# Protect sensitive data going to personal apps

### Instructions - Prevent sensitive data uploaded to Chat GPT

1. Login to [chat.openai.com](https://chat.openai.com/) - You may notice a warning bar on the top suggesting enterprise AI usage policy. This is a feature designed to steer employees towards sanctioned gen AI apps for usage. This can be customized under settings > Gen AI Applications

<figure><img src="https://3445546350-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FCOPyPH96yT28iIQunxBe%2Fuploads%2FxruZYu9e23r4ilatNN9A%2Fchatgpptpng.png?alt=media&#x26;token=a3dd4fd7-f773-474d-a6e7-7bb44d6eb25c" alt=""><figcaption></figcaption></figure>

2. Try posting some sensitive information such as an API key or a credit card number. Below are some samples

````python
```python
import stripe
stripe.api_key = "sk_test_4eC39HqLyjWDarjtT1zdp7dc"

starter_subscription = stripe.Product.create(
  name="Starter Subscription",
  description="$12/Month subscription",
)
```
````

```
Is this a valid credit card number?

5100000010001004
```

3. An alert will pop up on the bottom left of the screen allowing the user to redact contents before posting.&#x20;

<figure><img src="https://3445546350-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FCOPyPH96yT28iIQunxBe%2Fuploads%2FKVj234LFYBVBEFTTRm7U%2Fcredit_card_alert.png?alt=media&#x26;token=8d375903-d617-4842-8199-f3ec6bb722cb" alt=""><figcaption></figcaption></figure>

4. User could click on the Redact button to see the sensitive information being masked.
5. Even if the information was maked prior to posting the information, a corresponding "averted incident" will be logged in the system. This can be accessed from Incidents > Incidents averted as shown below

<figure><img src="https://3445546350-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FCOPyPH96yT28iIQunxBe%2Fuploads%2F5ze1bI5wq5AASlh7gb8X%2Fincidents%20screen.png?alt=media&#x26;token=416b7c27-487f-4584-860e-176c6037a76c" alt=""><figcaption></figcaption></figure>

6. Customers have the option to store this information on their own S3 buckets if desired
7. If the redact was performed by the user, this gets logged as an incident to review with "high" severity

### Other supported applications

| **S No.** | **App name**         | **Sensitive information sharing detection - Attempted** | **Sensitive Information sharing detection - Leaked** | **Redact sensitive Information support** |
| --------- | -------------------- | ------------------------------------------------------- | ---------------------------------------------------- | ---------------------------------------- |
| 1         | Chat GPT             | Yes                                                     | Yes                                                  | Yes                                      |
| 2         | Gmail (personal)     | NA                                                      | Yes                                                  | NA                                       |
| 3         | Discord              | Yes                                                     | Yes                                                  | No                                       |
| 4         | Whatsapp Web         | Yes                                                     | Roadmap (websockets)                                 | No                                       |
| 5         | Facebook (post)      | Yes                                                     | Yes                                                  | No                                       |
| 6         | Facebook Messenger   | Yes                                                     | Roadmap (websockets)                                 | No                                       |
| 7         | Linkedin (post)      | Yes                                                     | Yes                                                  | No                                       |
| 8         | Linkedin (messaging) | Yes                                                     | Yes                                                  | No                                       |
| 9         | Slack Web            | Yes                                                     | Yes                                                  | Yes                                      |
| 10        | Evernote             | Yes                                                     | Roadmap (websockets)                                 | Yes                                      |
| 11        | Pastebin             | NA                                                      | Yes                                                  | NA                                       |
| 12        | Stackoverflow        | NA                                                      | Yes                                                  | NA                                       |

### Interested in an app that's not supported?

{% embed url="<https://docs.google.com/forms/d/e/1FAIpQLSfHdFZpIhxZ0rzbuTJMReo4_E4lytAKeOYOxACrxB0JEeLlng/viewform?usp=sf_link>" %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.websentry.ai/use-cases/protect-sensitive-data-going-to-personal-apps.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.