Organizations increasingly have the need to block GenAI tools, such as ChatGPT, Google Gemini, Claude, Microsoft Copilot, and Perplexity AI, along with other AI-powered SaaS platforms to address multiple security risks, including:

  • Sensitive data leakage through user prompts and uploaded content
  • Unauthorized sensitive data processing outside organizational control
  • Regulatory concerns due to the lack of visibility

Additionally, AI-generated outputs may be inaccurate, non-compliant, or difficult to verify, posing risks in decision-making, communication, and operational workflows.

To address these challenges, organizations can enforce centralized controls to block specific GenAI tools or entire categories of AI-powered applications .

Block specific GenAI applications (i.e., ChatGPT or Claude)

Follow the steps below to block ChatGPT and other desired GenAI apps.

  • Open the DataSecurity Plus web console. Choose Cloud Protection from the Apps drop-down at the top.
  • Navigate to Configuration > Banned Cloud Applications.
  • Click +Add Application at the top-right corner.
  • On the Add Cloud Application's Domains to Banned List page, enter the domains of the GenAI tools you want to block. Sample: chat.openai.com, openai.com, gemini.google.com, claude.ai, anthropic.com, bard.google.com
  • Click Review.
  • Review the application details, including its risk score. Confirm by clicking Save.
  • Cloud Protection configuration screen for adding ChatGPT, OpenAI, Gemini, Claude, Anthropic, Bard, and other GenAI domains to the banned applications list.

Block all GenAI applications (category-based blocking)

Follow the steps below to block all GenAI tools, including new or unknown ones.

  • In the Cloud Protection module, navigate to Configuration > Control Policies > Cloud App Control.
  • In the Available Categories search box, type Generative AI.
  • Select the Generative AI category. Move it to Blocked Categories by clicking the >> button.
  • Click Save.
  • Cloud App Control policy screen showing the Generative AI category blocked in DataSecurity Plus Cloud Protection.

Blocking ChatGPT alone is no longer sufficient in today’s rapidly evolving AI landscape. Organizations must adopt a broader strategy that addresses the entire ecosystem of GenAI tools—including platforms like Gemini, Claude, and Copilot . Security controls should enforce access only to approved AI providers and restrict all unauthorized or high-risk GenAI platforms.

For platforms that support identity-based access controls—such as ChatGPT—DataSecurity Plus allows you to define which identities are permitted to log in rather than blocking access entirely.

Interested to know how? Contact our product specialist.

Frequently asked questions:

  • 1. Is using ChatGPT at work a security risk?

    It can be; every interaction with a GenAI tool such as ChatGPT is in essence a data transfer. Employees may unintentionally share customer data, proprietary information, or legal content. Unrestricted usage can lead to data security issues and compliance violations when regulated data is processed beyond organization's boundaries. Without proper controls, visibility, and user awareness, these risks can quickly escalate.

  • 2. Can I track ChatGPT usage, like prompt content, without blocking it?

    Yes, DataSecurity Plus tracks every GenAI cloud access event—including successful and failed requests—along with details on what app was accessed, from where, and when.

    Also, it maintains detailed records of all prompt interactions across GenAI chatbots and coding assistants—including ChatGPT, GitHub Copilot, Claude, Google Gemini, Perplexity, Grok, and Mistral.

  • 3. Can I block Claude, Gemini, Copilot, and Perplexity the same way I block ChatGPT?

    Yes. You can block any GenAI platform or SaaS application by adding its domains to the banned list in DataSecurity Plus. The same steps apply to ChatGPT, Claude, Gemini, Microsoft Copilot, Perplexity, and other AI-powered SaaS tools.

  • 4. Can employees bypass GenAI blocks using a VPN or private browser?

    DataSecurity Plus enforces controls at the endpoint level—not just at the network perimeter—making it significantly harder for users to bypass restrictions through VPNs or private browsing sessions. You can also choose to block the usage of VPNs altogether across your cloud environment. For more details, check with our product specialist.

  • 5. Can I allow some employees to use ChatGPT while blocking it for others?

    Yes, stronger access control measures can be implemented for ChatGPT, wherein it's usage can be restricted for a few trusted identities or identity patterns. For more details on how to implement this, get in touch with our product specialist.