Is GenAI safe for my company?

Written By John Giglio

If you’re anything like me, you’re already tired of hearing about GenAI. It’s everywhere, which also means it’s in your board room and if you are a security professional…your boss is definitely going to ask you (if they haven’t already) how to secure it. Which leads us to our topic, is GenAI safe for use within my company?

Well, there’s good news and bad news. First the bad….whether you think they are or not, people in your company are already using it. They’ve all heard about it too and they have definitely tried using it in some way and have input information you probably didn’t want them to into their prompt. So that means, you no longer have the option to not allow it. You can try, but you will end up with a whole bunch of shadow IT while people find ways around your attempted block. Even if that means typing manually….for real….believe it…they will do it. It’s not malicious, they aren’t trying to steal data, they just want to do their jobs and they’re curious if this new tech can help them. So please, don’t take that road, I promise you it’s not worth it. It’s much better to enable people, even if that means using something you don’t fully understand. Ouch, yep….I heard it and it hurts me too, but security people don’t know everything and there’s a LOT to learn about GenAI. It’s ok to admit that and get started with learning. While you’re learning, it’s better to keep the data inside your organization’s boundary than to have shadow IT and find out the hard way that data got out. The cat is out of the bag, you can’t wait any longer to think about all the ways to control it. You’ll be in a much better spot by enabling it within your enterprise boundary and then monitoring how people are using it while you figure out how to control it.

Ok now for the good news, there have been MANY questions asked about “what happens with my data when I let my users use GenAI” because that’s what we care about at the end of the day. When we ask “is it safe” we really mean “is my data safe” because in order to do something useful, GenAI needs data. That’s of huge part of InfoSec, to keep company data safe. We’re not worried about the robots attacking us physically (yet), the main concern is about the data being input and used to train models. More good news, both major productivity suite company’s (Microsoft and Google) have a TON of material about how they handle that. Why did I mention those two specifically? Well, most people reading this are probably using one of them and that’s most likely where people in your company expect to/can/are using GenAI. I’m not going to go into detail here about how they answer that question, but there are two major themes that stand out. First, they don’t use your data to train their AI models. They both say that very clearly. Now…..whether or not you choose to believe that is another thing entirely and well, if you don’t trust your provider with your data then you should probably have already moved to something else because…. they already have all your data and you’ve been trusting them with all your files and emails for some time. We aren’t going down that rabbit hole, we will assume trust and be reasonably assured that our data isn’t being used. Honestly, I’m not sure why we worry about this one so much anyways, let’s say they were using it for training. Would we really object to that? We are fine with them storing and indexing our data for search, but we won’t trust them with things people type in to a prompt? We’d obviously want reassurances that the data is anonymized, etc, but I would argue they already do that and we already trust that boundary has been established. Data used for GenAI isn’t really that different. At any rate though, they don’t train on it so either way, all good.

Second, your data stays within your organizational boundary. Each provider defines that a little different but, essentially your GenAI data stays in your org much the same way as a resource that’s running in a cloud subscription/resource group/project stays inside your org. That is to say, there’s a logical boundary which you already trust and that same boundary is used for GenAI data to keep it from ending up in someone else’s hands. In fact, if you enable the Enterprise versions of GenAI (CoPilot for M365 and Gemini), your users can get better/more useful results because the AI can include information about other data like files that exist within your company instead of just using publicly available datasets and augmenting with web searches. Also, enabling/buying the Enterprise version is the only way to get the guarantee that your data stays inside your boundary. Another reason to enable it now, because in the free versions that your people are currently using, there’s no such agreement or guarantee where your data lives.

Now that we understand the two main themes, there are a whole lot of specifics to dig into like can we use our existing DLP tools for GenAI and how do we control what data people can see? Those are questions for another time, thanks for reading and you can look forward to more blogs from me with more of these details in the future! In the meantime, if you have questions, please reach out. I love to talk about security and I’d welcome the opportunity to help each other be better at security. Iron sharpens Iron. Let’s talk!

John Giglio