Since launching ChatGPT in 2022, OpenAI has defied expectations with a gentle stream of product bulletins and enhancements. One such announcement got here on Could 16, 2024, and for many customers, it most likely felt innocuous. Titled “Enhancements to information evaluation in ChatGPT,” the submit outlines how customers can add information instantly from Google Drive and Microsoft OneDrive. It is price mentioning that different genAI instruments like Google AI Studio and Claude Enterprise have additionally added comparable capabilities just lately. Fairly nice, proper? Possibly.
If you join your group’s Google Drive or OneDrive account to ChatGPT (or different genAI instruments), you grant it in depth permissions for not solely your private information, however sources throughout your complete shared drive. As you may think, the advantages of this sort of in depth integration include an array of cybersecurity challenges.
So, how are you going to discover out if workers have enabled the mixing between ChatGPT and Google Drive, and how are you going to monitor which information have been accessed? This submit walks by way of how to do that natively in Google Workspace, and the way Nudge Safety may also help you uncover all genAI apps in use, and what different apps they have been built-in with.
The place to see ChatGPT exercise in Google Workspace
In Google Workspace, there are a pair methods to determine and examine exercise related to the ChatGPT connection.
From Google Workspace’s Admin Console, navigate to Reporting > Audit and investigation > Drive log occasions. Right here you will see a listing of Google Drive sources accessed.
You can even examine the exercise by way of API calls underneath Reporting→Audit and investigation→ Oauth log occasions.
So, periodically checking your Google Workspace admin console may also help you perceive what sources are being accessed by ChatGPT, however seeing this exercise after it has already occurred is in fact much less beneficial than getting alerted as quickly as new integrations are created with ChatGPT. That is the place Nudge security may also help.
Tips on how to see all genAI integrations with Nudge Safety
Nudge Safety discovers all accounts ever created by anybody in your group for any SaaS software, together with ChatGPT and the quickly increasing checklist of newly created genAI instruments, with out requiring any prior data of the device’s existence. With the built-in AI dashboard, clients can sustain with AI adoption and proactively mitigate AI security dangers.
Moreover, Nudge Safety surfaces your complete group’s OAuth grants, akin to these granted to ChatGPT, inside a filterable OAuth dashboard that features grant sort (sign-in or integration), exercise, and danger insights. Filter by class to see all grants related to AI instruments:
Click on on a grant to open a element display, the place you possibly can overview a danger profile, particulars on who created the grant and when, entry particulars, scopes granted, and extra:
You may then ship a “nudge” to the creator of the grant by way of Slack or e-mail to take a sure motion, like limiting the scope of the grant, or you possibly can instantly revoke the grant from throughout the Nudge Safety person interface.
Lastly, you possibly can arrange a customized rule to make sure that you’re notified when a person at your group creates an OAuth grant for ChatGPT—or another genAI app for that matter. You can even create guidelines to be alerted instantly when new genAI accounts are created, and nudge new genAI customers to overview and acknowledge your genAI acceptable use coverage.
Balancing productiveness with security
Whereas the mixing of ChatGPT with Google Drive and Microsoft OneDrive gives immense potential for bettering productiveness, it additionally opens the door to vital security dangers. Organizations should method these integrations with a transparent understanding of the potential dangers and implement correct governance and security measures to mitigate them.
Nudge Safety gives visibility in addition to context and automation to assist companies undertake genAI instruments with out compromising information security.
Begin a free, 14-day trial right this moment to right away uncover all genAI apps ever launched to your group together with all integrations into your different purposes.
