OpenAI Boosts ChatGPT Enterprise with Compliance, Security, and User Management Upgrades

OpenAI has released new enterprise control features for ChatGPT Enterprise, aimed at enhancing compliance, data security, and user management capabilities for its enterprise customers.

Compliance and data security enhancements: OpenAI’s new Enterprise Compliance API provides customers with a detailed record of interactions, including conversations, uploaded files, metadata, ChatGPT memory, and workspace users, enabling enterprises to audit the data they share on the platform:

• OpenAI has partnered with several third-party compliance providers, such as Forcepoint, Global Relay, Microsoft Purview, Netskope, Palo Alto Networks, Relativity, Smarsh, and zScaler, to support various compliance-related activities, including archiving, audit trails, data redaction and retention, and policy enforcement.
• These integrations help organizations, even those in highly regulated sectors, meet various regulatory requirements, such as GDPR, HIPAA, and FINRA rules, while also providing legal teams with a “paper trail” of documents and ensuring the deletion of personal data as required.

Streamlined user management: To simplify user access management for enterprises with a large number of users, OpenAI is rolling out an identity management system called the System for Cross-domain Identity Management (SCIM):

• SCIM synchronizes user access information and updates user permissions, allowing account managers to quickly provision or remove access to ChatGPT Enterprise.
• The feature, which has been in beta, is set for a wider release and can connect with directories on platforms like Okta Workforce, Microsoft Entra ID, Google Workspace, and Ping, as well as support custom SCIM implementations.

Expanded control over custom GPTs: Account administrators now have greater control over custom GPTs and specific-use chatbots created by their employees:

• Admins can set approved domains for GPT connections, create user groups, manage sharing permissions, remove GPTs, transfer ownership, and approve external GPTs.
• These new controls complement existing capabilities, such as single sign-on, custom data retention, and encryption.

Broader implications: OpenAI’s focus on enterprise solutions, particularly with the release of ChatGPT Enterprise in 2023, highlights the company’s growing emphasis on the enterprise market:

• OpenAI COO Brad Lightcap has stated that 2024 is the “year of the enterprise” for the company, with ChatGPT Enterprise playing a significant role in this push.
• The introduction of these new features demonstrates OpenAI’s commitment to addressing the specific needs and concerns of enterprise customers, particularly in terms of compliance, data security, and user management.

As OpenAI continues to develop and refine its enterprise offerings, it remains to be seen how these enhancements will impact the adoption of ChatGPT Enterprise and the company’s overall success in the enterprise market. The new features, however, are likely to be well-received by organizations looking for more robust control and compliance capabilities when implementing AI-powered tools like ChatGPT.