What does your Windows security policy include? Do you review your settings annually or more frequently? Do you offer education and training on policy topics? If a violation is found to have led to the root cause of the problem, will it be revised? Do you have a security policy that includes your company’s overall policy on that matter?
From word processing documents to the upcoming Windows 11 with AI prompts built into the Explorer platform, organizations should consider how employees handle customer data and other sensitive information when using AI platforms.
Many companies want their security plans to include restrictions and guidelines that dictate what can be entered into platforms and websites that may store or share information online. Sensitive information should not be included in applications that do not have well-defined protections for handling such data. There are already examples online of what concepts should be included in a policy.
First and foremost, assess the security of any new AI software or tools introduced into your network. The software must be evaluated for overall suitability for use and must not crash or display error messages while the software is running. Vendors should include a privacy policy as well as terms of service.
It’s also important to check how the vendor indicates they handle updates, security and bug reports, and other improvements to the platform. Vendors identify controls within their software that allow or restrict users from using AI integration. See if you have the ability to flag places where AI is used within your platform. See if you’re promoting the ethical use of AI and if you’re providing the right feedback channels.
Your AI policy should make it clear that sensitive client information must not be uploaded to the AI interface. Clear instructions within the policy should indicate what is permitted to be entered into the software. Employees must not share access with anyone who is not authorized to use the tools, and each employee using AI tools must review and sign the policy. Consider employee training to ensure compliance with these policies.
Windows includes clear insight into policy control
In addition, you can review the controls and limitations that allow vendors to link or tie AI-containing applications. In the case of Microsoft Windows, its vendors have already published Group Policy controls that restrict already available connections to applications such as the Edge browser and the Bing search engine.
But more happens. At the recent Microsoft Build conference, Microsoft showed how they are bringing AI to their operating system to make it easier for users to find the features and settings they need. Again, businesses may need to assess the impact of this technology before starting to roll out these platforms in earnest.
You can start with the basics like changing your default browser to Edge and blocking requests to change your default search engine to Bing. This setting can be set via Group Policy or Intune as described in Edge Policy. Additional settings include blocking Bing Chat AI from Windows 11 searches.
To disable Bing Chat AI from the taskbar search field, press the Windows key to open Settings or use the Windows key + I shortcut to open it directly.Then from the left panel[プライバシーとセキュリティ]scroll down to the Windows Permissions section and select from the list[検索アクセス許可]Click.[その他の設定]Scroll down to the section[検索ハイライトを表示]Toggle the option off. The Bing Chat AI icon will no longer appear in the search field.
Then you can remove the Bing AI button from Edge settings. Open Settings in Edge. Select the Sidebar option from the left column. In the app-specific settings section, click Detect. Then switch off the “Show Discover” setting and the button will disappear.
Future Windows releases also require close attention
Future Windows 11 releases should be equally diligent. As mentioned at Microsoft Build, AI is coming to the desktop. Windows Copilot will be available in preview for Windows 11 in June. Additionally, Microsoft plans to bring AI to the Bing Chat plugin for Windows. It allows developers to integrate their apps within his Copilot and “increase engagement in native Windows applications.” Microsoft expects to publish Group Policy and Intune settings to limit or restrict its use.
Currently, you can restrict Bing Chat using Group Policy. There is a new group policy setting to disable the chat icon and this setting was added in the Windows 11 21H2 admin template. I need to download the ADMX template for Windows 11 October 2021 Update [21H2] From the official Microsoft Download Center. A good idea is to copy the files from C:WindowsPolicyDefinitions on your Windows 11 computer to the central policy store. The Chat Icon Configuration GPO setting is part of TaskBar.admx and TaskBar.adml.
Change policy settings for Windows AI components
In the Group Policy Management Console, expand your domain and navigate to Group Policy Objects. Create a new Group Policy Object and create a new GPO. In the Group Policy Management Editor,[コンピューターの構成],[管理用テンプレート],[Windows コンポーネント],[チャット]to the next. Find “Configure the chat icon on the taskbar”. Right-click this policy setting and select Edit. From here you can set the policy as follows:
- Visible: If you enable this policy setting and set it to Visible, the chat icon is displayed on the taskbar by default. User can show or hide it in settings.
- Hidden: If you enable this policy setting and set it to Hidden, the chat icon is hidden by default. User can show or hide it in settings.
- Disabled: If you enable this policy setting and set it to Disabled, the chat icon will not be displayed and users will not be able to show or hide the chat icon in settings.
In the Configure chat icon on taskbar GPO policy, select Enabled to enable this setting, click Apply, and then click OK. Again, you can choose to show, hide, or disable the icon.
The bottom line is that AI is coming to your network and desktop sooner than you think. Build your policy now, review your processes, and decide if you’re ready for it today.
