected of leaking company secrets from using the AI chat robot ChatGPT. • Malicious program attack: Arbitrarily downloading and installing the execution file or plug-in of a generative AI tool may cause your computer to be implanted with malicious programs such as viruses and spyware. Recently, the security vendor Veriti discovered that hackers used ChatGPT and Google Bard as bait to spread the Trojan horse program RedLine Stealer on users' computers.
To ensure the security of company information, please be careful when using generative AI services, and pay attention to the following precautions: • Do not enter company confidential or sensitive information into any generative AI services. This includes company trade secrets related to R&D and production, customer information, financial information, personal identity information etc. • Do not use your company account to register any generative AI service, and avoid using the same password as the company account for any generative AI technology service. • Do not download generative AI tool execution files or install free software arbitrarily. When users find that their computers are suspected of being infected by viruses or data is lost or encrypted, they should immediately notify the information security department for follow-up processing.
If you have any issue when using generative AI services or tools, please contact IT Data Governance via ITDATA@deltaww.com. If you have noted any information security risks or suspicious events, please escalate the issue to IT Security via ITSecurity@deltaww.com. If you have any question, please contact ITSecurity@deltaww.com Thank you!