Chat GPT – have you considered the risks?

If you’re using ChatGPT in your business, have you considered the security implications and how to use it safely? We look at and discuss the risks and how to use ChatGPT safely.  

ChatGPT popularity 

You’re not alone if you’re using ChatGPT to help you with your tasks in the day-to-day running of your business. ChatGPT has become extremely popular as a business tool and has evolved greatly since its beginnings in 2018 as a simple predictive language modeller.  

Use of ChatGPT is on the rise 

Many companies and individuals are using ChatGPT as a powerful tool to assist with simple coding tasks, answering questions and generating content.  

While ChatGPT is not known for its accuracy, and many experts agree it can’t take the place of humans when it comes to comprehensive solutions for coding and creating natural, human-centred content, it’s becoming more common for organisations and business to use it regardless. 

It’s easy to take your eye off security 

Since ChatGPT ‘went viral’ business owners are increasingly seduced by the idea of a free, or inexpensive, tool to help them with the many tasks they must do to run their operation.  

However, as with the use of any new online tool or piece of software, there are security implications to be considered. While a security-first mindset might take a backseat in the face of ChatGPT’s supposed power and abilities, business owners are urged to keep their eyes firmly fixed on the continued safety of their data, privacy and security.  

Does using ChatGPT pose a security risk?  

Open AI, the company that owns ChatGPT, have installed many security measures to keep users safe. And, currently, they say they don’t share user data with third parties for marketing purposes. 

But that doesn’t mean to say the data you share with ChatGPT is completely confidential.  

You can find out more Chat GPT data usage and opt-out options and policies here in OpenAI’s FAQ and are encouraged to look into these and be sure and comfortable with how your data is used. 

ChatGPT conversations are not strictly private 

While the data you share with ChatGPT is not shared with the wider world, it is stored on Open AI’s servers and accessible to their developers. Your conversations with ChatGPT are also used to help the language model in its training and by default it will ‘learn’ from the information you share. 

You can read OpenAI’s privacy policy and are strongly advised to do so before you share any private data of your own or your company’s via ChatGPT.  

Keep checking the privacy policy  

It’s a good idea to keep regularly up to date with ChatGPT’s privacy policy since it can change without notice and it’s important that you’re comfortable with its terms.  

ChatGPT collects a mountain of data 

Aside from the conversations you generate, ChatGPT collects your unique personal data, including your name, telephone number, IP address and other cookie-orientated identifiers. This user data may not be shared with third parties, but it may be shared with other associates and users should be aware of and be comfortable with the terms of data usage, particularly if using the free version. 

Misinformation and misuse 

ChatGPT, like other AI software is data hungry and its remarkable human-like responses mean users are more likely to be seduced into sharing personal, confidential information, as well as believing every answer the tool generates for them.  

Hackers exploit the believability of the tool, using it to generate content for phishing and other online scams.   

Users should be aware ChatGPT does NOT provide citations and can present incorrect information.  

Set a company policy for ChatGPT usage 

It’s no surprise that some companies have restricted staff usage of ChatGPT, due to the risk of entering company information into, what is, essentially a consumer service, and the security risks this poses. 

Advice for using ChatGPT safely 

Be ‘security minded’ and aware that ChatGPT as an open tool can be used for malicious purposes. 

• Become familiar with privacy policy as well as terms of use
• Don’t ever share sensitive information such as credit card numbers, bank details, etc. 
• Disable chat history and opt out of model training (will still be kept on OpenAI’s servers for 30 days even if you opt out) 
• Always check your sources independently for information gained through ChatGPT – the tool does not provide citations and cannot be relied upon as accurate 
• Ensure you only download the official ChatGPT app and do not click on supposed extensions that maybe lookalikes set up to steal your data 
• Delete all your data and account from ChatGPT, if you’re not happy 

ChatGPT - be security-minded  

As with the use of any online tool or software, you should consider the security implications first and foremost in the continued safe operation of your business.  

If you’re not sure, have any doubts regarding how you’re using ChatGPT and need advice, please get in touch with our security-minded, security-first cybersecurity team.  

< Read more articles on our Web Academy