Forum Discussion
How are folks limiting what employees share with unauthorized LLMs?
Hey JoeCicero
You can use Microsoft Defender to block unauthorized access to LLMs by blocking the URLs under Settings > Endpoints > Rules > Indicators
This will block any LLM's across your org running Defender for Endpoint Agent on the device
Other ways you could block users from access LLM's would be Defender for Cloud Apps by adding a Policy in to block certain apps based on conditions like monitoring etc
I continue to work on a blog on the topic and I am excited about where this is headed. Here are some of the approaches I am researching:
Microsoft Defender’s Application Guard:
- Microsoft Defender Application Guard offers a secure, lockdown browser environment specifically for LLM or chat sites. This setup allows organizations to control user interaction with these sites, including blocking certain websites or limiting functionalities like clipboard access. For more information, visit https://learn.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-application-guard/mdag-overview
- Policy Implementation via GPO and Intune: https://learn.microsoft.com/en-us/mem/intune/
Microsoft Defender for Endpoint’s URL Blocking:
- Microsoft Defender can be used for blocking unauthorized LLM access through URL blocking, a feature outlined in https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/manage-indicators?view=o365-worldwide
Defender for Cloud Apps:
- Defender for Cloud Apps can be used to block access to certain LLMs based on user activity monitoring. Further details can be found in https://learn.microsoft.com/en-us/cloud-app-security
Incorporating Azure Firewall for Enhanced Protection:
- Azure Firewall can block website categories, such as "chat," to control access to chat-related websites and services. This feature is detailed here: https://learn.microsoft.com/en-us/azure/firewall/features#web-categories
***Please continue to share ideas***