Datasheet (PDF)
Monitor and Classify Sensitive Data Shared with ChatGPT Enterprise
When employees use ChatGPT Enterprise, they send prompts, attach files, and build custom GPTs that frequently contain regulated, confidential, or proprietary data. Without direct access to OpenAI's Compliance API, security teams have no visibility into what data enters or exits the workspace. This documentation covers how Cyberhaven's ChatGPT Enterprise Cloud Connector integrates with the Compliance API to deliver continuous visibility into AI data exposure across conversations, file uploads, and custom GPT content.
Inside This Documentation:
- How the ChatGPT Enterprise Cloud Connector uses OpenAI's Compliance API to monitor user prompts, assistant responses, file attachments, and tool invocations across your workspace.
- What Cyberhaven inspects for sensitive data: full conversation transcripts, conversation file attachments, and knowledge files uploaded to custom GPTs.
- Step-by-step deployment and configuration instructions, including Workspace ID setup, API key requirements, user scope controls, and scan configuration for historical and forward scans.
- Data retention constraints enforced by OpenAI, including the 30-day compliance log window and 48-hour file retention for chat uploads, and how the connector handles those limits automatically.
Every employee ChatGPT session is a potential data event. This connector gives your security team the visibility to see exactly what sensitive data enters your AI environment.
