We're currently looking into how different teams, such as support, HR, and operations, are using AI tools internally. A major concern we have is that users are inputting sensitive information into these browser-based tools. This includes personal details like names and addresses, internal ticket information, and even financial data. While we can block certain domains and monitor traffic, that doesn't address the issue of users simply pasting data into text boxes.
To tackle this, I've been testing a browser-layer solution that detects UK-specific personally identifiable information (PII) such as postcodes and bank details. This tool highlights such data inline using the Highlight API and enables one-click redaction before any submission occurs, all while processing everything locally without sending data elsewhere.
Has anyone else implemented a similar solution at scale, or does your approach rely solely on policy and training? It seems like traditional data loss prevention methods may not fully cater to the ways AI is being used today.
3 Answers
I use Crowdstrike Data Protection for this. While it doesn’t redact PII, it does block file and clipboard pasting for designated classifications.
If your system is running everything locally, what's the issue? What model are you using?
If it's truly local, the risk is much lower. People usually worry less about where the model is and more about potential data leaving the environment through integrations or logging.
Prompt security is designed to stop PII from being sent in these chat windows. Personally, I wouldn't recommend it since it's not very well structured based on my experience. I've been pushing for improvements before my blog post. Some enterprise DLPs are trying to prevent PII transmission, but they tend to alert users after data has already been sent, which isn't ideal. Plus, a lot of these DLP solutions increase the attack surface and can inadvertently exfiltrate sensitive information.
I’ve noticed the same issue. Many DLP solutions focus on detection and alerting after data is shared, rather than blocking it beforehand. I completely agree on being cautious with browser extensions—they need stringent trust assumptions.
That’s a solid method for controlling data exfiltration through clipboard or file movements. However, it still doesn't solve the immediate issue of users inputting sensitive data before those controls can activate.