Netskope Global Technical Success (GTS)

Advance Analytics - Generative AI Utilization Report

Netskope Cloud Version - 127

Objective

How to begin your Generative AI protection journey with Netskope

Prerequisite

Netskope Next-Gen SWG license

Context

With Netskope Advanced Analytics, customers gain a deeper understanding of their traffic utilization. In this document, we will discuss an Advanced Analytics dashboard that helps customers understand their Generative AI usage. This insight will support them in building a structured and effective Generative AI policy framework.

Author Notes

• If you're a Netskope customer seeking guidance on Generative AI best practices, please reach out to the Netskope GTS team by submitting a support case with ‘Case Type: How-To-Questions’.
• This knowledge base article includes two Netskope Advanced Analytics (AA) dashboards. Their usability depends on the customer's AA data retention license.

1. Generative AI utilization report - Last 07 Days
2. Generative AI utilization report - Last 03 Months

• How to upload these dashboards on your Netskope Tenant?

Path: Netskope Tenant UI >>> Advanced Analytics >>> Groups

• How to validate Netskope Advanced Analytics (AA) data retention?

Path: Netskope Tenant UI >>> Advanced Analytics 

• Netskope Advanced Analytics (AA) data retention can be extended up to 13 months by purchasing an additional license. Please contact your Netskope Account Manager for more information.

Details

• There are 3 sections in the report -

1. High Level Statistics 
2. Transaction Details
3. Activity Details

Customer Action Needed

• If Generative AI apps are in use but none of them are sanctioned Generative AI apps -

Ref. -

Result -

1. Customers should review the discovered Generative AI apps and determine which ones can be marked as sanctioned.
2. Take action to stop or restrict use to unsanctioned Generative AI apps.
3. If your organization permits the use of Generative AI apps but does not have a list of sanctioned applications, ensure that end-users only access Generative AI tools that comply with global security and privacy standards—such as ChatGPT, Microsoft Copilot, or Google Gemini.

• If your organization does not have a paid subscription for any Generative AI apps, but your corporate domain appears in instance discovery.

Lets assume gmail.com represents a corporate official domain. This means that end-users are logging into ChatGPT with their corporate credentials

Result - Netskope enables instance detection, allowing customers to apply the necessary controls to prevent the use of ChatGPT with corporate credentials.

• Section - Activity Details will provide insights about your Upload, Post activities

Ref. - 

Result - It is recommended to implement DLP controls activities ‘Upload, Post’ to stop sensitive data exfiltration.

Terms and Conditions

• All documented information undergoes testing and verification to ensure accuracy.
• In the future, it is possible that the application's functionality may be altered by the vendor. If any such changes are brought to our attention, we will promptly update the documentation to reflect them.

Notes

• This article is authored by Netskope Global Technical Success (GTS).
• For any further inquiries related to this article, please contact Netskope GTS by submitting a support case with 'Case Type – How To Questions'.