Is Enterprise AI compatible with the information security and data protection standards set by our organization?

Introduction

Can smaller language models effectively compete with SOTA models developed by the leading LLM labs, such as OpenAI, Google, Meta, and Anthropic? While smaller models have inherent limitations in terms of computational capabilities, they can outperform traditional methods and even compete with GPT-4 on tasks accessed via the OpenAI API, especially in the context of specialized real-world workloads. I've substantiated this claim here.

Before the advent of ChatGPT Enterprise, securing approval from Information Security departments for systems accessing LLMs presented a considerable challenge. The introduction of ChatGPT Enterprise serves as a significant milestone in this regard. This development raises an important question: Does Enterprise AI align with an organizations pre-established information security and data protection protocols? My hands-on experience with clients provides valuable insights and a framework to navigate this crucial question.

Typical Starting Point: An Information Security Due Diligence Questionnaire for the Required AI System

This information security questionnaire template is designed to evaluate the data protection and information security measures of a given AI system. While I've tailored the questionnaire below in order to specifically analyze the security and data protection capabilities of ChatGPT Enterprise, its also written in a general way to be applicable to other AI systems.

General Information

  • System Name: What is the name of your AI system?
  • System Version: What is the current version of your AI system?
  • Contact Information: Who is the primary point of contact for information security matters for this AI system?

Documentation and Standards

  • Do you maintain an updated information security policy document for the AI system?
  • Does this document comply with any international security standards (e.g., ISO 27001, NIST)?
  • Please list the standards, regulations, or best practices your documentation aligns with.

System Architecture and Topology

  • Please provide a detailed diagram of the functional and technical architecture of the AI system.
  • Describe the hardware components involved in the AI system.
  • Describe the software components involved.

Network Security

  • Is the AI system isolated in its own network segment separate from other systems?
  • If yes, how is traffic filtered between this segment and others?
  • Do you employ stateful or stateless firewalls, and why?

Security Controls

  • What security controls are implemented in your AI system?
  • How do these controls contribute to the overall security?
  • Are these controls regularly updated?

Information Security and Data Protection for Large Language Model APIs

  • Do you integrate APIs from Large Language Model providers like OpenAI, Google, and Microsoft?
  • If yes, how is API access secured (e.g., API keys, OAuth tokens)?
  • Describe the encryption mechanisms in place for data transmission to and from these APIs.

Compliance and Regulations

  • Is your AI system compliant with any industry standards or regulations?
  • If yes, please list the certifications or standards
  • Do you undergo regular third-party audits?

Risk Management

  • Do you have a risk management process in place?
  • If yes, please describe the process.
  • How are vulnerabilities reported and managed?

Incident Response

  • Do you have an incident response plan in place?
  • If yes, please describe the plan.
  • How are incidents communicated to stakeholders?

ChatGPT Enterprise: In-Depth Analysis

ChatGPT Enterprise has been designed to meet an exhaustive list of security and data protection standards, including those required for vendor evaluations and onboarding processes. Utilizing publicly available information such as that on the OpenAI Trust Portal, my analysis aims to provide a comprehensive technical evaluation of its security architecture and protocols.

Key Takeaways

  • Regulatory Compliance: Adherence to GDPR, CCPA, SOC 2, and SOC 3 standards, ensuring data protection and information security.
  • Encryption: Utilizes AES-256 for data at rest and TLS 1.2+ for securing data in transit.
  • Access Control: Implements Multi-Factor Authentication (MFA) and Role-Based Access Control (RBAC) for granular permission management.
  • Incident Response: A formalized Incident Response Plan exists, although its specifics are not publicly disclosed.
  • Risk Management: A Risk Management Policy exists for conducting regular assessments, although the process details are not specified.
  • Internal Policies: Comprehensive internal policies ranging from Acceptable Use, Vulnerability Management to Risk Management.
  • Security Monitoring: Network activity is centrally logged, and arbitrary detection logic has been defined to identify attackers and anomalous behavior.
  • Endpoint Security: Employee endpoints are secured using full-disk encryption and advanced EDR solutions.
  • Infrastructure: Primarily hosted in Azure with a formal Business Continuity and Disaster Recovery (BC/DR) plan in place.

Final Verdict

Given its multi-layered security architecture, stringent compliance standards, and comprehensive internal policies, ChatGPT Enterprise exhibits a robust security posture. This makes it a viable option for organizations prioritizing high levels of data protection and information security.

Completed Questionnaire

General Information

  • System Name: OpenAI API and ChatGPT Enterprise Services
  • System Version: Now includes ChatGPT Enterprise
  • Contact Information: Via OpenAI Trust Portal
  • HR Security: New employees pass a background check and sign a non-disclosure agreement

Documentation and Standards

  • Maintain Updated Document: Yes
  • Compliance with Standards: CCPA, GDPR, SOC 2, SOC 3, AES 256, TLS 1.2+
  • Standards List: CCPA, GDPR, SOC 2, SOC 3

System Architecture and Topology

  • Diagram: Not available
  • Hardware: Hosted by Azure in multiple regions throughout the United States
  • Software: Not specified
  • Status Monitoring: https://status.openai.com/
  • Separate Production Environment: Customer data is not used in non-production environments

Network Security

  • Isolated Network: Not specified
  • Traffic Filter: Not specified
  • Firewalls: Yes, includes Firewalls and Cilium Network Policies (firewalls for Kubernetes)
  • Network Time Protocol: Standard time servers used throughout the infrastructure
  • Data Exfiltration Monitoring: Removable media is restricted, and suspicious activity, including data exfiltration, is monitored
  • DMARC: Enabled to reduce the risk of spoofing attacks (v=DMARC1; p=reject; ...)
  • IDS: Network activity is centrally logged, with detection logic defined for identifying attackers and anomalous behavior
  • SIEM: Important infrastructure logs are centrally stored and monitored

Security Controls

  • Controls: Multi-Factor Authentication, Role-Based Access Control, Single Sign-On for internal applications
  • Contribution: Role-Based Access Control (RBAC) to manage permissions
  • Regularly Updated: Annual risk assessment conducted
  • Credential Management: All user credentials are securely salted, hashed, and stored by Auth0
  • Data Access: Access to internal systems based on the principle of least privilege
  • Password Security: Strong internal password policy, including MFA for non-SSO accounts. Passwords stored in a company-managed password manager
  • Endpoint Security: Full-disk encryption, DNS filtering, advanced EDR solution, and MDM solution for employee endpoints
  • Penetration Testing: Annual third-party penetration testing performed
  • Employee Training: Annual security and privacy awareness training covering various topics including GDPR and CCPA
  • Policies: Acceptable Use Policy, Access Control Policy, Code of Conduct, Cryptography Policy, Data Management Policy, Secure Development Policy, Third Party Management Policy, Vulnerability Management Policy

Information Security and Data Protection for Large Language Model APIs

  • Integrate APIs: ChatGPT Enterprise now provides advanced data analysis capabilities
  • API Access Secured: SOC 2 compliant, encrypted in transit and at rest, API keys are stored in an encrypted database
  • Encryption Mechanisms: Enhanced to AES 256 at rest and TLS 1.2+ in transit
  • Data Backup: Backups are conducted regularly
  • Data Deletion: 30-day retention policy, or deletion upon request
  • Code Analysis: Tools are used to identify issues in code and third-party dependencies
  • PII Usage: Email and phone number required for account registration. Opt-in form for sharing data to improve models
  • Logging: All important security events are monitored, including centralized network activity logs
  • Infrastructure Security: Infrastructure-as-code techniques are used for secure resource deployment
  • Threat Detection: Proactive monitoring for known attacker TTPs, malicious binaries, and suspicious activity

Compliance and Regulations

  • Compliance: SOC 2 Type 2 as of March 14, 2023, and now also AES 256 and TLS 1.2+ for data encryption
  • Certifications or Standards: Extended to include AES 256 and TLS 1.2+
  • Third-Party Audits: Not specified
  • Data Breach Notifications: Notifications sent in accordance with the terms of the MSA

Risk Management

  • Risk Management Process: Formal Business Continuity and Disaster Recovery plan in place, annual risk assessment conducted
  • Process Description: The plan is exercised, reviewed, and approved annually
  • Vulnerabilities Managed: Patches are applied based on a documented SLA
  • Internal Assessments: Conduct an annual risk assessment to identify major gaps in the environment
  • Risk Management Policy: Risk Management Policy ensures regular risk assessments

Incident Response

  • Incident Response Plan: Documented and reviewed, tested, and approved at least annually
  • Plan Description: Security is essential to OpenAIs mission, and a policy is in place for responsible vulnerability research and disclosure
  • Employee Privacy Training: Annual training on security and privacy awareness, including GDPR and CCPA
  • Endpoint Detection & Response: All employee endpoints are protected with an advanced EDR solution
  • Incident Response Policy: Maintains an Incident Response plan in the event of a security-related incident

Conclusion

ChatGPT Enterprise is a game-changer for corporate decision-making regarding use of LLMs, offering SOTA features and performance while aligning with key data protection and security standards. Although the answers in the completed questionnaire are based on limited available information, they indicate a strong commitment from OpenAI towards compliance and security.

As we move forward, the compatibility of ChatGPT Enterprise with organizational policies will likely become even more seamless. Given the productivity amplification is so large, organizations should probably be thinking about it as a basic work tool, on the desktop by default.

Source code

Source code for this post can be found on my GitHub.

References

OpenAI Blog. "Introducing ChatGPT Enterprise." Published on August 28, 2023. <https://openai.com/blog/introducing-chatgpt-enterprise>.

OpenAI Security Portal. <https://trust.openai.com/>.

© 2023 johncollins