Your employees are pasting secrets into ChatGPT & Co-pilot & Claude & DeepSeek? Here's how to actually stop it.
Ask any engineering manager whether their team pastes code into ChatGPT and you'll get a nervous laugh. The honest answer is constantly - a stack trace here, a config file there, "just cleaning up this SQL." Most of it is harmless. Some of it carries an AWS key, a database password, or a customer's PII straight to a third-party model.
I've spent the last while looking at how teams try to control this, and most of the common approaches quietly fail. Here's what doesn't work, what does, and why.
Why this isn't a normal DLP problem
Traditional DLP watches email, file shares, and cloud storage. An AI prompt leak skips all of them: the data goes from a browser tab to an AI provider's API over HTTPS and never touches the channels legacy DLP inspects.
It's also invisible after the fact. Once a prompt is sent there's no sent-mail copy, no uploaded-file record. If you didn't catch it at the moment of submission, you have no idea it happened. Prevention has to live in the browser, or it doesn't happen at all.
The approaches that don't hold up
- Blocking AI tools outright. Employees just switch to their phone or a personal laptop. You lose the productivity and keep the risk.
- Network proxies / CASBs. They can see the domain but struggle to inspect encrypted prompt content without heavy MITM infrastructure - and they don't understand a DOCX dropped into a chat window.
- Policy + training. Sets expectations, stops nothing in the moment.
- Post-hoc SaaS scanners. Find the exposure after the data already left. Good for audit, useless for prevention.
What actually works: intercept in the browser
The only place you can reliably read a prompt is where it's typed. A managed browser extension can patch the page's network calls, read the prompt (and any attached files) before they send, scan against your DLP rules, and block anything that matches - all client-side, in well under a second, with no proxy and no rerouted traffic.
That's the model I've become convinced is right, and it's the approach Slopfence takes - a browser-native AI security platform that runs on ChatGPT, Claude, Gemini and Copilot, extracts text from uploaded Office/PDF files, and blocks or redacts on the ten built-in policies plus your own rules.
A rollout that takes an afternoon
- Deploy the extension via Chrome/Edge GPO or your MDM (Jamf/Intune), pre-configured.
- Start with default policies (SSNs, cards, AWS keys, PII) active on install.
- Run alert-only for a week to baseline what your team is really sending.
- Flip high-severity rules to block; scope stricter rules to Finance, Legal, Eng.
- Review the audit trail and tune custom rules and document fingerprints.
If you want the deeper version of this playbook - the control matrix, the alert-vs-block tradeoffs, and the rollout checklist - I wrote it up here: how to stop secrets leaking to AI.
The uncomfortable truth is that your team has already adopted AI. The question is whether you can see what they're sending it - and step in before the leak, not after.
Comments
No comments yet. Start the discussion.