Non-technical staff using Claude Code - how are you handling the security risk?

Posted by Ok-Painting-3603@reddit | sysadmin | View on Reddit | 50 comments

People in ops, finance, marketing are now writing and running AI-generated scripts against internal systems with no idea what the code actually does.

Credentials in prompts, no code review, scripts running with whatever permissions that user has. It's a mess.

How are you dealing with it? Sandboxing, restricting access, logging, something else?

[-]

jupit3rle0@reddit

Those types of folks shouldn't even have access to run scripts or make any changes that could potentially take down the organization. If they do have control, you're already cooked.

[-]

Ok-Painting-3603@reddit (OP)

True, but I actually want people to learn AI tools

[-]

WFAlex@reddit

Just no. They can learn in their free time, on their won machine. Sure as fuck not in a Company environment. Users have no business executing any scripts. period

[-]

gsmitheidw1@reddit

Let them run it in a VM or segregated systems and networks and play with it without any access to critical company data be it HR, payrol or anything GDPR.

The data is your concern. Make sure they're certified in GDPR and equivalent data protection. Educated users are less likely to do stupid things. Particularly when they have clear policies governed and understood by HR.

[-]

DeebsTundra@reddit

You want accounting learning ai code and running them against production systems? Let's count the problems with that idea.

[-]

jupit3rle0@reddit

That's great until the AI convinces them to replace you too 😜

[-]

TerrificVixen5693@reddit

The obvious answer is that people shouldn’t be able to run those scripts or have API keys, admin credentials, or other secrets.

On the other hand, you should be grateful that LLMs have democratized code. I have been vibe coding so much cool shit. Things that would have taken me a month can be done in a day because it can do the boiler plate code.

[-]

joedotdog@reddit

Since you're citing examples, can you actually provide any, or is this simple conjecture?

[-]

OneSeaworthiness7768@reddit

People in ops, finance, marketing are now writing and running AI-generated scripts against internal systems with no idea what the code actually does.

I find it very hard to believe this is real.

[-]

MagicWishMonkey@reddit

And if that’s the case, the problem is whoever is handing out API keys to those systems, not Claude

[-]

Apachez@reddit

What could possibly go wrong? ;-)

[-]

SirLoremIpsum@reddit

You prevent them from running scripts.

You secure your environment so only certain trusted people can access said secure resources (eith or without scripts)

You have a policy that says "this is a no no" and actually enforce it

You have proper device management so they cannot install unapproved software.

Basically you manage your environment and enforce policy. If you can do that, you aren't gonna win.

[-]

godsknowledge@reddit

People will always find ways to use (the best) AI. Therefore it makes more sense to offer those AI tools internally instead of enforcing policies to prevent users from running said scripts.

[-]

aaiceman@reddit

Agreed, control the access, not the scripts. Also, do your best to ensure you have audit logging and management buy in on accountability.

[-]

Smh_nz@reddit

100% doing Claude Code security reviews ATM!

[-]

Squeezer999@reddit

a SaaS solution that blocks the installation of claude and running of any scripts

[-]

theMightBoop@reddit

I do what management tells me. We have a mandate to use AI so go for it. IDGAF

[-]

Empty-Lingonberry133@reddit

How do you block scripts being run like .ps .jar .bash but allow the auto scripts to run like sccm, trusted apps ect

[-]

dadgenes@reddit

They don't have permissions to run scripts in my environment.

They will not get permission to run scripts in my environment.

[-]

illarionds@reddit

No one in my environment gets to run scripts except IT.

(Small environment, so "IT" covers basically everything technical).

Users don't have permissions to do any real damage - so nor can AI running "as them".

[-]

No-Land-672@reddit

Applocker and only allow signed scripts. These are basic precautions in enterprise environements.

[-]

chocopudding17@reddit

My god am I tired of the LLM slop engagement bait in this and other subs. Please, stop.

[-]

DaftPump@reddit

This is management problem. If SHTF because management didn't delegate usage then it will be management's problem. Point of comment is management needs to understand this and your department needs it in writing. Unruly AI use in big corps is yet to hit the news in a holy fuck level fashion. Give it time.

[-]

SikhGamer@reddit

The problem isn't AI. The problem is why do these people have that level of access in the first place? I mean read only access is fine, but anything more than that is a no no.

[-]

Centimane@reddit

Hold them responsible for what they orchestrate an AI to do.

A lot of people will throw up their hands "I didn't do that it was the AI tool" - well you told the AI tool to do the thing. You don't get to blame outlook for the email you sent, same goes for the AI tool.

Especially if they're handing the AI tool their creds, then from an audit perspective it was the user that did it.

[-]

SASardonic@reddit

Temporarily remove access to anybody who bypasses governance. If they keep doing it, fire them.

[-]

Hendo52@reddit

Self confessed vibe coder here:

I would explain to my supervisor that the prototype works, automates hours of labour but the system administrator denies access to a deployment in production because he is unhelpful, lazy and doesn’t care for the business value being generated. You need to bring this to your boss and escalate up to management to get them onboard and get a budget for a code review.

[-]

Ok-Painting-3603@reddit (OP)

Great advice until the person bypassing governance is a C-level. You can't block their installs, can't enforce policy on them, and definitely can't fire them

[-]

Tanto63@reddit

At that point, document your concerns and dust off your resumé.

[-]

SemiAutoAvocado@reddit

Problem is almost every company is doing this right now.

[-]

Secret_Account07@reddit

Really?

We have policies on use of AI and approved software. We have 141 pieces of software that are AI that have been approved. Groups really have to jump through hoops but it helps.

[-]

rp_001@reddit

Of course you can block their installs. Then policy with buy in from CIO and CEO. And suggest setting up a cross-dept group to oversee AI use

lots of examples out there of why regulation is good

[-]

nbcaffeine@reddit

Document, then make it the CIO/Director’s problem.

[-]

Ok-Painting-3603@reddit (OP)

To clarify I'm not trying to block AI tools, I want to enable them safely. We already spun up isolated Hyper-V Windows VMs for non-technical staff with no access to internal systems or APIs. They can experiment freely without touching anything critical.

My question was really: has anyone built a proper sandbox AI dev environment for non-technical workers, and how did you approach it?

[-]

Helpjuice@reddit

This is 100% on you and security for enabling this to begin with. Lock your systems down so only authorized capabilities are possible. If they can install random software this should be something your team and security should take very seriously as a policy violation and enforce the ability to not be able to do so.

[-]

miteycasey@reddit

Not your problem to solve. You provide a platform for customers to use. They nuke it? You restore from backup or rebuild.

It’s your security teams position to set the standards.

[-]

-GenlyAI-@reddit

The amount of dipshits on this sub that respond to marketing accounts is the real concern lol

[-]

Pseudophryne@reddit

*Laughs in Ralpjh Wiggum - I'm in danger.*

[-]

ShabalalaWATP@reddit

If the company wish to support: it then provide a proper assured, enterprise AI coding tools/api and a safe segregated development environment for people to use.

Then have a system where if they wish to bring their tool/script/app into the main network then it has to pass mandatory checks from a dedicated team within IT.

Simply saying no one can use AI tools despite company hierarchy wishes is stupidity at its height.

[-]

ExceptionEX@reddit

By not letting them have access to it without approval

[-]

advanceyourself@reddit

Principles of least Privilege.

[-]

SeekingApprentice@reddit

I don't understand the question. Were are they running scripts? Servers? Remove their access. Against 365? Remove their admin ability.

[-]

ChemicalExample218@reddit

Also, make sure they know that they need to check their work due to hallucinations. I tell them. It's only a matter of time. It will cause a major problem.

[-]

BearcatPyramid@reddit

Have written policies regarding the use of AI in the enterprise.
Anyone who violates the policy gets a talking to by HR.
Repeat violators are let go.

What you're asking about is a policy issue, not an IT issue.

[-]

Professional-Heat690@reddit

Downvote them for using AI to sell their shitty products on /r

[-]

SHFT101@reddit

It's definitely a mess and the most important take away for us was that AI usage needed to be in the company policies.

We can only do as much from a technical point of view but if users get caught ignoring policies it becomes an HR problem.

[-]

wabi-sabi411@reddit

Lock the ability to run scripts down? They have to apply for permission to run code? The only reason VBA tends to not be locked down by default was the huge amount of random automation tooling from engineering departments. Always been the backdoor app method for like 25 years.

[-]

anonpf@reddit

Risk? What risk?