Artificial Intelligence, or Large Language Models (LLM), are already changing the way we work.

Whether it is people dabbling in the recent GPT-4 hype to create their own code, prompt engineering to see how AI can be pushed to the limit, or even using it for nefarious purposes, one thing is crystal clear: nobody is exempt from preparing to deal with AI.

If you are a business owner, decision maker, or responsible for your organisations IT systems, you will likely be researching this topic already.

Why do you need to prepare?

AI is only as good as the data that it is trained on, and similarly, your endeavours with AI will only be as strong as the foundations upon which it is built. In plain English, this means that you have to take steps to ensure that your organisation’s data is properly secured, that your AD accounts have suitable permissions, and that you have proper process in in place to manage user’s usage of AI – especially if this risks data loss.

Here’s an example:

If permission creep is a thing as your organisation (where AD accounts are copied from other AD accounts when they are created – therefore inheriting all of those permissions), the use of AI could be devastating.

Imagine that you begin to train an AI model on your organisation’s data, and users begin to use it to help them with day to day tasks as a knowledgebase assistant. Then imagine that a user begins to ask it probing questions, and suddenly, the AI model returns details of all employee salaries, or worse.

The AI/LLM is not at fault here – as it will respect all existing permissions – which is exactly what it is designed to do.

How do I prepare my organisation?

So, how could the above example have been avoided? By taking appropriate steps to prepare for AI, which include:

Step One: Commission a review of AD user structure and permissions

Step Two: Commission a review into SharePoint & Teams structure, permissions, and how documents are managed and stored

Step Three: Use Data Loss Prevention (DLP) and other controls to help keep sensitive data secure

Step Four: Most importantly, user awareness campaigns, to ensure users are storing & sharing documents correctly

While there are numerous risks and actions to take when thinking about embarking on any AI initiatives, performing the above housekeeping as a very first step will help to reduce the risk which exploring any new and emerging technology presents, giving you a much better chance of avoiding future problems.

Good luck!

Louis Arthur-Brown, Head of Cloud & Managed Services at Codestone Group