New security controls were unveiled by OpenAI as artificial intelligence systems take on more complex tasks involving the web and third-party applications, increasing exposure to prompt injection attacks.
Prompt injection involves attempts by external actors to manipulate AI systems into executing malicious instructions or revealing confidential information. To mitigate these risks, the company launched an optional Lockdown Mode within ChatGPT, designed primarily for high-risk users such as corporate executives and security teams. The company described it as “a new deterministic setting that helps guard data from being inadvertently shared with third parties.”
See also: OpenAI Launches Trusted Access Pilot for Advanced Cyber-capable AI Model
Lockdown Mode restricts how ChatGPT interacts with external systems by disabling selected tools and capabilities that could be exploited for data exfiltration. Web browsing, for instance, is limited to cached content within OpenAI’s controlled infrastructure, preventing live network requests. Some features are fully disabled where strong guarantees of data protection cannot be ensured.
The feature will be available across enterprise offerings including ChatGPT Enterprise, ChatGPT Edu, ChatGPT for Healthcare and ChatGPT for Teachers. Workspace administrators can activate Lockdown Mode through role-based controls, layering additional safeguards on top of existing enterprise-grade security features such as audit logs and access management. Availability for consumer users is planned in the coming months.
See also: OpenAI Begins Testing Ads in ChatGPT for U.S. Users
In parallel, standardized “Elevated Risk” labels are being introduced across ChatGPT, ChatGPT Atlas and Codex. The labels are intended to clearly flag features that may introduce additional exposure when connected to external networks or applications, enabling users to better assess potential trade-offs when activating advanced capabilities.
Source: OpenAI