Master the Machine
Secure the Future

We are adopting AI aggressively, but responsibly. This handbook separates the tools that help us from the habits that hurt us.

Start Learning View Copilot Benefits

Pillar 1

Shadow AI &
Data Leakage

Free tools like standard ChatGPT or Claude are "Public." Anything you type into them becomes their property for training. We must sanitize our inputs.

Review real-world incidents on the right.

The Samsung Leak

Engineers pasted proprietary semiconductor source code into ChatGPT to "optimize it." That code was absorbed into the model's training data.

Consequence: Internal Ban

The Amazon Warning

Corporate lawyers warned staff after seeing ChatGPT generate text that closely mimicked internal Amazon data, suggesting previous leaks.

Consequence: Legal Alert

GREEN: Safe to Use

Publicly available info or generic templates.

  • "Draft a generic resignation letter."
  • "Explain Excel VLOOKUP formula."
  • "Summarize this public news article."

YELLOW: Sanitize First

Internal drafts that can be stripped of specifics.

  • "Draft an email to [Client X]..."
  • "Analyze this sales logic (remove $ figures)."
  • "Brainstorm marketing for [Product Y]."

RED: Strictly Prohibited

PII, Financials, Passwords, Secrets.

  • Uploading a client's tax return.
  • "Fix this code containing API keys."
  • Employee SSNs or Salaries.

Pillar 2

The New Threat Landscape

AI has weaponized social engineering. Trust nothing without verification.

The "Boss Voice" Scam

AI VISHING ATTACKS

Attackers can clone a Partner or CEO's voice with just 3 seconds of audio from a YouTube video or podcast.

Scenario:

"You receive a call from the CFO. It sounds exactly like him. He says he's in a meeting and needs you to wire $50k to a vendor immediately."

DEFENSE PROTOCOL: Call them back on a known number.

Perfect Phishing

NO MORE TYPOS

Hackers use AI to scrape your LinkedIn, find your recent conference attendance, and write a personalized email referencing it perfectly.

The AI Email:

"Hi [Name], great seeing you at the Fintech Summit in Austin last week. Here is the deck we discussed regarding the Q3 merger..."

DEFENSE PROTOCOL: Check the actual email address (sender@gmail vs sender@corp).

The Hallucination Trap (Legal Danger)

AI generates probabilistic text, not facts. In 2023, lawyers were sanctioned for submitting a brief with fake case citations invented by ChatGPT. If you use AI for research, you must verify every single claim against a primary source.

Pillar 3

Prompt Engineering: The "Excel" of the 2020s

The difference between a generic answer and a strategic asset is Context.

AMATEUR PROMPT

"Write a job description for a Project Manager."

Result: Generic, boring, identical to 1,000 other listings.

PRO PROMPT

"Act as a Senior Recruiter in the Fintech sector. Write a job description for a Project Manager.

Context: The team is remote and fast-paced.
Tone: Exciting, challenging, avoiding corporate jargon.
Include: A section on 'Why this role is hard'."

Tip: Use "Iterative Refinement." Treat AI like a junior intern. Correct it: "Too long, make it punchier."

Pillar 4

The "Why Pay?" Distinction

Why the firm invests $360/year/user for Enterprise Copilot.

It Knows YOUR Data

Public AI knows the internet. Copilot knows us.

"Summarize the last 5 emails from Sarah regarding the Delta Project."

Commercial Protection

Your inputs are discarded after the session. They are never used to train the model.

Enterprise Data Boundary Active

Integrated Workflow

No copy-pasting. It lives inside your apps.

@Word: "Turn this document into a 10-slide PowerPoint deck."
Feature Public AI (Free) Enterprise Copilot
Data Privacy They view/train on your data Data never leaves tenant
Context Limited to chat window Reads OneNote, Loop, Emails, Chats
Security None Inherits M365 Permissions (RBAC)

Certification

Earn Your "AI Ready" Badge

AI-generated assessment. Questions change every time.

AI Security Assessment

Click below to ask Gemini to generate 5 scenario-based questions tailored to this guide's content.