Traditional Data Loss Prevention

PropScreen plays a enhances Data Loss Prevention (DLP) efforts by implementing best practices for the use of Generative AI, particularly with Large Language Models (LLMs). DLP is a set of tools and processes used to ensure that sensitive data is not lost, misused, or accessed by unauthorized users. DLP software detects potential data breaches and prevents them by monitoring, detecting, and blocking sensitive data while in use (endpoint actions), in motion (network traffic), and at rest (data storage). PropScreen is dedicated to safeguarding proprietary company-sensitive information and personally identifiable information (PII) by employing robust security measures. These include encrypted web traffic between the user and the language model, hashed data at rest within hashed databases, and the implementation of fuzzing techniques in our code and storage containers. Challenges with DLP, such as false positives and negatives, are addressed by PropScreen through meticulous logging on a prompt-to-prompt basis. This includes alerting security teams and auditors about the user's interaction with the language model, the given prompt, the received response from the LLM, and any flags triggered by the response.

PropScreen differs from traditional DLP solutions because its sole focus is on the traffic that occurs between a client and the company’s LLM, an entirely internal process. Traditional DLP methods tend to focus on the edges of a network in order to prevent the exfiltration of sensitive information from their network. PropScreen does not replace traditional DLP approaches, but enhances the existing DLP regime by adding an additional layer of security between the client application and model that does not inference with the organizations existing DLP architecture.