Palo Alto Networks Stops AI App Data Leakage in Its Tracks

May 03, 2023
4 minutes

This post is also available in: 繁體中文 (Chinese (Traditional))

ChatGPT is the fastest growing consumer application in history, with 100 million monthly active users just two months after launch. While these AI apps can significantly boost productivity and creative output, they also pose a serious data security risk to the modern enterprise.

Many organizations may be surprised to learn that their employees are already using AI-based tools to streamline their daily workflows, potentially putting sensitive company data at risk. Software developers can upload proprietary code to help find and fix bugs, while corporate communications teams can ask for help in crafting sensitive press releases.

To safeguard against the growing risk of sensitive data leakage to AI apps and APIs, we are excited to announce a new set of capabilities to secure ChatGPT and other AI apps as part of our Next-Generation CASB solution that includes:

  • Comprehensive app usage visibility for complete monitoring of all SaaS usage activity, including employee use of new and emerging generative AI apps that can put data at risk.
  • Granular SaaS application controls that safely enable employee access to business-critical applications, while limiting or blocking access to high risk apps—including generative AI apps—that have no legitimate business purpose.
  • Advanced data security that provides ML-based data classification and data loss prevention to detect and stop company secrets, personally identifiable information (PII), and other sensitive data from being leaked to generative AI apps by well-intentioned employees.

How Palo Alto Networks Safeguards Against ChatGPT Data Leakage

If you are an existing Palo Alto Networks Prisma Access or NGFW customer, you can purchase a license for our NG-CASB bundle and the new ChatGPT capabilities activate immediately. Palo Alto Networks Next-Generation CASB customers can now help secure against the risk of data leaks to ChatGPT by providing visibility, controlling usage, and preventing sensitive data loss.

Comprehensive App Usage Visibility

Today, any NGFW, VM-Series, Prisma Access, or Prisma SD-WAN customers have complete visibility into the traffic on their network. Traffic to ChatGPT is captured through the App-ID openai-chatgpt, which can be discovered via a simple search on the firewall. Our Next-Gen CASB customers now have the ability to leverage additional application-level security and privacy insights into ChatGPT.

Granular SaaS Application Controls

Access to ChatGPT can be granularly controlled by user or user group, and by application function. For example, access to ChatGPT can be limited to a subset of privileged users, or the app’s messaging features and API can be specifically blocked.

Control can be accomplished via firewall policy using App-ID control, or even via a new “artificial intelligence” SaaS category within Next-Gen CASB, Prisma Access, or NGFW.

Advanced Data Security

Our Enterprise Data Loss Prevention (DLP) solution performs inline, ML-powered data classification in real-time to detect and block sensitive data from leaving your network. This empowers administrators to create inline data loss prevention policies that can identify and stop sensitive data loss to generative AI apps such as ChatGPT without having to completely block access to the application.

Because NG-CASB with Enterprise DLP is delivered across our entire network security platform, including both NGFW and Prisma Access, customers can apply a single, consistent data security policy that applies to users in the office, as well as to employees at home or abroad.

Securing your organization from sensitive data loss to ChatGPT is as easy as adding the NG-CASB bundle to your Palo Alto Networks NGFW or Prisma Access deployment, or simply adding inline DLP, and creating the policies described above.

As new generative AI apps arise on an ongoing basis, we will continue expanding our app catalog to provide comprehensive data protection for our customers. For more information on how to help stop data leakage that can arise from the use of AI-based apps like ChatGPT, contact Palo Alto Networks to get started today.


Subscribe to Sase Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.