One Article Review
| Source |  ProofPoint |
|---|---|
| Identifiant | 8647971 |
| Date de publication | 2025-02-10 05:55:21 (vue: 2025-02-11 05:07:42) |
| Titre | GenAI Tools Were Putting a Retailer\\'s Data at Risk-Here\\'s How Proofpoint Helped |
| Texte | This blog post is part of a three-part series that explores why companies are choosing Proofpoint Data Security solutions. It focuses on the unique challenges of various industries when it comes to keeping data safe. When it comes to adopting generative AI (GenAI) tools, organizations can face significant data loss risks. While many business teams want to adopt tools like ChatGPT, Microsoft Copilot and Google Gemini, security teams may not be ready for the added risk. After all, it\'s easy for users to inadvertently expose sensitive data and intellectual property (IP) to AI copilots. Many organizations simply lack governance processes and robust data controls to stop them. In this blog post, we\'ll take a look at how one major U.S. retailer safely adopted GenAI tools by using Proofpoint Data Security and ZenGuide to enforce its acceptable AI use policies and protect its data. Lack of AI governance puts source code at risk E-commerce is a big part of this retailer\'s business. As a result, it relies on internally developed code to support its operations. Recently, the company\'s senior manager of data protection and governance was dismayed to discover that software developers were using GenAI tools in ways that exposed sensitive source code and passwords. He also saw that business teams were using tools like Grammarly and ChatGPT to develop content. To address the risk of data loss, they started to block access to these tools via the company\'s secure web gateway (SWG). However, after the security team and business stakeholders discussed the issue, they decided that a more comprehensive approach was needed. That\'s how the company\'s AI governance project started. Empowering the workforce with safe GenAI practices The company wanted to protect its data from being exposed through GenAI tools. It also wanted to maintain its business agility. To do both, the security team implemented the following measures using Proofpoint Data Security, ZenGuide and a third-party SWG: Blocked access to unapproved GenAI tools. The team created SWG rules to block general access to a Proofpoint-curated list of over 600 GenAI sites, including ChatGPT, Microsoft Copilot, DeepSeek, Google Gemini, Claude and more. Individual-level exceptions were made after the team spoke with business unit (BU) leaders one-on-one. Trained users on GenAI security. A security training and awareness program was launched in collaboration with the legal and HR teams to teach employees about proper GenAI usage. Only users who had completed their Proofpoint ZenGuide training were granted access to GenAI tools. Monitored AI prompts. Proofpoint Endpoint DLP and browser extension was used by the team to monitor user and data activity across a list of GenAI sites, which was curated by Proofpoint. If developers did not follow their training or they misused the tools and exposed proprietary code or passwords, alerts were generated and BU leaders were informed. Identified the people using GenAI tools. Proofpoint People Risk Explorer was used by the team to understand how employees, business units and other groups were using GenAI tools. This dashboard allowed the Data Protection manager to easily point out risks to BU leaders such as when employees were entering large amounts of data into AI tools or using them without the proper training. Identified shadow AI applications. Proofpoint CASB was used by the team to monitor and control OAuth authorizations for unauthorized or risky shadow AI applications like Grammarly. Balancing innovation and security Proofpoint provided this retailer with both technology and expertise. As a result, it was able to realize the business benefits of GenAI tools while also minimizing risks to its data security. By combining visibility, training and targeted controls, Proofpoint ensured that GenAI tools were adopted safely and effectively. Learn more To find out how other companies are using Proofpoint to protect their sensitive data from risky users, read the other blogs in this series: Why a Global Services |
| Notes | ★★★ |
| Envoyé | Oui |
| Condensat | 600 able about acceptable access across activity added address adopt adopted adopting after agility alerts all allowed also amounts applications approach are authorizations awareness balancing being benefits big block blocked blog blogs both browser business can casb challenges chatgpt chemical choosing chose claude code collaboration combining comes commerce companies company completed comprehensive content control controls copilot copilots created curated dashboard data decided deepseek develop developed developers did discover discussed dismayed dlp easily easy effectively employees empowering endpoint enforce ensure ensured entering exceptions expertise explorer explores expose exposed extension face find fixed focuses follow following from gateway gemini genai general generated generative global google governance grammarly granted groups had help helped here how however identified implemented inadvertently including individual industries informed innovation intellectual internally issue its keeping lack large launched leaders learn legal level like list look loss made maintain major manager many may measures microsoft minimizing misused monitor monitored more more needed not oauth one only operations organizations other out over part party passwords people point policies post practices problem processes program project prompts proofpoint proper property proprietary protect protection provided puts putting read ready realize recently relies result retailer risk risks risky robust rules safe safely saw secure security senior sensitive series series: services shadow significant simply sites software solutions source spoke stakeholders started stop such support swg swg: take targeted teach team teams technologies technology that them these third three through tools trained training unapproved unauthorized understand unique unit units usage use used user users using various visibility want wanted ways web when which who why without workforce your zenguide |
| Tags | Tool |
| Stories | ChatGPT |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.