Best Practices and Guidelines for ChatGPT and Similar AI Models

Best Practices and Guidelines for ChatGPT and Similar AI Models Applications Development Expand our code review processes and policies to encompass Generative AI tools in order to hold ourselves accountable. • Generative AI systems often produces example code that is not only inefficient, but in some cases completely insecure. • Generative AI does not have the ability to distinguish between "good" and "bad" code. • For the purpose of data loss prevention, it should be stressed that no proprietary source code should ever be entered into a public repository or AI systems. Microsoft CoPilot 365 Microsoft currently offers a more privacy focused version of ChatGPT called CoPilot 365 that is is currently being tested in a pilot program. This option utilizes Azure as its backend and operates within the Microsoft tenant. This system allows AI features within Office 365 applications such as Word, Excel, Powerpoint, and Teams. • Data sent to these systems would not be used to further train the public AI. Data access for these systems follow our current security policies. Deepfakes Deep fakes are artificially created media (video, audio, or images) that use advanced AI technology to replace a person's likeness with someone else's in a convincingly realistic manner. These sophisticated forgeries leverage AI systems to manipulate or generate visual and audio content that can be nearly indistinguishable from authentic media. Deep fakes pose significant threats to organizations: • Reputational damage - Fabricated videos of individuals making inflammatory statements or engaging in inappropriate behavior can severely damage an organization's reputation, even after being debunked. • Security breaches - Voice-cloning technology can be used in social engineering attacks to trick employees into divulging sensitive information. • Misinformation spread - Deep fakes can undermine trust in authentic communications from an organization. - Organizations may face legal challenges defending against or addressing Legal liability • harm caused by deep fakes impersonating their representatives. • •