I have been tasked with allowing our user population to have access to the Generative AI category while also protecting the company and our patients by preventing uploads of any files with PHI in them to anything other than our internal instance of Copilot.
I have created Realtime policies that I believe achieve this goal, but I have encountered an issue where certain AI sites do not upload the file in a format which Netskope can see into. Specifically, Grok uploads files as a blob while Quillbot and Heidi Health AI upload the file in blob, json or webm formats.
Is there a way for Netskope to be able to view these file uploads and apply our PHI profiles to the upload? I have not seen any documentation which addresses this, and I am curious if anyone else in the community is running into a similar problem.
We also noticed that Netskope currently lacks clear visibility into some popular GenAI applications. At this time, neither prompts nor files can be detected.
Hello MSpalding
Kindly raise a case with Netskope GTS
Case Type: How-to-Question
I will assist you with your business use-case
Thanks
Case 00557881 has been opened. Someone by the name of Julian Eraso Mancilla has taken ownership of it. You may need to coordinate with him to either take ownership or explain what it is you think can be done for this issue.
We have also tested multiple GenAI apps and discovered that AI models such as Grok and Claude may be unable to detect or inspect user prompt content.
All,
Thanks for your patience
My findings are below -
Platform - Grok xAI
- Netskope Predefined Cloud App connector - Not available
- Product Enhancement request - IDEA-4656 Grok App connector
- Tentative Release date - Not available
- Workaround -
- DLP on activity POST
Kindly review - https://community.netskope.com/grok-xai-128/grok-xai-dlp-on-activity-post-8067
- DLP on activity Upload
Under testing (I will update the thread with the link post testing)
Thanks
I look forward to seeing what the test results for activity Upload will be. That is the specific activity I’m looking for resolution on. But I appreciate the other content that you have shared here and in my support ticket.
Hello All &
Thanks for your patience
To better understand Upload activity on Grok, kindly review -
DLP on Grok uploads is not possible at the moment because the data gets encoded in Base64. We need to wait for pre-defined cloud app connector. Netskope product management is working on the same.
Thanks
Reply
Login to the community
If you haven't already registered, now is a good time to do so. After you register, you can post to the community, receive email notifications, and lots more. It's quick and it's free! Create an account.
Login with SSO
Employee PartnerEnter your E-mail address. We'll send you an e-mail with instructions to reset your password.