Decision Guide: External AI Services

Use this guide when you want to use an AI service that is provided by an external vendor.

Examples may include commercial chat tools, AI assistants, coding assistants, browser tools, search tools, image tools, or other AI services.

Main rule

External AI services may be useful for experimentation.

The requirement is to use accounts, subscriptions, tools, or access paths that are provisioned and paid for by the company when using them for company work.

This helps Dev manage access, security, data handling, capacity, and support.

Usually acceptable

You can usually continue experimenting when:

• the account or service is company-provisioned or otherwise approved for company work;
• the data is public, synthetic, or non-sensitive;
• the work does not access production systems;
• the output does not directly affect customers, employees, money, security, or operations.

Ask Dev for guidance

Ask Dev when:

• you need access to a service that is not already available to you;
• you are unsure whether an account is company-provisioned;
• you want to use a new vendor or tool;
• you are unsure whether the data is sensitive;
• the service needs search, fetch, vector database, or model access support.

Open a request through the official Dev request form.

Start handoff

Start handoff when the external AI service would use:

• production system access;
• customer data;
• employee data;
• credentials, tokens, or secrets;
• financial data;
• security data;
• company-confidential data;
• workflows that affect customers, employees, money, security, or operations.

What this is saying

This policy is not saying employees can never use external AI services.

It is saying that company work should use company-provisioned or approved access, and that sensitive or production-impacting uses need handoff.