top of page
Search

dope.security Debuts Tenant-Level ChatGPT Controls to Tackle Shadow AI Risks

In the age of generative AI, corporate data risks are increasingly just one tab away. While ChatGPT has become a ubiquitous productivity tool, enterprises are struggling to control how it’s used — and more importantly, which version their employees use.


Today, dope.security, the endpoint-based Secure Web Gateway startup known for bypassing traditional proxy bottlenecks, launched a major upgrade to its Cloud Application Controls: tenant-level access restrictions for ChatGPT. It’s a precise solution to a growing problem — locking users into company-sanctioned ChatGPT Enterprise accounts while shutting down access to personal logins entirely.


“ChatGPT is now acting as an enterprise interface. You can’t manage risk if you can’t distinguish between personal and corporate usage,” said dope.security CEO Kunal Agarwal. “That’s where our tenant-level controls come in — it’s about enabling AI use without compromising compliance.”

The Problem: AI at Work, AI at Risk


The explosion of AI in the workplace has created a paradox for security leaders. Organizations want to embrace AI’s productivity benefits, but struggle to prevent data leakage when employees paste sensitive customer information or source code into ChatGPT — especially when they're using personal accounts.


While OpenAI's ChatGPT Enterprise offers zero data retention, access control, and SOC 2 compliance, many users still access ChatGPT through their personal accounts, creating a visibility and governance black hole for CISOs.


The Solution: Locking AI to the Right Tenant


dope.security’s new update enables IT teams to allow or block ChatGPT access at the workspace (tenant) level, using unique Workspace IDs issued by OpenAI. If a user tries to log in with a personal ChatGPT account, access is denied. But if they’re using a company-assigned enterprise instance — access is seamless.


This policy is enforced directly on the endpoint via dope.security’s Fly Direct architecture, which routes traffic locally instead of detouring through cloud proxy centers.


“You get zero latency, full control, and privacy that’s actually local,” Agarwal said. “And no single proxy outage will take you offline.”

Why This Matters for Security Teams


For security professionals grappling with shadow AI and compliance mandates, this feature brings several advantages:


  • Shadow IT visibility: Teams can now inventory AI usage across personal and corporate accounts.


  • Granular control: Admins can allow AI for specific users or groups, block others, and enforce boundaries between work and personal logins.


  • Rapid deployment: The feature takes minutes to configure, and can be turned on via a single rule within the Cloud Application Control interface.


It’s part of a broader effort by dope.security to build simple, centralized control over enterprise SaaS access. ChatGPT joins the vendor’s growing list of supported applications, which includes Dropbox, Slack, Salesforce, and Box.


Generative AI, Without the Guesswork


As generative AI becomes a permanent fixture of enterprise workflows, governance will no longer be optional. This new release from dope.security reflects a growing trend: making it easy for enterprises to say yes to AI — while saying no to the risks that come with it.


In a world where AI tools operate more like employees than infrastructure, enterprises will need tools that treat them accordingly. With tenant-based restrictions now live, dope.security is giving security teams a head start in that race.

bottom of page