Recent DiscussionsMost RecentNewest TopicsMost LikesSolutionsTagged:TagRe: How are folks limiting what employees share with unauthorized LLMs? I continue to work on a blog on the topic and I am excited about where this is headed. Here are some of the approaches I am researching: Microsoft Defender’s Application Guard: Microsoft Defender Application Guard offers a secure, lockdown browser environment specifically for LLM or chat sites. This setup allows organizations to control user interaction with these sites, including blocking certain websites or limiting functionalities like clipboard access. For more information, visit https://learn.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-application-guard/mdag-overview Policy Implementation via GPO and Intune: https://learn.microsoft.com/en-us/mem/intune/ Microsoft Defender for Endpoint’s URL Blocking: Microsoft Defender can be used for blocking unauthorized LLM access through URL blocking, a feature outlined in https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/manage-indicators?view=o365-worldwide Defender for Cloud Apps: Defender for Cloud Apps can be used to block access to certain LLMs based on user activity monitoring. Further details can be found in https://learn.microsoft.com/en-us/cloud-app-security Incorporating Azure Firewall for Enhanced Protection: Azure Firewall can block website categories, such as "chat," to control access to chat-related websites and services. This feature is detailed here: https://learn.microsoft.com/en-us/azure/firewall/features#web-categories ***Please continue to share ideas*** Re: How are folks limiting what employees share with unauthorized LLMs?Thanks Bill, for sharing, I will add that to the list.How are folks limiting what employees share with unauthorized LLMs? A common question I encounter is how companies are preventing their employees from sharing sensitive information with unauthorized LLMs. Some of the initial solutions include DLP (Data Loss Prevention) and modifying the network filter. I wonder what Windows offers in this regard, but more importantly - what are the best practices in the industry? Microsoft Defender Application Guard can be configured to open specific LLM/chat-sites in a lock down browser and control how users interact with the content. With application guard you can block specific sites or limit clipboard, etc. GPO: Configure the Group Policy settings for Microsoft Defender Application Guard GPO & Intune: Windows 10 - All Things About Application Guard - Microsoft Community Hub How do you prevent, control, or track your employees' access to unapproved LLM/chat-sites? Are Any Defender Experts customers using Enhanced Phishing Protection in Microsoft Defender? If you are running Windows 11(version 22H2) in your environment, a newly introduced feature enhances phishing protection by prompting users to exercise caution before entering their passwords in potentially insecure spaces, such as on malicious websites. If a user signs into Windows using a password, Enhanced Phishing Protection works alongside Windows security protections, and helps protect typed work or school password used to sign into Windows 11 in these ways: If users type or paste their work or school password on any browser, into a site deemed malicious by Microsoft Defender SmartScreen, Enhanced Phishing Protection alerts them. It also alerts them to change their password so attackers can't gain access to their account. Reusing work or school passwords makes it easy for attackers who compromise a user's password to gain access to their other accounts. Enhanced Phishing Protection can warn users if they reuse their work or school Microsoft account password on sites and apps and alert them to change their password. Since it's unsafe to store plaintext passwords in text editors, Enhanced Phishing Protection can warn users if they store their work or school password in Notepad, Word, or any Microsoft 365 Office app, and recommends they delete their password from the file. If users type their work or school password into a website or app that SmartScreen finds suspicious, Enhanced Phishing Protection can automatically collect information from that website or app to help identify security threats. For example, the content displayed, sounds played, and application memory. Read more about Enhanced Phishing Protection in Microsoft Defender SmartScreen and how to deploy via Intune and/or GPO here: Enhanced Phishing Protection in Microsoft Defender SmartScreen - Windows Security | Microsoft Learn
Recent Blog ArticlesNewest TopicsMost LikesTagged:TagSecurity Analyst Profile: Arlette Umuhire Sangwa "It's not just about protecting data - it's about safeguarding the very services and institutions that are crucial for our society, especially in times of crisis." Security Analyst Profile: Amanda Cantero Schilling "Securing the digital frontier is not just about stopping cyber threats; it's about understanding the ever-evolving landscape, fostering genuine connections with our customers, and embracing t...Service Delivery Manager Profile: Meiko Lopez "Be steadfast in the truth - providing comfort and assurance to the customers that you will help them to a resolution." Service Delivery Manager Profile: Sachin Kumar “As an SDM, I am committed to walking this path of security alongside our Defender Experts for XDR customers.” The Vital Role of a Service Delivery Manager: Your Defender Experts for XDR Trusted Advisor This blog explores examples of how service delivery managers enhance your Defender Experts for XDR journey.
