In r/AskNetsec and r/sysadmin, teams describe blunt enforcement for shadow AI by blocking Claude and ChatGPT portals and backing it with policy, while others argue for ZTNA style allowlists to avoid killing productivity.
Block access to the online portals eg claude, chatgpt.
Specify the above rules in a policy that everyone signs saying they have read and understand it.
Block everything else. You'll need some sort of ZTNA proxy like Netskope or ZScaler or some other filtering mechanism
Don't get me wrong, AI is a thing we do need to use.
struggling to get a handle on shadow AI usage.
Traditional DLP and CASB solutions seem to miss a lot of this.
This finding is one of many signals tracked across Cyber Security. The live feed updates every few hours with new expert voices, debates, and emerging ideas.
← Back to Cyber Security