browse
The world of artificial intelligence is buzzing, with innovations like OpenAI's language model, ChatGPT, leading the charge. This AI powerhouse has been growing at a breakneck pace, transforming numerous industries with its smart, context-aware conversations. But with these exciting advancements come some potential challenges - specifically, data loss risks.
Think of ChatGPT as a super-smart conversation partner that generates text based on what you feed it. Now, if there's sensitive information in the mix and it isn't handled properly, there's a risk of data breaches. This highlights why it's so important to have a comprehensive Data Loss Prevention (DLP) plan in place.
Your Umbrella DLP solution has been designed to shield your organization from these risks. Here are three pressing use-cases that our solution can help you address immediately and only take about 5-min to implement.
A. Compliance with Data Privacy Regulations such as GDPR, HIPPA, and PCI-DSS:
-
- Head over to Policies > Management > Data Loss Prevention Policy in your Umbrella dashboard.
- Start creating a new DLP rule. Simply click Add Rule at the top right-hand side and select Real Time Rule.
- Give your rule a name that's easy to recognize, like 'ChatGPT Protection', and choose the severity level (anything from Low to Critical) that fits your needs.
- In the Classifications section, pick one or more of the Built-In Compliance Classifications relevant to your organization. This could be the 'Built-in GDPR Classification' or 'Built-in PCI Classification', for example.
- In the Identities section, select all the identities you wish to monitor and protect. If feasible, we recommend a wide selection for comprehensive coverage.
- Move on to the Destinations section, select Destination Lists and Applications for Inclusion, and then pick OpenAI ChatGPT.
- Now, it's time for action. In the Action section, you can choose to either Monitor or Block. If you're new to this, we recommend starting with the 'Monitor' action. This allows you to observe usage patterns and make a more informed decision about the potential risks and benefits.
- If you've chosen the 'Monitor' action, make sure to check out the DLP report after a week or a month. This will show you who is sharing sensitive information with ChatGPT and when, helping you decide whether a 'Block' action is required.
B. Protection of Personally Identifiable Information (PII): To safeguard the PII in your organization from ChatGPT risks, just follow the same instructions as above, but in step 4, select the 'Built-in PII Classification' instead of the compliance classifications.
C. Protection of Source Code and Intellectual Property: If your organization uses ChatGPT for activities involving source code or other intellectual property, follow these steps:
-
- First, create a new source code data classification. Navigate to Policies > Management > Policy Components > Data Classification. Click the Add button on the top right-hand side and give your data classification a recognizable name, like 'Source Code Classification'.
- Choose Source Code from the list of Built-in Data Identifiers.
- Click Save.
- After saving, revisit the instructions for 'Compliance with Data Privacy Regulations' above, but in step 4, choose your newly created Source Code Data Classification instead of the built-in ones.
The process is straightforward and will only take a few minutes of your time, but the benefits to your organization's security and compliance will be invaluable. We urge you to take these steps as soon as possible to fortify your data protection.
Want to learn more about Generative AI risks and how Umbrella can protect you, watch the webinar Protect Your Sensitive Data from ChatGPT Usage.