Security and compliance in Generative AI applications like ChatGPT and DeepSeek

August 19, 2025

Security and regulatory compliance in Generative AI applications like ChatGPT and DeepSeek have become a critical priority for companies looking to leverage these technologies without compromising data protection. The risk of leaking sensitive information and failing to comply with regulations such as GDPR, HIPAA or ISO 27001 makes it essential to implement advanced solutions that provide full control and visibility over GenAI usage. Approaches like Inline CASB, DLP, and CASB API enable AI innovation to evolve within a secure, compliant framework aligned with corporate policies.

______

The rise of Generative AI (GenAI) applications, such as DeepSeek and ChatGPT, has transformed the way organizations handle information. However, the uncontrolled use of these tools can expose companies to significant security risks, particularly regarding the protection of sensitive data and regulatory compliance.

To address these challenges, our Security Edge solution from Telefónica Tech, together with Netskope technology, provides a comprehensive approach to security and data control, combining CASB (Cloud Access Security Broker) Inline, DLP (Data Loss Prevention) and CASB API. As we will see below, this ensures unified data governance in the use of GenAI applications.

Security challenges with Generative AI applications

Generative AI applications enable task automation, content generation and advanced data analysis, but they also introduce significant risks:

  • Sensitive data leakage: employees may inadvertently share confidential information with external tools.
  • Loss of data control: GenAI applications may store and reuse submitted information, such as source code, creating a risk of exposure.
  • Regulatory compliance: unregulated use of these tools can breach frameworks such as GDPR, HIPAA and PCI-DSS, and is also critical for compliance with NIS2, DORA and ISO 27001.

Security Edge with Netskope for GenAI: CASB Inline, DLP and CASB API

Security Edge, in collaboration with Netskope, provides a comprehensive solution for protecting sensitive data when using applications like DeepSeek and ChatGPT:

CASB Inline + DLP: real-time protection

  • Real-time traffic monitoring: Netskope’s CASB (Cloud Access Security Broker) Inline inspects traffic in real time, ensuring that sensitive data is not transferred to GenAI applications without proper authorization.
  • Data protection: Inline DLP (Data Loss Prevention) enforces security policies to prevent sensitive data exfiltration, blocking uploads and downloads that do not comply with corporate policies, without the need to classify the data.
  • Adaptive control: delivers automated actions such as blocking, warning, or user coaching in real time, ensuring safe and compliant interactions with GenAI.

CASB API for specific control in ChatGPT

  • Full visibility: Netskope’s CASB (Cloud Access Security Broker) API integrates with the ChatGPT Enterprise API, providing direct control over interactions with this tool, including conversation analysis, DLP policy enforcement and anomaly detection.
  • Access control and security policies: enables the definition of specific access policies, ensuring that only authorized users can use ChatGPT and preventing misuse of sensitive data.
  • Regulatory compliance ensured: the solution provides preconfigured compliance templates, making it easier for organizations to align with applicable regulations.

Key benefits of Netskope’s solution within Telefónica Tech’s Security Edge

  • Comprehensive protection: safeguards data in transit and in use during interactions with GenAI applications.
  • Regulatory compliance: facilitates compliance with regulations using templates for GDPR, HIPAA, PCI-DSS, as well as frameworks such as ISO 27001, NIS2 and DORA.
  • Secure user experience: real-time coaching educates employees on best practices when interacting with DeepSeek, ChatGPT and other GenAI tools.
  • Risk reduction: early detection of potential security incidents, blocking high-risk activities before they impact the business.

The use of DeepSeek, ChatGPT and other Generative Artificial Intelligence tools can be a competitive advantage, as long as they are used in a secure and compliant way.

The combination of CASB Inline, DLP and CASB API within our Security Edge solution from Telefónica Tech, together with Netskope technology, delivers robust protection, enabling companies to innovate with confidence in the GenAI era.

___
Netskope is part of our partner ecosystem.