With the recent announcement of OpenAIâs ChatGPT desktop application for macOS, users gain access to LLM workflows outside of their browser. ChatGPTâs broad adoption by employees across industries, and around the world, has put employers, compliance, and security teams into high gear as they seek to balance the gains made in productivity with the potential risks of how these tools are being used.
One of the most common concerns among employers when it comes to the utilization of generative AI is the possibility of sensitive or secure company data being fed into the larger ChatGPT training model, which is then used by individuals external to the organization.
In August of 2023, OpenAI announced their Enterprise offering of ChatGPT which introduced collaboration functionality, as well as security and privacy guardrails. Specifically with regards to model training they called out the following:
You own and control your business data in ChatGPT Enterprise. We do not train on your business data or conversations, and our models donât learn from your usage.
This enterprise functionality was enthusiastically welcomed by teams who could now implement generative AI into their workflows while mitigating the risk it posed to their company.
However, these guardrails are only effective as long as employees are logged into an enterprise workspace, and not their personal workspace. Itâs crucial then to verify that the ChatGPT desktop app is configured properly to ensure data is not going somewhere it isnât supposed to.
By default, the ChatGPT app opens with the sidebar closed. This hides not only your chat history, but also your logged-in workspace:
When we open the sidebar, we can see this account is actually logged into a personal workspace:
Thatâs why weâre excited to announce a new Check for the ChatGPT macOS app which ensures users are not using their personal ChatGPT workspace while logged into the app.
Verifying Active Account and Workspace ID
The ChatGPT app keeps preferences and settings stored on disk, including what user accounts are logged in, and which account/workspace is currently active. In order to validate users are working on the correct account, an administrator must provide their Workspace ID, which can be retrieved from the OpenAI ChatGPT admin portal.
Your team may have more than one workspace, which is why you can provide as many as necessary.
1Password Extended Access Management will then retrieve the local settings from the userâs ChatGPT desktop app, and verify that the active workspace matches one of the IDs youâve provided. If the active ChatGPT workspace does not match one of your provided values, end-users will be prompted to switch workspaces as shown below:
- Ensure you are logged into the user account
johnny-appleseed. - Open Spotlight search via the following keyboard shortcut: âCommand + Spacebarâ.
- Type
chatGPT.appto locate your ChatGPT application and press Enter to launch. - With the ChatGPT app open and the window in focus, expand the sidebar by clicking the icon in the upper-left corner.
- On the bottom of the sidebar, click your name to reveal a list of alternative accounts.
- Select the account associated with your organization.
- Close the application.
If you do not see an alternative account to choose, please contact your IT team for support. In the meantime, you can log out of the application to pass the check.
What if the ChatGPT app isnât installed, or isnât logged in?
Only users with the desktop app installed will be considered in-scope for this Check, and those without the app installed will pass automatically. Likewise, users who have installed the app but have not yet logged in will be considered passing. Only users who are logged in with an active Workspace ID which does not match your supplied values will be reported as failing this Check.
Reducing the risk of LLM usage with 1Password Extended Access Managementâs ChatGPT Check
In a recent survey of knowledge workers conducted by Kolide, 89% of respondents reported using AI for work-related purposes at least once per month. AI-based tools are becoming as ubiquitous as the calculator and their prevalence within the workspace shows no sign of slowing. The genie cannot be put back in the bottle, but we must be able to verify these tools are being used appropriately and safely.
1Password Extended Access Managementâs ChatGPT Check helps employees use the workflows that make them most productive, without putting the companyâs data at risk, by making sure that data is going only where it is intended and nowhere else.
Fritz Ifert-Miller
Principal Product Manager
Tweet about this post