The feature, which is available to users on business plans like Free, Go, Plus, Pro and self-serve ChatGPT, is designed for individuals and organisations desiring stricter controls of how sensitive data can be accessed and transmitted through OpenAI products.
OpenAI has launched a new security feature, lockdown mode, to help protect sensitive data from prompt injection attacks by restricting web access and other capabilities that could be exploited for data exfiltration.
The feature, which is available to users on business plans like Free, Go, Plus, Pro and self-serve ChatGPT, is designed for individuals and organisations desiring stricter controls of how sensitive data can be accessed and transmitted through OpenAI products.
In a post on its website, OpenAI says the lockdown mode is an optional advanced security setting that limits many tools and capabilities in OpenAI products that can connect to the web or external services.
It further states that the feature is intended to cut back the risk of sensitive information being extracted through prompt injection attacks by limiting outbound network requests.
The company, however, cautions that the feature is not a complete defence against such attacks.
“Lockdown Mode does not prevent prompt injections from appearing in the content ChatGPT processes.”
“For example, a prompt injection could appear in cached web content or in an uploaded file, and could still affect the behavior or accuracy of a response.”
With the innovation, several features are either disabled or significantly restricted. Live web browsing is limited to cached content, while deep research, agent mode and network-enabled Canvas functions are disabled.
Similarly, users are also disallowed from downloading files for analysis, although manually uploaded files remain accessible.
OpenAI notes that image retrieval from the web and image display in standard responses may also be restricted, much as image generation capabilities will continue to function where available.
The lockdown mode does not affect memory settings, file uploads, conversation sharing or existing controls governing whether user conversations can be used to improve AI models, the company added.
For users and third-party connectors, OpenAI says the impact of lockdown mode varies depending on account type and workspace configuration.
On personal and self-serve business accounts, live connector access and write actions are blocked, while synchronised data connectors remain available.
OpenAI advises workspace administrators to carefully evaluate the data-exfiltration risks associated with applications and integrations used by employees assigned to Lockdown Mode roles.
It notes that the lockdown mode and the developer mode cannot operate simultaneously, adding that enabling one feature automatically disables the other.
According to the company, users can activate the feature through the security section of their account settings, while enterprise administrators can configure custom lockdown mode roles and assign them to individual users or groups.
The feature, OpenAI remarked, forms part of its broader security framework, which includes sandboxing, monitoring systems, protections against URL-based data exfiltration and enterprise-grade controls such as role-based access management and audit logging.
More details here...
