Skip to main content

Hi Friends,

With OpenAI’s recent announcement of their version of a web browser with ChatGPT built in (or along side), how should enterprises that rely on Box for all cloud content management, be navigating Atlas (or others in the future) to ensure privacy and security around our content remains intact?

While I do not have firsthand experience, from the announcement video, one of the core features of Atlas appears to be something like an always-on, live stream of a users screen with ChatGPT sitting above any web application access restriction ‘seeing’ everything.

Thanks Matt for this question, I also did see the CISO of OpenAI posted on X, and mentioned some risks with Atlas around prompt injection, here. Our team is reviewing your question, and will respond shortly...

Hi Matt - I see a few items here - and would love to hear from the rest of the community on this!

As a general disclaimer here - I’m making some assumptions about Atlas security policies below, so as with any tool, would recommend vetting them through your standard vendor security audits. I view them similar as any other enterprise screen sharing tool, like say a Zoom. I’m also much more of a Box expert than OpenAI/Atlas expert, so there may be wrinkles I’m not aware of here.

I think the benefit of a Box-through-Atlas workflow is the same user permission controls that help with Box, are going to help here. For example, if a user is a project manager and shouldn’t have access to say company internal financials, they still won’t be able to access those files through Atlas, because it’s going to rely on their Box user permissions - the only info Atlas is going to see is a “you don’t have the right permissions to view this content” page. So you have the same assurances around whose eyes/recordings can see the sensitive material, regardless if its an Atlas AI automation or a person with a mouse.

One item I have an eye on is what this means for things like device controls/strong password requirements/2FA/zero trust in general, particularly for external users that you don’t have control over, and may have lazier personal password controls. Atlas is more subject to accidental mistakes given its more of an end user tool than say an MCP integration that would be implemented org-wide under IT/Tech control with enterprise-grade practices. So trying to keep my eye on the conversation in the zero trust space to see any new best practices that emerge, or if I’m just being paranoid. I think the other piece here is tools to monitor your environment for suspicious activity (say through Box Shield) also become more important, because they’ll flag suspicious viewing actions. 

How about the rest of the community - what do you all think?

Terms & ConditionsCookie settingsAccessibility statement