Hello,
I am an engineer currently responsible for policy configuration of Endpoint Protector. One of our customers, who holds more than 5,000 licenses, has requested a solution to block file uploads to generative AI platforms such as ChatGPT.
Is it possible to detect and block file uploads and PII through CAP policies when using web browsers or desktop-installed ChatGPT applications?
If this is not feasible, is there an alternative policy configuration that could address this issue?
Hello KIM JOON SIK,
Thank you for reaching out with your question.
We’re delighted to inform you that this capability is already planned on our roadmap, and our team is diligently working to integrate visibility and control for Data Leakage via ChatGPT OpenAI. This enhancement will significantly broaden our visibility and detection, delivering thorough monitoring of file uploads and clipboard activities.
While we’re excited about these developments, we will be sharing the timeline for this feature shortly.
In the meantime, please note that file uploads - such as: Predefined Content (e.g. PII, addresses, credit card numbers, etc.), Custom Content (keywords) and so on, can be seamlessly monitored using the CAP — Web Browser as the designated policy exit point.
Kind Regards,
Simona
Hello Simona,
as the file-upload to Gemini(Browser) is not detected AT ALL at the moment - are there also investigations running towards this DLP-loophole and not only ChatGPT?
Best regards!
Hi EDV Geis,
Thank you for bringing up this question.
I’m pleased to confirm that the answer to that is Yes. We are actively working on incorporating a solution to manage data flows utilizing Google Gemini AI as well.
You can conveniently monitor the progress of all related initiatives within this category, directly on our Product Board:
Regards,
Simona
Hi Somina,
great to hear, thank you for the information and the links.
I wasn’t aware of the Product Board.
Best regards!