Stay Sharp While Using AI
- January 29th, 2024
- in Security Alert, Software News
As AI grows in popularity, staying aware of potential risks and challenges associated with these powerful technologies is essential.
AI undoubtedly provides significant value to daily tasks and research, but it is crucial to exercise caution and diligence when leveraging AI products. The data input into these tools is often used to train future AI models. The saved data poses a risk of accidental release to external parties querying the same tool you are using or simply as a third-party breach risk. Some tools have lenient privacy or security policies that do not sufficiently protect The University’s data or users’ privacy.
OIT would like to emphasize a few key considerations when using AI tools:
Consult OIT for Guidance:
- In situations of uncertainty or when navigating the complexities of AI integration, please contact the Office of Information Technology (OIT) for guidance by emailing us at itsd@ua.edu.
Exercise Caution with Your or Someone Else’s Personal Information
- Sensitive information should never be entered into AI tools. Examples include your email, CWID, Social Security Number, or medical records.
Secure Evaluation of Communication Tools
- In the case of AI meeting, email, or calendar management tools, use test accounts that lack access to sensitive or restricted information. Third-party tools may utilize meeting recordings or other participant data to train their models or for other purposes, which is why it is important to limit these tools’ access to UA data.
- Avoid having meetings where confidential matters are discussed until the tool’s security and privacy features have been thoroughly vetted.
- Do not link AI tools to your work email account unless The University has a contract with and is providing that tool. This is crucial to prevent potential breaches of FERPA, HIPAA, and other regulatory requirements.
Prioritize Software Solutions on OIT’s Website
- Before using AI tools online, ensure that The University does not already have a similar solution at oit.ua.edu/software.
By sticking to these guidelines, we can proactively avoid or minimize risks associated with AI and keep The University of Alabama safe from cyber attacks or data breaches. Faculty should also consult the guidelines provided by Academic Affairs as a resource. As we collectively strive to leverage the benefits of AI, we must prioritize the security and privacy of our data.