#  Best Practices: Managing Generative AI Systems 

 
   ![robot hands and human hands on keyboard](/sites/g/files/omnuum12036/files/styles/hwp_1_1__360x360_scale/public/2025-10/AI-2.jpeg?itok=h2BG_fY4) 

 
## What is Managing Generative AI Systems?

Generative AI technologies are increasingly being integrated into enterprise applications, development platforms, automation tools, assistants, and AI agents. These systems may access data, interact with connected services, and perform actions across multiple environments.

Departments deploying or managing AI-enabled systems should evaluate them using the same security, privacy, governance, and risk-management principles applied to other enterprise technologies.


##  Common Risks 

SortCategoryDescriptionKey Controls (At a Glance)Sensitive Data Exposure

Data may be entered, processed, stored, logged, or retained by AI systems.

Apply risk classification requirements, minimize sensitive inputs, and review vendor protections.

Data Integrity &amp; Reliability

AI-generated outputs may be inaccurate, incomplete, or manipulated.

Validate inputs/outputs and require appropriate human review.

Prompt Injection &amp; Model Manipulation

Information may persist across sessions, users, tools, or integrations.

Limit retention, manage memory features, and enforce separation where appropriate.

Context &amp; Memory Leakage

Data persists across sessions or tools unintentionally.

Enforce isolation; limit context; manage memory.

Agents, Connectors &amp; Integrations

AI agents, connectors, APIs, and MCP servers may expand access to systems and data.

Review integrations, apply least privilege, and enable only approved capabilities.

Privilege &amp; Identity Misuse

Excessive permissions or exposed credentials may allow unauthorized access.

Implement least privilege, strong authentication, and credential management practices.

Governance &amp; Visibility

Unmanaged AI deployments can create compliance, operational, and privacy/security risks.

Maintain inventories, logging, ownership, and oversight processes


**Note:**  
*The “Key Controls (At a Glance)” column is intended as a quick reference. Detailed expectations and implementation guidance are described in the Best Practices sections below.*


###  General Best Practices 

 
#### Documentation &amp; Governance

- Maintain an inventory of AI-enabled systems, services, and integrations.
- Define ownership, approved use cases, and responsible administrators.
- Review new AI capabilities before enabling them.
- Reassess risks when systems, data sources, or integrations change.

#### Data Protection

- Apply Harvard data-classification requirements consistently.
- Treat prompts, outputs, logs, and retained context as organizational data.
- Review memory, retention, and training settings before deployment.
- Verify that vendor protections align with University requirements.

#### Identity &amp; Access Management

- Use HarvardKey and approved authentication methods whenever possible.
- Apply least-privilege access controls.
- Restrict AI systems to only the resources necessary for their intended function.
- Store credentials and secrets in approved enterprise solutions.

#### Agents, Connectors &amp; Automation

- Review AI agents, connectors, and integrations before deployment.
- Treat MCP servers and external connectors as third-party integrations requiring security review.
- Grant only the minimum permissions necessary.
- Require human approval for high-impact or sensitive actions whenever feasible.


#### Secure Development &amp; Administration

- Review repository-level AI configuration files, agent instructions, and automation settings before use.
- Disable unnecessary automated execution features.
- Validate AI-generated code before deployment.
- Follow secure development and change-management practices.

#### Environment Isolation

- Run AI coding agents and automation tools in isolated environments when feasible.
- Limit access to sensitive systems, credentials, and administrative workstations.
- Separate development, testing, and production environments.

#### Logging, Monitoring &amp; Testing

- Maintain appropriate logging of AI-enabled activities and administrative actions.
- Monitor for unusual behavior, excessive usage, or unexpected access patterns.
- Test AI-enabled systems for prompt injection and malicious content.
- Evaluate systems for misuse, manipulation, and unexpected behavior before production deployment.

#### Vendor Management

- Use approved vendors and services.
- Review contractual protections related to data use, retention, and model training.
- Understand enterprise versus consumer service boundaries.
- Establish off-boarding and data-deletion processes.


##  Related Resources 

Use these resources to take the next step, find University guidance, or explore trusted external references.

 
 [ Review Minimum Standards arrow\_circle\_right ](/apply-standards) 

 
 ### University Resources

Official university guidance, approved tools, and support resources.

- [HUIT Generative AI Guidance](https://www.huit.harvard.edu/ai)
- [Risk Classification](/classify-risk)
- [Privacy Principles](/privacy-principles "University-Wide Privacy Principles")


 ### Industry Resources

Trusted external cybersecurity and privacy guidance.

- [OWASP Top 10 for LLM Applications](https://genai.owasp.org/)
- [NIST AI Risk Management Framework](https://www.nist.gov/itl/ai-risk-management-framework)
- [CISA Artificial Intelligence Resources](https://www.cisa.gov/artificial-intelligence)
- [EU Artificial Intelligence Act](https://artificialintelligenceact.eu/)


 ### Related Topics

Explore related privacy and security best practices.

- [Using Generative AI Systems](/best-practices-using-generative-ai "Best Practices: Using Generative AI")
- [Cloud Platform &amp; SaaS Integrations](/cloud-platforms-saas-integrations-system)
- [Application &amp; Web Security](/best-practices-application-web-security "Best Practices - Application & Web Security")