...

While some DLP measures are taken by Unique, for some others we depend on the clients client’s expertise and infrastructure. Below you find methods available to prevent data leaking when using the Unique FinanceGPT Chat.

This article does not outline Uniques Unique's additional measures to avoid data loss and leakage (e.g., disclaimer information, terms of use, trainingstraining, Technical and Organizational Measures (TOMs), opt-out from training, and prompt checking for Microsoft Azure Open.AI OpenAI Services, etc.) but the options to integrate a the clients existing DLP.

Methods

I DLP Proxy

Uniques Unique's clients usually rely on managed devices. Most of them funnel their devices device traffic through a VPN and a proxy before it egresses out to the internet.

There is also a variation of this setup where the browser uses a browser plugin to pipe all egress traffic first to the DLP itself without relying purely on the network setup¹.

This DLP proxy (which may not be its only purpose) has the ability to inspect certain protocols, in Uniques Unique's case https. After unwrapping the content (see in diagram B.1 ), it gets scanned with the DLP and depending from on the result either repackaged and egressed(see in diagram B.2) or rejected.

...

Depending on the proxy and DLPs speed, this method can have a latency, speed, and User Experience impact which Unique cannot sadly not mitigate as they are fully dependent on the clients' system throughput.

II Analytics APIs

Main article: Analytics

This is more of a post-processing, controlling sort of prevention driven by some of our key clients. While actively monitoring user input and trying to avoid leakages, some cases can only be really detected when scanning and post-processing the prompts, messages, and chats.

Unique offers specific Analytics APIs that can be called by a controlling service or automation that in turn runs the content through the clients client's DLP system.

Output/findings of DLP scans should be regularly reviewed (regular sample checks) by the respective client’s compliance and/or data protection team. It is not the responsibility of Unique to check output (not allowed by contractual terms and also not part of the Unique service offering). Clients should make sure that the output/ findings are handled according to internal guidelines, policies, and regulations.

Performance Impact

This approach does not affect the end users in either latency or speed as it is completely asynchronous.

III Pre-LLM DLP Calling

...

Unique relies on state-of-the-art connections, encryptions, ports, and sockets³ without bizarre modifications that are known to malfunction with existing DLP solutions.

...

Unique does not make any vendor recommendations. There are some vendors though that are proven to be compliant with Unique (under regards for to ¹):

• Forcepoint DLP²

...

¹: This method is known to be breaking or sunset with the upcoming introduction of Manifest V3 into the browsers. The DLP vendors are aware of these issues and work on a solution themselves.

...

³: Unique leverages sockets for its chat messages streaming but only uni-directional from the backend services towards the browser and not vice-versa.

...