Enterprises Block Unauthorized ChatGPT, Gemini, Claude Access
According to a June 10, 2026 guide from Kaspersky, organisations can detect and block unauthorized AI services such as ChatGPT, Claude, and meeting bots by monitoring NGFW/web-filter traffic, enforcing DNS reroutes, and using EDR/EPP and browser policies. Kaspersky warns that outright bans can drive users to third-party or proxy services and recommends offering an approved alternative before enforcing blocks. Commercial vendors also offer enterprise tooling: TeamPrompt's product page describes a browser-extension plus network-layer approach that integrates with Cloudflare Gateway, supports deployment via Google Admin, Microsoft Intune, and GPO, and advertises 40+ detection rules and 19 compliance frameworks. The practical steps in the Kaspersky guide include blocking known vendor domains, banning unapproved browser extensions, and preventing installation of native apps via application controls.
What happened
According to a June 10, 2026 guide published by Kaspersky, enterprises face risks from employees using unauthorized AI helpers, including ChatGPT, meeting bots, and personal assistants, which the guide links to data-exfiltration and compliance gaps. Kaspersky lists vendor domains and technical indicators to watch, and recommends control points such as NGFW/web-filter monitoring, DNS rerouting, browser policy enforcement, and EDR/EPP or application-control scans to detect desktop apps (for example, ChatGPT.exe or claude.exe).
Technical details
Editorial analysis - technical context: The Kaspersky checklist focuses on network- and endpoint-level controls. It advises blocking the AI Services category in network filters, routing DNS queries for specific domains away from production endpoints, and enforcing extension allowlists via browser policy. Kaspersky also describes scanning browser histories and installed apps as detection vectors. Separately, TeamPrompt's product page describes a two-layer approach, browser extension for prompt scanning plus network-level blocking via Cloudflare Gateway, and lists deployment paths (Google Admin, Microsoft Intune/JAMF, GPO) and configuration options (Monitor, Restrict, Full Lockdown), per the vendor site.
Context and significance
Organisations seeking to limit shadow-AI are combining traditional perimeter controls (NGFW, DNS) with browser-managed controls and DLP-style prompt inspection. Vendor messaging emphasizes rapid enterprise deployment and compliance mappings; TeamPrompt advertises features such as auto-install across managed browsers, 40+ detection rules, and coverage of 18 AI tools, per the vendor page. That combination addresses two angles: preventing traffic exfiltration at the network layer and preventing sensitive prompts at the endpoint before they leave the browser.
What to watch
- •Adoption metrics for browser-extension DLP versus network-only blocking
- •False-positive rates when blocking broad "AI Services" categories
- •Enterprise appetite for offering approved, auditable AI alternatives (reported by Kaspersky as a mitigation to outright bans)
For practitioners: instrument NGFW/DNS logs for the domain indicators Kaspersky lists, evaluate browser policy toolchains for extension allowlisting, and test prompt-scanning solutions in monitor mode before enforcement to measure operational impact.
Scoring Rationale
Practical enterprise guidance on blocking shadow-AI is directly relevant to security engineers and compliance teams, but the content is operational rather than a frontier technical advance. Vendor tooling and deployment paths increase immediate implementability.
Practice with real Ad Tech data
90 SQL & Python problems · 15 industry datasets
250 free problems · No credit card
See all Ad Tech problems
