OpenAI has released new enterprise control for customers using its ChatGPT Enterprise around compliance, data security and safely scaling access.
OpenAI’s new Enterprise Compliance API gives ChatGPT Enterprise users a record of time-stamped interactions for conversations, uploaded files, metadata, ChatGPT memory and workspace users. This record allows enterprises to audit the data they share on ChatGPT Enterprise.
While OpenAI offers the API, the company also worked with several third-party compliance providers that users can connect to. These include integrations with Forcepoint, Global Relay, Microsoft Purview, Netskope, Palo Alto Networks, Relativity, Smarsh and zScaler.
“These new integrations offered by the following providers support a range of compliance-related activities, such as archiving, audit trails, data redaction and retention, and policy enforcement,” OpenAI said in a blog post.
The company said organizations, even those in highly regulated sectors, can take advantage of these integrations to meet GDPR, HIPAA and FINRA rules. It can also give enterprise legal teams a “paper trail” of documents and a way to ensure personal data they’re supposed to delete has actually been deleted.
ChatGPT Enterprise customers often have a large number of users. To manage this, OpenAI will roll out an identity management system to make permissioning easier. The System for Cross-domain Identity Management (SCIM) syncs user access information and updates who can use the platform. This lets account managers quickly provision or remove access to ChatGPT Enterprise.
The feature has been in beta, but the company plans a wider release next week. OpenAI said ChatGPT Enterprise can connect with directors on Okta Workforce, Microsoft Entra ID, Google Workspace and Ping. It can also support custom SCIM.
An additional feature gives account administrators wider control over custom GPTs, and specific-use chatbots that its employees can make. The new feature gives admins the ability to set which services the GPT can connect to with a list of approved domains. OpenAI said previously admins could only block some custom GPT actions.
Admins can also create user groups, manage sharing permissions, remove GPTs, transfer ownership and approve external GPTs. These controls will complement existing capabilities like single sign-on, custom data retention and encryption.
OpenAI unveiled ChatGPT Enterprise in 2023 as its second paid option for the popular ChatGPT. The Enterprise tier offers “enterprise-grade security,” larger context windows and faster results time, more than its other paid products like ChatGPT Plus and ChatGPT Teams, which is also an enterprise solution but designed for a smaller number of seats.
OpenAI COO Brad Lightcap said in April that 2024 is the “year of the enterprise” for the company as it sees growth in that sector. ChatGPT Enterprise plays a big role in pushing toward enterprise. However, the company also has APIs that companies can use to bring OpenAI’s foundation models to their own applications.
ChatGPT Enterprise is powered by OpenAI’s GPT-4o, though the company recently released GPT-4o mini, a smaller version of its new flagship AI model.