How To Smartly (And Safely) Leverage GenAI In Business

Incorporating artificial intelligence is a key priority for industries, and business leaders looking to make a relatively rapid, enterprisewide impact may be considering tapping into generative AI. The conversational interface can make it easier for professionals with limited tech expertise to delve into data or streamline certain tasks through experimentation and their own unique knowledge.

However, whether businesses are considering building bespoke tools or allowing their team members to leverage popular existing systems, it’s important to understand not only how to get the most out of GenAI, but also the very real risks that can come with using it. Below, members of Forbes Technology Council share their expertise to help organizations smartly—and safely—leverage GenAI.

1. Filter The Data Used For Learning

Enterprises are notoriously strict when it comes to access and permissions, but GenAI is just about text prediction, and it will not understand that. To comply with security and compliance policies, it’s paramount to have a middleware layer to filter the data GenAI consumes for learning and control who gets to query that data. This is going to become a new requirement in SOC and ISO standards going forward. - Boris Lapouga, WorkHQ

2. Implement Robust Data Governance Practices

An essential precaution when using generative AI in enterprises is ensuring data privacy and security. AI models can inadvertently expose sensitive data. To address this, companies should implement data governance practices like data anonymization, access controls and compliance with regulations (such as the EU’s General Data Protection Regulation). Using secure, private cloud or on-premises deployments further protects sensitive information. - Rajni Sharma, Paylocity

Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?

3. Ensure The Costs Don’t Outweigh The Benefits

First, ensure that GenAI will actually help improve work efficiency. Evaluate the cost-to-outcome relationship to ensure you’re taking a cooperative approach to choosing the best productivity improvement method for everyone. - Raymond Huang, NexWave

4. Vet All Returned Data

Validation is essential when you’re relying on data from generative AI tools. Without vetting, it would be risky to utilize the information provided by GenAI in furthering one’s research. Additionally, it’s essential to enquire further about the source of the data that the tool is providing. - Abhishek Chaudhuri, Microsoft

5. Pay Attention To Data Security Principles

Clearly formulate the data security and governance principles for the underlying datasets used for generative AI to avoid unwanted data leakage and unauthorized access. AI tools and copilots should also adhere to the same permissions and granular access controls over the knowledge base. - Kris Lahiri, Egnyte

6. Embed Security Into Devs’ Tools And Workflows

GenAI can help time-pressured software development teams produce code at scale and more quickly, but emerging threats, such as AI hallucinations, bring new risks that can be hard to quantify. A best practice for enterprises to mitigate these risks is to embed security directly into developers’ tools and workflows to limit the risk to their security and compliance posture. - Sandeep Johri, Checkmarx

7. Always Keep A Human In The Loop

Having a human in the loop remains a vital precaution when adopting AI, as hallucinations and inaccuracies can still occur. In healthcare, there are many low-risk AI applications that can support payments and operations, but diagnosing symptoms requires a certified medical professional—healthcare providers must make the final decisions on how to treat their patients. - Eron Kelly, Inovalon

8. Monitor And Audit Generated Output

A key precaution is ensuring that the generated output is accurate, relevant and aligned with the ethical and legal standards of the organization—especially in the case of GenAI-created text, where there is a risk of biased or misleading content. By regularly auditing and monitoring generated output, leaders can prioritize transparency and accountability in the use of generative AI applications. - Mike Britton, Abnormal Security

9. Balance Democratizing Access With Responsible Use

A robust governance framework that balances democratizing AI access with ensuring responsible use is essential when deploying generative AI across an enterprise. Key elements include ensuring transparency and fairness to mitigate biases, clear accountability protocols, and customizable privacy settings to protect sensitive information. Regular monitoring ensures enterprise data remains secure and protected. - Michael Ringman, TELUS Digital

10. Use High-Quality, Domain-Specific Data

An essential precaution when using generative AI in enterprises is ensuring high-quality, domain-specific data to avoid hallucinations. Poor data leads to unreliable outputs. This can be addressed by curating accurate, diverse datasets and implementing human-in-the-loop systems to validate and refine AI-generated results, maintaining reliability and trustworthiness. - Katerina Axelsson, Tastry

11. Guard Your Brand Identity

Beyond AI governance, cybersecurity and policies, enterprises often overlook brand language. Fine-tuning AI with proprietary data and including humans in the loop for critical outputs ensures on-brand consistency. This hybrid approach combines AI’s efficiency with human expertise to maintain cultural nuance and consistency and avoid generic, off-brand content. - Frederik Riskær Pedersen, EasyTranslate

12. Have A Clear, Organizationwide Usage Policy

It’s essential to have a clearly defined, organizationwide AI usage policy. This policy should outline the dangers of using unauthorized AI tools, provide a list of approved tools, detail the process for requesting new tools, specify prohibited data usage and include a set of best practices, such as always fact-checking the output. - Pawel Rzeszucinski, Webpros

13. Be Aware Of Noncompliance Risks

GenAI hallucinations expose companies to the risk of noncompliance—especially in highly regulated environments. For GenAI providers, it’s essential to integrate easy-to-consume disclosures that warn against this into the user experience. For GenAI users—particularly governance, risk and compliance professionals—checking AI-generated content against a trusted regulatory source is crucial. - Ogie Sheehy, ViClarity

14. Know Who Has Access To Your Inputs

It is important that enterprise users of generative AI tools know that what they are providing to the tool is shareable. Ultimately, the prompts and information you input will be available to the GenAI tool’s operators in some form. No matter what type of organizational firewall or policies are put in place, users need to ask themselves, “Is it okay if my prompts are pasted on my front door for all to see?” - Song Bac Toh, Dell Technologies

15. Establish Oversight Mechanisms

Unsanctioned AI tools and technologies can lead to data breaches, intellectual property risks and compliance challenges. To mitigate these risks, oversight mechanisms, such as AI councils, are needed to monitor and regulate the use of AI. Balancing autonomy with oversight enables employees to confidently embrace tools that enhance their productivity and empower innovation. - Douglas Murray, Auvik

16. Understand The Differences Between Web2 And Web3 Solutions

For enterprises moving to an AI agent (digital) workforce, it’s crucial to understand key differences between Web2 and Web3 solutions. Web2 typically involves centralized, intra-operational processes, whereas Web3 emphasizes decentralized, inter-operational processes and is more vendor-neutral. Thus, Web3 offers greater flexibility in multiagent development and deployment and can help organizations avoid vendor lock-in. - Nick Newsom, Ytel Communications

17. Deploy Modern Immutable Storage Systems

As more enterprises adopt GenAI tools and technologies, executives need to deploy modern immutable storage that supports a zero-trust data resilience model, as AI will exponentially increase the amount of data organizations are developing. This increase in data will leave companies more vulnerable to a wide-scale data breach, given that ransomware attacks are increasingly targeting backups. - David Bennett, Object First

18. Implement Precise Role-Based Access Controls

One precaution when using AI in an enterprise environment is ensuring identity and access governance for human and machine users. AI systems often require access to vast datasets, increasing the risk of overpermissioned accounts or unintended data exposure. Implementing precise role-based access controls and continuously monitoring permissions prevents unauthorized access, ensuring data security and compliance. - Craig Davies, Gathid

19. Anonymize Inputs And Use Encrypted, Secure APIs

Generative AI is a game changer, but mishandling sensitive data can lead to costly breaches. Prevent exposure by anonymizing inputs, removing personally identifiable information and using encrypted, secure APIs. Control access, monitor usage and, for highly sensitive projects, deploy AI models in-house. In an era where trust defines success, safeguarding data isn’t optional; it’s essential for responsible innovation. - Balasubramani Murugesan, Digit7

20. Hone Prompt Engineering Skills

Careful prompt engineering is crucial for consistent accuracy in any generative AI use case. Education, established patterns and awareness are needed, as minor tweaks to a generative AI prompt could result in a completely different AI-generated outcome. - Abhi Shimpi, Fidelity Investments