As organizations increasingly adopt AI tools, it’s crucial to implement basic safety measures to help maintain your competitive advantage, prevent costly breaches, and preserve client trust. But there are so many considerations, where do you start? Here are six essential AI safety tips every leader should follow:

1. Choose Which AI Tools You Will Trust with Your Data

There are third-party tools that offer features such as recording and summarizing meeting notes, ingesting all your data to augment their responses, and more.

Review their privacy policies before you use the tools. If it states the tool and company keep your information private, but then explains they share data with third parties over whom the provider has limited control, treat the tool as having no meaningful privacy protections.

Sharing sensitive information such as your customers’ information, business practices, or anything else you want to protect, with third parties can be concerning, as it could go anywhere those third parties want to share it.

That’s why some organizations stick with the primary chatbots that are under more scrutiny. But don’t give up on the third-party tools; some of them can be very useful. Just be sure to weigh the risks of sensitive data exposure vs. the benefits.

2. Clear Your Chat Histories Periodically

Chat histories are very useful for going back and picking up conversations where you left off, potentially weeks or even months later. The reality is, even with a search function, it can be difficult to go back and find a specific chat when you have too many to look through.

The reason to remove old chats is so that a threat actor cannot read them if they break in with your login information or another way. If you don’t need the old chats, remove them.

Some chatbots state that they will remove your chats 30 days after you delete them. Because they can change frequently, always check the current policy for all tools.

Some enterprise subscriptions to chatbots permit your IT department to set policies to automatically delete all chats older than the number of days you specify.

3. Disable Automatic Sharing of Meeting Notes

Meeting notes are unreliable until a human edits and finalizes them.

If you’ve used AI at all, you’re familiar with the term hallucination. Participants in the meeting know the context of the meeting; AI must attempt to figure that out. AI tools are often designed to estimate and present the most likely meaning of conversations, even when they’re not certain.

If you have a meeting where people use a lot of words like “it,” “they,” “that,” “thing,” and so on, AI sometimes guesses what they mean, and it might get everything so wrong that the summary is inaccurate. Sometimes it can get the meaning in the notes that’s exactly opposite of what was really discussed.

A key step is to disable the automatic sharing of meeting notes after the meeting finishes. The meeting notes must always be reviewed by a human, preferably you, so you can correct any mistakes in the meeting summary before sending them out. There may be people who make decisions, important ones, based on the meeting summary. Meetings contain tasks assigned and accepted, status of decisions, and other key information, so it’s essential to confirm the accuracy of the summaries.

Some organizations have elected to completely omit recording meetings to protect the privacy of the meeting and prevent inaccurate summaries from leaving their organization. If they do have AI make notes, they think twice before sending them to someone outside the organization. If meeting notes or a summary contain misinformation that leaks, you have no control of information already sent.

4. Anonymize Member or Client Information When You Give Information to AI

For example, if you’re creating a sensitive email to someone who’s upset, you might substitute a fictitious name for the person’s real name and the organization’s name, just in case there’s an information leak. Anonymization can be very simple: just use the word “Jim” where you would normally use “Tom.” This one’s up to you, but some people sleep better at night knowing they didn’t put their customer’s actual name into the AI tool.

Then, after you finish tuning up your correspondence, before you send out that message or that document, you simply do a find-and-replace to restore the names of the person and the company to their correct names. And you’re doing that outside of the AI tool.

Many people forgo anonymization most of the time because it adds two extra steps, but they use it in special cases. Keep in mind that changing people’s and organizations’ names might still not be enough to anonymize the discussion if you enter a unique event, location, project name, or another bit of context that ties back to the actual person or organization.

5. Disable the AI Model’s Training Features in the Settings

The most common concern I hear from business executives is that their organization’s sensitive information will leak into the public domain. The term “training” describes a large language model learning from your chats. If you provide information such as a customer list and the training or learning is disabled, the chatbot should not remember your sensitive information or share it with another user at another company, unbeknownst to you, anywhere on the planet.

Most chatbots allow you to disable learning or training based on the information you enter, and sometimes the training setting is “off” by default.

Disabling training typically means your data is not used to improve the public AI model. There is no guarantee that data isn’t stored, reviewed by a human, or exposed through a security incident.

6. Always Use Strong Passwords and Multi-Factor Authentication on All of Your AI Accounts

If a stranger or other unauthorized party were able to log in to your chatbot account, they could read all your saved chats and learn a lot about you and your organization. They can craft fraudulent email messages so accurately that you or members of your team would fall for them without hesitation. Threat actors could also use your chatbot in unethical ways that would appear to be you. You could get locked out of your account for misbehavior. Another risk is that threat actors are designing tailored prompts that cause chatbots to bypass their alignment boundaries. Furthermore, attackers can use compromised chatbot accounts as a trusted pathway into systems and data. Just as you benefit from AI’s power, the attackers can use your AI’s power against you.

As with any website or service, use the strongest sign-in protection the chatbot supports. Using a password alone is considered insufficient authentication protection. Passwordless multi-factor authentication is usually the strongest option available and relies on your phone, fingerprint, facial recognition, a physical USB key, or another method that doesn’t require entering a password but still has more than one factor.

If the login doesn’t support passwordless login, using an authenticator app on your phone with number matching is sometimes the next best option.

If an authenticator is not available, use a text or email message as your second factor. It is far better than having no multi-factor authentication.

Always remember that authentication protection, no matter how advanced, is not immune to threat actors using techniques to bypass MFA. Always be wary of unexpected login prompts, as they may be attempts by a threat actor to gain access through you.

Conclusion

Those are some basic AI safety tips for leaders. These are all very simple to accomplish, and there’s a good chance you’re already doing most or all of them. Please forward this to your friends so that they can make sure they’re following these steps too.

About the Author

Mike Foster, CISSP®, CISA®
Cybersecurity Consultant and Keynote Speaker
📞 805-637-7039
📧 mike@fosterinstitute.com
🌐 www.fosterinstitute.com

Mike Foster is a leading cybersecurity consultant with decades of experience helping organizations across North America secure their digital assets. He holds CISSP® and CISA® certifications and is the author of The Secure CEO. As the founder of The Foster Institute, Michael has delivered over 1,500 keynote presentations and consulting engagements, equipping executives and IT leaders to strengthen their cybersecurity posture and defend against evolving threats.

The post Six Essential AI Safety Practices for Leaders appeared first on Foster Institute.

Logins often go like this:
1. User enters a password
2. The user receives a text message with a code to confirm it is them

That second step is called MFA (Multi-Factor Authentication).

Entering numbers is frustrating, so some organizations use push notifications:
1. User enters a password
2. The user has an authenticator app asking, “Is that you trying to log in?” The user can click “Yes,” and they’re in. If it is an attacker, the user can ignore the alert or click “no.”

Attackers are overwhelmingly bypassing push notification protection. Here’s how: Once the bad guys obtain the user’s password, they make frequent attempts to log in, sending many alerts to the targeted user’s phone. The user is annoyed by the interruptions. Sometimes, users click “approve” to stop the annoyance. They don’t realize they are allowing an attacker into the system. This phenomenon is known as MFA fatigue.

If you use push notifications, ensure that your push notifications require the user to enter at least two digits displayed on the device where they entered the password rather than simply pressing the approve button in their phone app. This verification helps prove the user has the device. The process becomes:
1. The user enters a password on the device they’re logging into.
2. The user has an authenticator app asking them, “What code is your device displaying?” The user enters the code, and they’re logged in.

Microsoft calls the process “Number Matching.” Duo calls it “Verified Duo Push.” Okta calls this a number challenge.

If you use push notifications, enable some form of number matching verification ASAP to combat MFA Fatigue.

Please tell your friends to be sure they know this hidden danger and can tighten security in their organizations.

The post MFA Fatigue: The Hidden Danger and How to Combat It appeared first on Foster Institute.

You assign your IT team the responsibility to secure and manage the keys to the vehicles, so you give each member of your IT team a copy of the master key.

Here is where it gets crazy: Suppose that there is a well-known tradition, in all companies, for IT professionals to store their master keys in the top drawer of their desks. Unfortunately, if someone wants to steal a vehicle, they know right where to find a master key. They can take all the cars once they gain access to the master, and they know exactly where to find it.

In the real world, your IT team has the responsibility to secure and manage your most sensitive data. In doing so, they have the master keys that unlock all the other keys. It is a tradition to give all IT professionals, and even outside consultants, keys to the master lockbox. The shocking part is that all IT professionals are encouraged to store the master keys in the same place, in the default well-known security groups named schema, enterprise, and domain admins.

Your IT team must create new security groups, with different names, in which to store the master keys. It is crucial that the new groups only provide specific privileges to member users on a need to know basis. It is ok if this strategy is new to them.

To measure this, ask your IT professionals to show you what users are members of those default security groups. Discuss moving those users into specific groups that provide the least amount of access they need to perform their work. Depending on the complexity of your system, this may take more time. IT professionals are always busy, so discuss with them their current projects, then prioritize this essential security improvement accordingly.

Storing master keys in a well-known location is absurd, and it is likely that you are doing that now.

The post The Insanity of Your Network – Storing Keys in the Same Place as Everyone Else appeared first on Foster Institute.

Using plain letters is enough; numbers and symbols are optional.

Passwords need to be long, at least 8 characters. 16 or more is better.

You don’t have to reset passwords unless you suspect a data breach. Wow!

However, passwords cannot match a database of stolen or easy to guess passwords. And, your login mechanism has to have a way to verify that.

That’s the basic gist. You can read the details in the NIST Special Publication 800-63 at https://pages.nist dot gov/800-63-3/sp800-63-3.html It covers secret questions, two step login, etc.

Now, hopefully PCI and other standards will update their rules too.

Please forward this to anyone who is sick of complicated passwords and having to change them every 90 days.

The post Make Life Easier – Go Back to Easy Passwords appeared first on Foster Institute.

The most important thing about the OneLogin breach: It affects you and everyone else, not just the 2000 customers of OneLogin.

If you store information in the cloud, including information your customers entrust to you, and if your cloud provider uses OneLogin internally, then your sensitive information could possibly be accessible as well. Cloud based service providers you use every day might use identity management.

This is another example of how someone else’s breach can hurt you, including exposing your customers’ sensitive information.

The big question is: How long have attackers had access? Thank goodness OneLogin at least identified that they’d been breached. Are any other identity management firms breached and don’t yet realize it? What are attackers accessing around the world using stolen passwords?

Please forward this to anyone you know who may not realize that these single points of failure, holding login information for many services that even your service providers may use internally, are very attractive targets for attackers. One successful attack results in a goldmine of information, including yours.

The post Online Password Warehouse, OneLogin, Discovers Massive Breach appeared first on Foster Institute.

Password managers are very helpful since they make it so convenient to be secure, and can greatly simplify and speed up the login process at websites. Many people feel password managers are worth the risks, especially when the risks can be minimized as summarized below:

First, as you can see, there is no guarantee that password managers are perfect. Never store super-sensitive passwords into your password manager. Store them in your head.

Second, enable two-step verification on all websites. Then, if an unauthorized person obtains your password, they will have a difficult time logging in, if they cannot perform the second step.

Third, one of the ways to launch the exploit involves tricking the user into clicking a link, such as a link in an email message, or getting a script to run on a web page as the user visits the page. Using click-to-play can greatly minimize those risks.

To learn more about the first two, see last week’s newsletter posted at www.fosterinstitute dot com/blog/your-iphone-and-ipad-are-in-danger. Never mind the title; the content addresses the first two steps listed above even if you use Windows or Android.

As for the third point, we’ll cover click-to-play next week, or you can simply google those terms and get started right away.

The announcement came from LastPass, and don’t panic if you use it. LastPass says the exploit is very difficult for an attacker to use, but not impossible. Resetting your passwords is not going to help, yet. Only after LastPass develops a patch, and then only when LastPass on your computers are patched. LastPass said this only affects users using the LastPass extension in Chrome, but that researchers have used the exploit in other browsers too. Email us if you want more technical details.

Please forward this to anyone you know who may use a password manager or lets their browsers remember their passwords.

The post Alert – A Popular Password Manager Has Serious Security Flaw Right Now appeared first on Foster Institute.

You’ll enter a username, and your phone will buzz to ask you if it is really you who is attempting to log in. Just keep your phone with you, and passwords may be a thing of the past.

But protect your phone so that an unauthorized person doesn’t gain access to it. Would you be willing to risk it? At least nobody thousands of miles away would come to steal your phone. But what about someone else in your office that gains access to your phone and approves a bogus logon so they could do you harm?

The obvious less convenient, but more secure, solution is two-step logon where you enter a user name and password, then your phone buzzes asking you to confirm. Someone else stealing your phone won’t help them at all, as long as they don’t know your password too.

The post No More Passwords appeared first on Foster Institute.

It is easy to become numb about the news of stolen passwords. In the biggest discovery, so far, more than 420,000 websites have been hacked – and they are just finding out about it now. What if yours is one of the 1.2 billion stolen passwords?

Changing passwords frequently helps – but it is an inconvenience. Today is a good time to do it anyway – especially for banking, medical, and the most important sites.

Password managers can help you – they remember your passwords for you so you can have a different password at every site. Therefore, you only need to remember one password, the password to your password manager. Choices abound including LastPass, DashLane, Roboform and many others. There are “enterprise” versions to use in your company, and they are inexpensive.

Yes, there is a tiny risk that an attacker might breach the password manager, so you may decide to keep your banking credentials in your head, but use the password manager for other sites.

Perhaps the best solution is “multi-factor authentication” also known as “2-step” verification. Then you may not even care if someone else knows your password. An example of this solution: You enter a username and password into a web site, and then your mobile phone buzzes and tells you to enter the code such as 777888 to complete the login process.

Now an attacker would need to steal your mobile phone too before they could log on with your username and password. Obviously, if the attacker is in another country, then it is more difficult for them to steal your phone.

DropBox, PayPal, Google Apps, and many other sites already support multi-factor authentication – you just have to “turn it on.” See https://www.google.com/landing/2step/ to set up your Google account’s 2-step verification.

However, even multi-factor solutions are not perfect. One example, among many others, is how it was possible to bypass PayPal’s multi-factor authentication if you logged into EBay first.

By the way, in case you have eaten there, P.F. Chang’s published a list of restaurant locations that may have been breached: http://pfchangs.com/security/#locations

Change your passwords, get a password manager if you want to, and inquire about multi-factor authentication at the websites that contain your sensitive data.

Please post your comments below…

The post What to Do About Your Passwords appeared first on Foster Institute.

Before it is too late, contact your IT Professionals, be they in-house or outsourced, and ask them to show you the administrative passwords to your network, the admin passwords to your databases, the password to all of your applications, and any other passwords that provide access to anything you wouldn’t want an attacker accessing. (It is often best “not to know” each user’s passwords – this is about the administrative passwords).

Remember IT Pros are very busy people and often juggling many projects. It is easy for something, like a default or guessable password, to “slip through the cracks.”

Just your asking will incentivize IT to be sure the passwords are all at least 14 characters long and make no sense at all. Even better if they use multi-factor authentication – more on that later.

Ask them now. And don’t let them email you the list.

Please post your comments below…

The post Executives – Passwords Cause Very Bad Days appeared first on Foster Institute.