InDevMinedPostMarkAI
TH

LLM Gen AI and Security

learning
Published 2024-05-18
POST

img-PY66Wa99IDGn9sUOhW3sNgqT_upscayl_2x_realesrgan-x4plus-anime.jpg

After previously sharing ideas about what Generative AI can do, today we will continue with considerations regarding security 🔒 when using Gen AI in the workplace. For those planning to incorporate Gen AI into their organization or use it with sensitive data, please read on 📝.

Gen AI tools are developed to enhance our work efficiency. However, besides considering how they can help us, we must also think about security 🔒, such as:

1️⃣ The data entered into Gen AI should consider user information security (PII), especially sensitive data 🔒. We should not directly send such data to Gen AI. Important data should be removed or replaced with other information first. For instance, if the user’s name is Alpha, we might change it to A before sending the data to Gen AI for processing 🔍. Additionally, we should be cautious of malicious users who may input data that could be misused. Therefore, a data screening process before inputting into the system is necessary.

2️⃣ The data generated by Gen AI may contain inappropriate or negative terms due to the initial training data. Sometimes, even with well-phrased questions, the answers received may include such terms. Thus, there must be methods to review and filter the content before passing it to users 🔍.

For more information on points 1️⃣ and 2️⃣, try searching with the term "Guardrail.”

3️⃣ Another aspect to consider when using Gen AI through various services is that the text we send may be used for further training or other purposes. Therefore, we should evaluate the importance of the data we send and thoroughly check whether the service we use further trains on our data. Generally, when we use Gen AI Chat from providers like OpenAI (chatgpt.com) or Google (gemini.google.com), the data is used for further training, which we may not desire 😕. Hence, we should consider using other versions that do not do this, such as using OpenAI's Playground instead. If still concerned, these services also offer options to run AI on our own devices, adding an extra layer of protection and controlling access to that device 💻 to ensure that no data is secretly sent elsewhere.

These are the examples prepared. All of these are just initial considerations. If planning to use Gen AI seriously in an organization, it’s advisable to study further and thoroughly before implementing it.

In this era where Generative AI plays a significant role, we should learn and understand it well to use it safely and efficiently. I hope this post provides new perspectives on using Generative AI and the precautions to be aware of 😊.