We are currently exploring governance solutions for Generative AI and AI-enabled applications, aiming to support around 10,000 users in our organization. Our specific interests include features such as shadow AI discovery with visibility into user activities, risk scoring for unsanctioned apps, tenant-level controls to distinguish between free and enterprise offerings, prompt-level data masking, element-based webpage interaction controls, just-in-time access provisioning, and step-up authentication for high-risk AI activities. One solution we're considering is layerx, but we would love to hear any experiences or alternatives from others in a similar position.
2 Answers
Having tenant-level controls to separate free and enterprise AI tools sounds crucial, especially since many employees tend to use free versions that may lack data protection. We set up a Cloud Access Security Broker (CASB) that helps manage this by blocking free versions and guiding users to the enterprise options with proper security measures. Just keep in mind, it needs thorough integration with your identity provider and you’ll need a solid policy on which AI apps are approved.
Just a heads up—almost all major AI services can be directed to their enterprise versions using a proxy that adds a specific header. Check out this link for a detailed guide.
I've been using layerx for about eight months, and it covers most of your requirements quite well. The shadow AI discovery feature helped us identify several teams using personal accounts for ChatGPT without our knowledge. The prompt-level data masking feature works, but make sure to refine the policies to avoid getting overwhelmed with false positives. Plus, the installation was super easy since it’s just a browser extension—no need for network changes!
Do you have any info on the pricing?
Which CASB did you go with?