ChatGPT use is increasing exponentially among enterprise users, who are using it to help with the writing process, to explore new topics, and to write code. But, users need to be careful about what information they submit to ChatGPT, because ChatGPT does not guarantee data security or confidentiality. Users should avoid submitting any sensitive information, including proprietary source code, passwords and keys, intellectual property, or regulated data. This blog post explores how well enterprise users are following this guidance.
Users posting sensitive data to ChatGPT
For the four-week period starting May 8, 2023 through June 4, 2023, Netskope Threat Labs tracked four different types of sensitive data posted to ChatGPT. Source code (mostly Python, Javascript, and Java) led the pack with 28 out of every 10k users submitting source code to ChatGPT. Intellectual property (as defined by organization DLP policies) came in second, with 22 out of every 10k users posting intellectual property. Passwords and keys came in third, followed by regulated data, mostly personally identifiable information (PII), financial data, and healthcare data.
Frequency of sensitive data posted to ChatGPT
For the same four-week period starting on May 8, 2023 through June 4, 2023, there were 461 incidents of sensitive data posted to ChatGPT per 10k enterprise users. Source code and intellectual property were posted most frequently, each with hundreds of posts per 10k enterprise users, while passwords and keys and regulated data were posted much less frequently, with only tens of posts per 10k enterprise users.
Ativando o ChatGPT com segurança
Os clientes da Netskope podem habilitar com segurança o uso do ChatGPT com controle de acesso a aplicações, treinamento de usuários em tempo real e proteção de dados.
Sobre esse blog post
A Netskope oferece proteção contra ameaças e dados a milhões de usuários em todo o mundo. As informações apresentadas nesta postagem do blog baseiam-se em dados de uso anônimos coletados pela plataforma Netskope Security Cloud relacionados a um subconjunto de clientes da Netskope com autorização prévia. As estatísticas são baseadas no período de 8 de maio de 2023 a 4 de junho de 2023. As estatísticas são um reflexo do comportamento do usuário e da política da organização.
The stats presented in this blog post are based on more than 300,000 users in organizations that have implemented DLP policies to monitor and control what content users are posting to ChatGPT.