{"id":444,"date":"2026-04-28T12:52:57","date_gmt":"2026-04-28T12:52:57","guid":{"rendered":"https:\/\/sites.wp.odu.edu\/owenstewart137\/?p=444"},"modified":"2026-05-07T13:06:11","modified_gmt":"2026-05-07T13:06:11","slug":"effective-use-of-ai-tools","status":"publish","type":"post","link":"https:\/\/sites.wp.odu.edu\/owenstewart137\/2026\/04\/28\/effective-use-of-ai-tools\/","title":{"rendered":"Effective Use of AI Tools"},"content":{"rendered":"\n<p><strong>Part A:<\/strong><\/p>\n\n\n\n<p>A cybersecurity policy is a framework that outlines an organizations rules and procedures to protect its assets and information from cybersecurity threats, like unauthorizes access or data breaches. Cybersecurity policies are important in organizations because they protect an organization\u2019s assets and information from cybersecurity threats. These threats can cause financial damage and reputational damage to organizations that are affected by them.<\/p>\n\n\n\n<p>Using AI tools in the workplace can create risks. One of these risks is that it can expose confidential information to unauthorized parties if this kind of information is inputted into an AI tool. Another risk is that AI tools are not always correct, and making important decisions based off of incorrect information could cause unintended problems for organizations. A third issues is that AI doesn\u2019t always generate bug-free or secure code and using this code can cause security problems or unexpected behavior, which could result in downtime if this code isn\u2019t reviewed before it\u2019s used. Improper AI usage can violate the CIA Triad. If sensitive information is inputted into AI, it violates Confidentiality, since unauthorized parties may be able to see this data and it could be exposed if user accounts for this tool are breached. AI use can also violate Integrity if an AI tool changes the data without the user realizing it. AI tools can also hallucinate information, so by using this hallucinated information, it wouldn\u2019t be accurate, which would violate Integrity. If an organization relies too heavily on AI tools, then this tool going down could cause problems with Availability. Also, using incorrect information or code generated by AI could cause downtime if this information needs to be corrected.<\/p>\n\n\n\n<p>Acceptable use and misuse of technology are ways to classify how technology is used in the workplace. Acceptable use refers to authorized and safe ways to use technology, like for professional work, that follow an organization\u2019s policies, such as an Acceptable Use Policy (AUP). Misuse of technology means that someone\u2019s use of technology does not follow the acceptable use policy and can create risks for an organization. Misuse includes things like accessing non-approved sites, downloading pirated content, taking actions that can violate copyright laws, or doing anything that isn\u2019t outlined in the Acceptable Use Policy.<\/p>\n\n\n\n<p><strong>Part B:<\/strong><br>This section outlines a cybersecurity policy for using AI tools in the workplace.<\/p>\n\n\n\n<p><strong>Purpose<\/strong><\/p>\n\n\n\n<p>This policy exists to reduce the risks that come with AI use and to protect organizational data and assets, as well as preventing data leakage, exposure of confidential information, intellectual property theft, compliance violations, and ethical misuse.<\/p>\n\n\n\n<p><strong>Scope<\/strong><\/p>\n\n\n\n<p>This policy for AI use applies to anyone that uses AI in the workplace or anyone that uses AI outside of the workplace to assist with work-related tasks. This policy also applies to people that are not employees of the organization, but still have access to its systems.<\/p>\n\n\n\n<p><strong>Acceptable Use<\/strong><\/p>\n\n\n\n<p>Employees are permitted to use AI tools for research using non-sensitive information, creating drafts for communications, like email, assistance with coding using sanitized or anonymized information, summarizing publicly available information, creating drafts for organizational documents by using generic prompts, or summarizing non-confidential information.<\/p>\n\n\n\n<p><strong>Prohibited Use<\/strong><\/p>\n\n\n\n<p>Employees using AI tools are not permitted to enter or upload confidential company data, PII, financial data, proprietary company information, encryption keys, passwords, API keys, or regulated information. Employees are also not allowed to use AI to bypass security controls, generate malicious code, generate illegal content, or generate anything that is protected by copyright laws.<\/p>\n\n\n\n<p><strong>Data Protection Requirements<\/strong><\/p>\n\n\n\n<p>All data entered into AI tools should be treated as public unless it is an approved enterprise tool. Confidential information or PII should not be entered into any AI tool, if it is, it should be anonymized and sanitized, using generic placeholders. Do not create or input any information that could be protected by copyright laws. All information generated AI tools should be reviewed for errors or incorrect information before it is used.<\/p>\n\n\n\n<p><strong>Enforcement &amp; Consequences<\/strong><\/p>\n\n\n\n<p>Failure to comply with this policy may result in the loss of access to AI tools, disciplinary action, legal consequences, or termination of employment.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Part A: A cybersecurity policy is a framework that outlines an organizations rules and procedures to protect its assets and information from cybersecurity threats, like unauthorizes access or data breaches. Cybersecurity policies are important in organizations because they protect an organization\u2019s assets and information from cybersecurity threats. These threats can cause financial damage and reputational&#8230; <\/p>\n<div class=\"link-more\"><a href=\"https:\/\/sites.wp.odu.edu\/owenstewart137\/2026\/04\/28\/effective-use-of-ai-tools\/\">Read More<\/a><\/div>\n","protected":false},"author":29440,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","wds_primary_category":0},"categories":[1],"tags":[],"_links":{"self":[{"href":"https:\/\/sites.wp.odu.edu\/owenstewart137\/wp-json\/wp\/v2\/posts\/444"}],"collection":[{"href":"https:\/\/sites.wp.odu.edu\/owenstewart137\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sites.wp.odu.edu\/owenstewart137\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/owenstewart137\/wp-json\/wp\/v2\/users\/29440"}],"replies":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/owenstewart137\/wp-json\/wp\/v2\/comments?post=444"}],"version-history":[{"count":2,"href":"https:\/\/sites.wp.odu.edu\/owenstewart137\/wp-json\/wp\/v2\/posts\/444\/revisions"}],"predecessor-version":[{"id":451,"href":"https:\/\/sites.wp.odu.edu\/owenstewart137\/wp-json\/wp\/v2\/posts\/444\/revisions\/451"}],"wp:attachment":[{"href":"https:\/\/sites.wp.odu.edu\/owenstewart137\/wp-json\/wp\/v2\/media?parent=444"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/owenstewart137\/wp-json\/wp\/v2\/categories?post=444"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/owenstewart137\/wp-json\/wp\/v2\/tags?post=444"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}