Claude Enterprise and DLP visibility: what changes for IAM teams?

TL;DR: The security problem is no longer raw access volume, but unmanaged AI-mediated data exposure that existing controls cannot reliably see or classify; Cyera says its Omni DLP integration with Anthropic’s Claude Compliance API brings auditable visibility to Claude Enterprise conversations, files, and user activity, while Cyera Research found workers use only about 4% of the access they are granted.

NHIMG editorial — what this means for NHI practitioners

By the numbers:

• Cyera Research analyzed 2.4 million workers and found that employees use about 4% of the access they've been granted.
• Some environments have assigned admin privileges to nearly 30% of users, six times the recommended level.

Questions worth separating out

Q: How should security teams handle sensitive data in enterprise AI chats?

A: Security teams should treat enterprise AI chats as a governed data path, not just a productivity feature.

Q: Why do dormant permissions become riskier when employees use generative AI?

A: Dormant permissions become riskier because AI can turn rarely used access into active data exposure without changing the entitlement itself.

Q: How can organisations tell normal AI use from suspicious AI use?

A: Organisations need context-aware classification that combines role, timing, data type, and activity patterns.

Practitioner guidance

• Instrument AI session telemetry into existing DLP workflows Capture prompts, files, identity, and response context from enterprise AI tools so that investigations can follow the full data path instead of only repository events.
• Correlate AI usage with identity and file-transfer activity Link Claude sessions to database queries, downloads, and user identity so unusual combinations such as odd-hour uploads or cross-system enrichment stand out quickly.
• Tune alerts around role and content context Differentiate expected legal, compliance, and analyst use from high-risk behaviour such as credential uploads or financial data sharing inside an AI session.

What's in the full announcement

Cyera's full article covers the operational detail this post intentionally leaves for the source:

• Step-by-step integration flow for turning on the Claude Compliance API in Claude organisation settings.
• Examples of alert routing into Jira, ServiceNow, Splunk, and Sentinel for operational triage.
• Policy tuning and classification workflow details for reducing false positives in AI sessions.
• Workflow examples showing how Claude interactions are correlated with file and database activity.

👉 Read Cyera's analysis of Claude Enterprise visibility and AI data governance →

Claude Enterprise and DLP visibility: what changes for IAM teams?

Explore further

View Full Forum →  |  NHI Foundation Course →