Ensuring cybersecurity when using AI
The increased usage, availability, and popularity of AI tools, such as ChatGPT, Dall-E, Bard, etc., has stimulated great interest and has created many opportunities for academic utilization. In addition to these opportunities, AI also presents significant cyber threats and risks that need to be considered when using these AI tools.
Among the major risks is the sharing of sensitive information, including personal data, which must not leave the CU environment and should not be publicly accessible.
These guidelines apply to all Large Language Models (LLMs) and AI chatbots, including ChatGPT, GPT-n/x, Bard, LLaMa, BLOOM, etc.
Users should be aware that all queries/challenges posed in an AI tool are visible to the tool operators outside of CU. Employees should be familiar with and adhere to basic rules when using AI tools, and thus from a cybersecurity standpoint, the following guidelines should be followed:
- Do not use the same passwords for registration and logging in as you use for CU services and systems
- Pay attention to password requirements, such as a password length of 12 characters and thefollowing criteria:
- One uppercase letter (AKZSD)
- One lowercase letter (bsdijsd)
- One number (7291) and
- One special character (“.”, “,”, “@”, “#”, “%”, “!”, “$”, “&”, “+”, “-“, etc.)
- Do not store your login data in a web browser;
- Use two-factor authentication whenever possible;
- Do not provide in an AI tool confidential, internal, protected, or sensitive information, personal data, and other non-public information that should not be disclosed to unauthorized individuals;
- Do not provide AI tools with information that includes the university’s intellectual property
- User data cannot be used for training AI models unless users explicitly consent to such use and the use of data for machine learning/AI purposes is in line with university principles
This text was taken from the document Artificial intelligence (AI) Recommendations for the academic members of staff of Charles University