Varonis boosts ChatGPT Enterprise security with compliance tools

Varonis has announced the integration of its Data Security Platform with the OpenAI ChatGPT Enterprise Compliance API, aiming to provide enhanced data protection and compliance monitoring for enterprise users of ChatGPT.

The integration is designed to help organisations using ChatGPT Enterprise automatically identify sensitive data uploads, monitor the content of prompts and responses, and mitigate the risks of data breaches and compliance violations.

ChatGPT Enterprise currently serves over 3 million business users, offering productivity tools that are enhanced by access to organisational data. As these AI models become more embedded in daily workflows, maintaining strict data governance becomes increasingly important for companies managing sensitive or regulated information.

Expanded security measures

The Varonis integration is intended to offer added protection against risks such as compromised accounts, insider threats, and accidental misuse, all of which can result in data security problems or regulatory penalties. The platform supports ongoing adjustment of user permissions and continuously monitors interactions within ChatGPT to limit unnecessary data flows and alert security teams to potentially risky or abnormal behaviours.

"ChatGPT is becoming a critical part of how modern teams work. With Varonis, security teams can embrace this shift without losing visibility or control over their sensitive data," said Varonis EVP of Engineering and Chief Technology Officer David Bass.

Through its partnership with OpenAI, Varonis delivers both automated security protocols and 24/7 data monitoring, allowing organisations to adopt artificial intelligence-based solutions while maintaining their obligations around privacy and data protection.

Key functions

The new offering brings several technical capabilities with a focus on automation and real-time oversight. Automated data classification allows Varonis to detect and label sensitive materials that are either uploaded to or generated by ChatGPT Enterprise.

Continuous session monitoring ensures that any prompt or response within the ChatGPT environment is reviewed for compliance, preventing inappropriate or risky data from being uploaded or shared inadvertently. The platform also uses behaviour-based threat detection to flag unusual activity, such as large-scale file uploads or unauthorised changes to administrative access, which could indicate a potential breach.

Focus on compliance and privacy

The integration is positioned to offer both preventative and detective controls for AI-powered environments. These measures aim to ensure that users maximise the operational value of AI tools, such as ChatGPT, while minimising the risks associated with data exposure.

The Varonis solution is described as complementing existing OpenAI security and privacy controls, rather than replacing them. This approach enables organisations to deploy generative AI models more confidently, even in regulated sectors or areas handling highly confidential information.

Availability and assessment

Customers will have access to Varonis for ChatGPT Enterprise in a private preview phase. As part of this launch, organisations can request a Varonis Data Risk Assessment, which reviews current practices and assesses an organisation's readiness for adopting AI in a secure and compliant way.

Varonis continues to develop its portfolio of integrations and security tools as part of its core offering. The Data Security Platform sees application across numerous cloud environments, with a focus on automating security outcomes, data detection and response, data loss prevention, and insider risk management.