Solved

Netskope DLP use cases for ChatGPT

  • 13 April 2023
  • 8 replies
  • 132 views

Userlevel 4
Badge +10

With the growing popularity and use of ChatGPT, it is increasingly important to also monitor and secure private details and company confidential information from being shared with ChatGPT. 

As the Customer Zer0 team (CISO group), we have implemented some DLP rules for ChatGPT. Please note that currently, Netskope does not yet have a predefined connector for ChatGPT. We would hence need to create a custom connector so that DLP rules can be applied instead of an outright block to the webapp. We want our users to continue to use ChatGPT with discretion in an enterprise environment. This custom connector can be built from HAR logs. 

Here’s what we have in place:

Realtime policy

 

The Netskope chatgpt custom DLP profile contains the ‘netskope’ keyword. 

Results and end-user experience

In this example, DLP source code classifier is getting triggered, and hence the question is not being posted to ChatGPT. 

 

PII and PCI data being blocked from getting posted to ChatGPT. 

 

Let us know which use cases you would like to implement for ChatGPT with Netskope DLP.

 

Note: This blog post was tested and developed when the predefined ChatGPT connector was not yet available to configure in Netskope's Real-time policies. With R104 now rolled out, the predefined ChatGPT connector is available to be configured in policies. 
Please refer  https://community.netskope.com/t5/Next-Gen-Secure-Web-Gateway-SWG/Netskope-Next-Gen-Secure-Web-Gateway-Controls-for-ChatGPT/m-p/3646 for more details. 

icon

Best answer by madhurasridhar 17 May 2023, 02:01

View original

8 replies

Badge +5

Does this support only block activity?

I tried to setup a policy in Alert, block & user alert mode, there is some inconsistency, Alert & User alert is not working & Block policy it worked only on PII data and not on sourcecode.

Badge +5

For me DLP policies is not working, when I just create a normal SWG policy then only it is working.

Badge +12

Hi all, @madhurasridhar , thanks for the post.

 

We found the reason DLP is not working for chatGPT.

ChatGPT input is sent as a HTTP POST, sending the message inside the JSON payload.

The problem comes when the input text contains newline characters.

Nweline characters are sent as ' ' and Netskope does not treat these as newline but as a literal '' and an 'n'.

This means if I send for instance a list of card numbers or SSN numbers as follows:

132412341234

132412341234

 

What is being actually sent is "132412341234 132412341234".

Netskope sets implicitly word boundaries to entities, this means word boundary characters (dot, coma, semicolon, whitespace, etc) must be found before and after the sensitive data to match.

 

Considering the format the data is sent to chatgpt, what netskope sees is:

"132412341234" and "n132412341234".

Thus the second SSN numbers won't match because of the start 'n' .

 

If you send the same SSN separated by whitespace instead of newline it matches correctly.

 

We have reported this to our TAM as well asking for an ER to allow us to decide if word boundary are desired or not.

Regarding how is netskope supposed to read ' ', this is more complicated matter. The first approach should do the trick.

 

I hope my explanation is clear. Please let me know if you need more info or details.

Thanks and regards,

Ă’scar

Userlevel 4
Badge +10

Hi @shivamparikh yes, only block policy can be configured too. Did you create the custom app for ChatGPT similar to ours? In case you are having any issues with the test, please send an email to support@netskope.com 

Userlevel 4
Badge +10

Hi @oscar thanks for the detailed info. This surely will be helpful for us, and also other customers who have a similar policy for ChatGPT. 

Badge +3

I suggest this for a short term solution.

""" is considered as delimiter by Netskope.
The regex below should match both "132412341234" and "n132412341234"

[n|]d{12}
Badge +12

Hello @tikeda , thanks for the suggestion.

 

EDIT: the solution below WORKS.

 

The inconvenience I see is, since we are using builtin data identifiers, the suggested tunning would require us to create a custom entity just to add the potential initial "n". This should be done for every builtin you are using.

 

an example for SSN:

Kind regards,

Ă’scar

Userlevel 4
Badge +10

Note: This blog post was tested and developed when the predefined ChatGPT connector was not yet available to configure in Netskope's Real-time policies. With R104 now rolled out, the predefined ChatGPT connector is available to be configured in policies. 
Please refer  https://community.netskope.com/t5/Next-Gen-Secure-Web-Gateway-SWG/Netskope-Next-Gen-Secure-Web-Gatew... for more details. 

Reply