ERP Trend diagram

Understanding the Security Risks of Using AI Tools in the Workplace

Artificial Intelligence (AI) tools like ChatGPT, CoPilot, Gemini and others initially struggled to show users how they could simplify their work. However, over the past year, we’ve seen a surge in real-life examples demonstrating how these technologies can enhance our efficiency.

For instance, during online meetings, AI tools can transcribe, summarize and document action items, allowing me to focus on the discussion without worrying about taking notes or missing important points. This technology helps me perform better at my job.

Yet, as these tools become more embedded in our daily tasks, they also introduce new security risks for organizations. Let's explore some of these challenges:

Data Sharing

Security professionals have long focused on preventing unauthorized access to sensitive company or customer data. But what happens if someone willingly inputs this data into an AI tool without understanding how the tool handles it? AI tools are constantly learning and use the data they receive to improve. So, when I input customer information into a tool, it helps me analyze that data. However, the tool now possesses that data and uses it to enhance its accuracy. This data is now at risk of being exposed.

Accidental Data Leaks

Now that we understand the data we share might not remain private when input into AI tools, this can lead to accidental data leaks. Many users of this technology do not understand how AI tools operate or learn. Consequently, something as simple as summarizing customer data can put the company at risk, often without the user’s awareness. Additionally, these tools frequently store and process data in ways that are not transparent to the user, increasing the risk of unintended exposure. Therefore, raising awareness about these risks is essential to prevent potential data breaches.

Plagiarism

When we prompt an AI tool to help us with a task, it uses vast amounts of data and resources. But where does it get that data? By accessing the information, it already has or can access. For example, if I ask it, “Write me a blog post on the risks of AI tools in the workplace,” it will do so by scouring its various sources, pulling pieces from different places and assembling a post. However, do I have permission to use the information from those sources? In doing so, I risk potentially plagiarizing someone else’s work, thereby putting the company at risk for copyright violations. So, ask yourself: Did I write this, or did an AI tool? That is the risk these tools introduce.

So, what should do we do about it? Here are some suggestions.

  1. Internal education for your employees is critical. Just as we have tools for phishing attacks, educating users to be wary of links they receive has been paramount to limiting the risk of phishing attacks for organizations. As mentioned above, most users who use AI tools need help understanding how they work or the risks involved. They just typed a prompt in the tool, and off it went. Trying to block tools or sites has been a typical strategy, but history has shown us that users will find a way around tools and sites they are not supposed to use. Education is a great and relatively inexpensive place to start.
  2. Understanding the privacy policy of the tools you use is essential. Do they tell you they are going to use your data for learning? Are there certain security scenarios they can't address? Knowing how the tool will use your data allows you to limit the usage of tools that may put the company at risk. Here is an excerpt from one of the tool's policies. "When you use our Services, we collect Personal Information that is included in the input, file uploads, or feedback that you provide to our Services."
  3. Look at enterprise-grade AI tools. While the free tools floating out there are likely the first place your users might turn, a corporate solution that has more stringent policies on data sharing might be the way to go. Users still get the benefit of AI tools, but it reduces the security risk. The tool I use for my meeting notes is done with such a tool, so I get the benefits, but the company's information is secure.

AI tools are beginning to demonstrate how they can assist with their daily tasks, but this now introduces new risks for sensitive company information. However, a combination of education, understanding AI tools' privacy policies and considering enterprise-level tools can help you address and minimize the risk these new tools pose. 

Prioritizing AI & Trust

Maximizing the potential benefits, while minimizing the possible risks.

About the Author

Brian LaMee is the Vice President of the Architecture, Engineering & Professional Services (AES) Division at Aktion Associates, where he leverages his extensive experience in A&E industry applications and marketing strategies. Prior to joining Aktion, he held several leadership roles at Deltek, including Vice President of Product Marketing. Brian holds a Bachelor of Arts degree in Marketing and Management from Ohio Northern University.

Contributors

Featured Thoughts

American navy aircraft carrier

Article

Speed Without Control: The New Competitive Reality for A&D Contractors

Winning A&D contracts now depends on operating speed with control, not proposal quality alone. The 2026 Deltek Clarity Study shows top performers invest in systems and governance to move quickly without losing oversight. Firms that align speed with discipline protect margins and compete more effectively.

Article

Why Defensible Pricing Wins Government Contracts

Discover why defensible pricing, not just competitive pricing, is becoming the key differentiator in winning government contracts.

Clarity AE Podcast

Article

Strong on the Surface, Strained Underneath: Key Takeaways from the Deltek Clarity A&E Podcast

This article shares five takeaways from the 47th Annual Deltek Clarity A&E Industry Study on why firms are busier than ever but not necessarily more profitable.

Nucleus Research ERP Technology Value Matrix

Article

Deltek Named an ERP Technology Expert: Delivering Value for Project-Based Businesses of All Sizes

Every ERP vendor is adding AI, but few can prove it's  trustworthy for high-stakes work. Nucleus Research named Deltek an Expert in the 2026 Enterprise and SMB ERP Technology Value Matrix. The recognition centers on Costpoint, Vantagepoint, and Dela™, Deltek's AI orchestrator. For project-based businesses, AI features matter less than the audit trail behind them.

Technician inspecting a jet engine in an aircraft hangar

Article

Why Cost Isn't The Biggest Manufacturing Challenge Anymore

See why quality, compliance, and traceability are becoming the new measures of manufacturing performance in government contracting.