Microsoft Purview compliance portal: Data Loss Prevention - New ChatGPT Enterprise connector to discover and bring prompts and responses into the scope of Purview features

🚨 The Signal: Purview now connects to ChatGPT Enterprise, allowing organisations to discover, collect, and store user prompts and responses. This enables DLP policies to extend to AI interactions, mitigating data exfiltration risks.

The Impact

Security teams and compliance officers are affected by the new ability to govern AI interactions, reducing the risk of sensitive data exposure via ChatGPT Enterprise.

• Security Teams: Gain visibility into AI interactions, reducing data exfiltration risk.
• Compliance Officers: Can enforce data policies on AI content, improving regulatory adherence.
• Data Owners: Enhanced protection for sensitive data shared with AI models.
• Legal Teams: Improved eDiscovery capabilities for AI-generated content.

The Action

1. Navigate to Microsoft Purview compliance portal > Data Loss Prevention > Policies.
2. Create a new DLP policy or modify an existing one to include the ChatGPT Enterprise location.
3. Configure rules to detect sensitive information types within ChatGPT prompts and responses.
4. Define actions for policy violations, such as blocking, auditing, or notifying.
5. Monitor DLP alerts and reports for ChatGPT Enterprise interactions.

Domain: Purview · Impact: high · Workload: Microsoft Purview