Share via

blocking of sensitive content for AI

Mountain Pond 1,696 Reputation points
2026-02-04T18:20:19.5666667+00:00

Hello, I'm trying to figure out how to set up blocking of sensitive content and prevent unwanted transmission of this content to popular AI systems.

More specifically, my goal is to block this only for one public AI and only allow it for corporate "gem.." AI.

After some research, I decided to use

Network Data Security (inline web traffic) in Microsoft Purview.

After reviewing the prerequisites, I obtained two licenses:

  • Microsoft Entra Internet Access
  • Microsoft 365 Business Premium
  • Microsoft Purview Suite for Microsoft 365 Business Premium

Configured Data Security Posture Management for AI:

  • Activate Microsoft Purview Audit
  • Install Microsoft Purview browser extension
  • Onboard devices to Microsoft Purview
  • Extend your insights for data discovery

Configured Global Secure Access:

  • Traffic forwarding
  • File policies - Web category - Artificial Intelligence
  • TLS inspection policy - Web category - Artificial Intelligence
  • TLS inspection policies certificate
  • Security profiles
  • Conditional Access Policy
  • Installed GlobalSecureAccessClient
  • Added the root certificate to trusted certificates

Healthcheck for GlobalSecureAccessClient: everything is fine, common errors have been resolved. I see traffic on the EntraID portal from the client.

In Microsoft Purview,

I created an Inline web traffic policy for browser and network traffic, specifying sensitive data and blocking actions.

First question: However, I can still transfer sensitive test data, both files and plaintext.

Second question: Do I understand correctly that the DLP Inline web traffic policy can block data transfer for applications that don't have SSO, and therefore aren't corporate? If the application works with EntraID as an identity provider, it will be considered corporate. This is in response to the question "In more detail, my goal is to block this only for Gemini (public), and only allow work with Gemini corporate."

Thank you.

Microsoft Security | Microsoft Purview
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Q&A Assist
    2026-02-04T18:20:34.1033333+00:00
    AI generated content. This question contains an answer created with AI from Q&A Assist. Learn more

    To set up blocking of sensitive content for AI systems using Microsoft Purview, you need to ensure that your Data Loss Prevention (DLP) policies are correctly configured to target the specific applications you want to control. Here are some insights regarding your questions:

    1. Blocking of Sensitive Test Data: If you are still able to transfer sensitive data despite having set up an inline web traffic policy, it may indicate that the policy is not correctly applied or that the conditions for blocking are not fully met. Ensure that the sensitive data types you want to block are correctly defined in your DLP policy and that the actions specified (e.g., blocking) are properly configured. You may also want to verify that the policy is active and that there are no exceptions or exclusions that might allow the data transfer.
    2. DLP Inline Web Traffic Policy and SSO: You are correct that the DLP inline web traffic policy can block data transfer for applications that do not utilize Single Sign-On (SSO). If an application is integrated with EntraID as an identity provider, it is generally considered corporate, and therefore, the DLP policy may not block data transfer for that application. To achieve your goal of blocking only for the public Gemini AI while allowing access to the corporate version, you will need to ensure that your policy specifically targets the public version and that the conditions for allowing the corporate version are clearly defined.

    In summary, check the configuration of your DLP policies, ensure they are actively monitoring the right applications, and clarify the conditions for blocking versus allowing data transfer based on your requirements.

    References:

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.