"The browser has become the main interface to GenAI for most enterprises: from web-based LLMs and copilots, to GenAI‑powered extensions and agentic browsers like ChatGPT Atlas. Employees are leveraging the power of GenAI to draft emails, summarize documents, work on code, and analyze data, often by copying/pasting sensitive information directly into prompts or uploading files. Traditional security controls were not designed to understand this new prompt‑driven interaction pattern, leaving a critical blind spot where risk is highest."
"Users routinely paste entire documents, code, customer records, or sensitive financial information into prompt windows. This can lead to data exposure or long‑term retention in the LLM system. File uploads create similar risks when documents are processed outside of approved data‑handling pipelines or regional boundaries, putting organizations in jeopardy of violating regulations. GenAI browser extensions and assistants often require broad permissions to read and modify page content."
The browser is the primary access point for GenAI in enterprises, including web LLMs, copilots, extensions, and agentic browsers. Employees often paste or upload sensitive documents, code, customer records, or financial information into prompts, risking exposure or retention by LLM systems. Traditional security controls lack visibility into prompt-driven interactions and file processing, creating an unnoticed high-risk surface. GenAI extensions may hold broad permissions to read and modify internal web app content, and mixed personal/corporate browser profiles complicate governance and attribution. Blocking AI is impractical; enforcing clear browser-level policies and controls to define and enforce safe use is required.
Read at The Hacker News
Unable to calculate read time
Collection
[
|
...
]