Skip to content
OpenAI Unleashes ChatGPT for Enterprise Use with New Security Features

OpenAI Unleashes ChatGPT for Enterprise Use with New Security Features

OpenAI, the San Francisco-based large language model (LLM) service provider, today launched ChatGPT Enterprise. This hotly anticipated upgrade to OpenAI’s popular consumer service provides a purpose-built version aimed at enabling large enterprise adoption of conversational AI. By addressing key barriers around security, privacy, compliance, and scalable management, ChatGPT Enterprise clears the path for more formal implementation across corporations.

This is the moment most enterprise IT leaders have been waiting for. Now, with ChatGPT Enterprise many company security concerns will be met. In this post I’ll take you through the news, and how ChatGPT Enterprise aligns with emerging AI security frameworks so you can see if your company is ready to take the plunge.

ChatGPT Enterprise Hardens Security to Protect Sensitive Enterprise Data

ChatGPT Enterprise incorporates systemic security upgrades designed to safeguard customer data and drive secure deployments. It leverages encryption for data in transit and at rest to prevent unauthorized access to sensitive conversations.

But everyone is concerned about leaking corporate data via chatbots. According to OpenAI, individual businesses fully own and control any prompts and outputs from the service. The company states it will not train its underlying natural language models using data from ChatGPT Enterprise conversations.

The product has received SOC 2 compliance certification, validating adherence to security standards for customer data handling. OpenAI says it can also execute additional compliance agreements as needed for industries like healthcare and finance.

For access governance, ChatGPT Enterprise provides SSO, domain restrictions, and role-based permissions. The dedicated admin console enables user management, auditing, and usage analytics across large organizations.

Companies Still Need Custom AI Governance Frameworks Tailored to Their Risk Profile

While ChatGPT Enterprise covers common security controls, individual businesses must still develop governance policies tailored to their unique risks. Organizations have highly diverse risk appetites based on factors like industry, geographic footprint, and data types.

IT leaders need to actively evaluate cybersecurity domains including data protection, compliance, transparency, access management, and security posture. This identifies potential blind spots based on the company’s profile. Third-party risk assessments can also validate controls.

Guidance from internal governance teams remains essential for responsible AI adoption even with a hardened commercial platform like ChatGPT Enterprise.

Over 80% of Fortune 500 Companies Already Testing ChatGPT Waters

According to OpenAI’s own research, over 80% of Fortune 500 companies have users actively trying the free consumer version of ChatGPT. ChatGPT Enterprise provides an on-ramp for formal procurement, deployment, and support. It looks like ShadowGPT has been a problem percolating in the enterprise for a while!

Technically Leveled Up to Meet Enterprise Demands

ChatGPT Enterprise offers unlimited access to OpenAI’s most capable natural language model, GPT-4. It provides expanded 32,000 token context windows to process long-form documents and extended conversations.

The platform also applies AI capabilities to automate data analysis, parse code, and streamline information workflows. Early adopters span industries including media production, consulting, finance, and design. Use cases range from content generation to data insights.

And OpenAI is exploring the idea of a shared prompt repository with new shared workspaces. This is similar to the generic Prompt Engineering Platform (PEP) product category, which I described in this post. I believe enterprise users should be looking towards PEPs for productivity-boosting applications before exploring more elaborate AI solutions.

Experts foresee rapid adoption by enterprise functions like IT, customer support, HR, marketing, and product teams. But prudent oversight is still required to manage risks like biased outputs.

ChatGPT Enterprise Aligns with AI Security Requirements

ChatGPT Enterprise meets most of the requirements of emerging enterprise AI security frameworks:

  • Data protection via encryption, access controls, and opt-out of training data.
  • Compliance with common regulations like SOC 2.
  • Transparency on training data sources, oversight, and model iteration.
  • Access governance through SSO, role-based access, and domain restrictions.
  • Security posture includes patching, monitoring, auditing, and risk assessments.

It covers important controls, access management, and certifications needed for enterprise risk management. But additional customization is still essential.

Salesforce ISV Community Reactions

I ran the news by some Salesforce independent software vendors involved in deploying OpenAI-powered applications for their reactions. Everyone seems to be in agreement this could be a seminal moment in generative AI as a new computing platform, but there is still some skepticism about applications with enterprise features.


“With ChatGPT Enterprise, OpenAI has opened the floodgates for widespread business adoption by meeting key enterprise demands around security, compliance, and scalability,” said Robin Gupta, VP of Engineering at Provar.

Gupta believes the larger context size, faster API access, and built-in security will help “supercharge workforce productivity.” However, he notes that while these trust-building features are helpful, truly “grounding” the technology in enterprise realities is what’s required to maximize benefit. Gupta pointed out that although OpenAI touts SOC 2 compliance, its Trust Portal lacks evidence of HIPAA compliance, an important consideration for healthcare industries.


I connected with David Brooks, SVP and Lead Evangelist at Copado for their reaction to the news. “We are excited to see the direction OpenAI is going with ChatGPT. Our customers tell us that enterprise-class performance and security are critical for any Generative AI tools. Copado AI Companion and our additional upcoming AI-enabled products will benefit greatly from this new offering,” said Brooks in an emailed statement.


I talked to Bill Appleton, CTO of Metazoa, about their reaction to the ChatGPT Enterprise Announcement. Metazoa has made waves recently by incorporating GPT API integrations into Metazoa Snapshot. “We are really excited about this announcement from OpenAI,” said Appleton. “This really shows that they care about Enterprise Customers like Metazoa. This program offers better speed, greater intelligence, and a bigger token window. We will be upgrading thousands of Snapshot customers as soon as possible!”


iDialogue is another Salesforce ISV making waves in generative AI. They have some interesting generative AI capabilities integrated into their existing document management platform. And they have even deployed a LangChain-like document management orchestration prototype! “With every demonstration of iDialogue AI integrated with Salesforce, we’re met with awe and curiosity. The common refrain is, ‘This is groundbreaking,’ followed closely by, ‘How secure is it?’, said Michael Leach, CEO, and founder of iDialoge in an email conversation.

“OpenAI’s latest announcement of their enterprise API, combined with our ‘bring your own key’ (BYOK) approach and a robust Data Privacy Agreement (DPA), ensures that our GPT-enabled Salesforce CRM-AI solutions meet the stringent standards of SOC2,” added Leach in our conversation.


GPTfy is the brainchild of Saurabh Gupta, CEO of Cloud Compliance, and producer of Enterprise Dreamin’ conference being held this week. The tool is an affordable and simple-to-use prompt engineering platform designed to interact with your existing Salesforce org data, providing masking, access, and other security features.

“OpenAI’s ChatGPT Enterprise fills an important gap by finally offering enterprise-grade features like security, privacy, governance, and larger context size that organizations require to seriously consider AI adoption,” said Gupta in an email conversation. “This addresses key customer needs around compliance, data protection, access controls, and scalability that should enable responsible AI implementation across functions like customer service, IT, marketing, and beyond.”

Time for Takeoff

This is what the corporate AI world has been waiting for. Now, workers don’t have to sneak around the office with their mobiles to use ChatGPT in the workplace. The only barrier left is whether your IT leaders and cybersecurity officers will make the move to become a customer.

Mainstream adoption is expected across customer service, HR, IT, marketing, finance, and other departments. But prudent guidance and limitations will remain important in managing generative AI’s potential downsides.

For enterprises on the sidelines, OpenAI now has lowered the barriers to safely unleash AI productivity at scale. For Salesforce customers, this means that they can safely use ChatGPT side-by-side with their Salesforce data and metadata. And for every enterprise IT leader, this is clarifying moment where you must decide what to do next about generative AI in your enterprise.

Apply Filters