They often treat approval as a binary yes-or-no decision instead of a data-governance problem. Employees may use both enterprise and personal accounts on the same device, so the real task is distinguishing sanctioned from unmanaged sessions and applying different rules to each. Without that separation, users route around controls.
Why This Matters for Security Teams
The mistake is not just overestimating the risk of ChatGPT itself. It is assuming that a single policy can govern every session, when the real problem is whether a request is coming from an approved business workflow or an unmanaged personal account on the same endpoint. That distinction affects logging, retention, data loss prevention, and incident response. Current guidance from NIST Cybersecurity Framework 2.0 points security teams toward governance, asset visibility, and access control rather than binary approval decisions.
For NHI-focused environments, the same logic appears in Ultimate Guide to NHIs: control fails when identity, session context, and privilege are treated as one thing. Employee use of ChatGPT becomes a data-governance issue the moment unmanaged sessions can reuse the same device, browser profile, or network path as sanctioned access. In practice, many security teams encounter prompt leakage, shadow AI usage, and policy bypass only after users have already found a convenient route around the controls, rather than through intentional adoption.
How It Works in Practice
Effective governance starts by separating sanctioned enterprise sessions from personal use at the point of access. That usually means enterprise SSO, managed browser policies, device posture checks, and clear data handling rules for approved accounts. It also means treating prompts and outputs as sensitive content when they may contain customer data, source code, secrets, or regulated records. NIST’s guidance in the NIST Cybersecurity Framework 2.0 is useful here because it emphasizes identifying assets, protecting them appropriately, and detecting misuse through consistent monitoring.
Practitioners usually need three controls working together:
- Session separation so enterprise and personal ChatGPT use do not share the same trust assumptions.
- Data classification and redaction rules so employees know what can never be pasted into any model.
- Monitoring and audit trails that preserve enough evidence to distinguish approved use from unmanaged use.
This approach lines up with NHI discipline as described in Ultimate Guide to NHIs, because the control objective is not “allow or block AI” but “govern which identity, which session, and which data path is in play.” Organisations that implement policy at the account level but ignore browser state, endpoint sharing, or consumer sign-ins often create a false sense of control. These controls tend to break down when employees use unmanaged personal devices or shared browsers, because the organisation cannot reliably distinguish sanctioned from unsanctioned sessions.
Common Variations and Edge Cases
Tighter controls often increase user friction and support overhead, requiring organisations to balance data protection against productivity and workaround risk. That tradeoff is why current guidance suggests segmenting use cases instead of forcing a single rule across the workforce. A drafting team using approved enterprise ChatGPT for non-sensitive copy work does not need the same restrictions as a finance analyst handling payroll data or an engineer pasting code snippets that may include proprietary logic.
There is no universal standard for this yet, but best practice is evolving toward risk-tiered access, explicit acceptable-use rules, and separate treatment for personal and corporate accounts. This is also where Ultimate Guide to NHIs is helpful: identity boundaries matter more than platform labels, because unmanaged identity use can defeat otherwise sound policy. Organisations should also align their process with the NIST Cybersecurity Framework 2.0 by reviewing access, monitoring, and response together rather than as separate projects. The hardest edge case is BYOD with mixed personal and work browsing, where privacy constraints and incomplete telemetry make enforcement weaker than the policy language implies.
Standards & Framework Alignment
This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.
OWASP Non-Human Identity Top 10 address the attack and risk surface, while NIST CSF 2.0 and NIST AI RMF set the governance and control requirements practitioners need to meet.
| Framework | Control / Reference | Relevance |
|---|---|---|
| NIST CSF 2.0 | PR.AC-4 | Access control and identity segregation are central to approved vs unmanaged ChatGPT use. |
| OWASP Non-Human Identity Top 10 | NHI-03 | Session and credential boundaries mirror NHI governance problems in unmanaged AI use. |
| NIST AI RMF | AI RMF is relevant because employee AI use needs governance, measurement, and accountability. |
Use AI RMF governance to define ownership, acceptable use, and escalation paths for AI sessions.
