What is the foundation for secure use of ChatGPT?

Is it dangerous to access ChatGPT via the Internet?

ChatGPT is getting a lot of buzz these days. I'm sure some of you use it every day.
Normally, when you use ChatGPT, you access it over the internet. However, when security is a priority, such as in a corporate setting, can you just use it as is? You need to be careful when you use ChatGPT over the internet, because you will be exposed to a variety of risks, such as;

• Virus infection
• Being compromised
• Information leakage due to negligence

Figure 1: Risks of connecting to ChatGPT over the Internet

So, you might be thinking, what can we do to mitigate the risks and use ChatGPT?
One solution is to create a secure closed network [^*1] environment which will be explained in the next section.

• [^*1] An environment that is isolated from the public Internet.

An overview of secure closed network environments

I'm going to start with a bit of technical jargon.
Setting up a closed network environment means users need to reach ChatGPT without exposing it to the public internet.

To give you a concrete idea, let's look at an environment that combines Azure OpenAI [^*2] and various Azure services that you can build with our templates.

• [^*2] ChatGPT service in Azure

Figure 2: Connecting to Azure OpenAI in a closed network environment

Compared to Figure 1, there are various services in between, but there are three important points.

(1) Private Endpoint for using Azure Private Link

Using Azure Private Link, you can access Azure OpenAI through an Azure managed network without having to go out to the internet. Access to Azure OpenAI will go through the Private Endpoint shown in the diagram.

(2) DNS Private Resolver

You can access the Private Endpoint's private IP by connecting with ExpressRoute or VPN from outside the closed environment. However, when accessing with the Azure OpenAI URL, the private DNS zone is not accessible, so name resolution is not possible, and the Private Endpoint's private IP cannot be obtained.
As a solution to this problem, you can perform DNS queries to the private DNS zone from the customer location by using DNS Private Resolver.

(3) Azure OpenAI Service

According to Azure's terms of service, it is explicitly stated that the input and output information of the Azure OpenAI Service will not be used for model improvement or other purposes. Additionally, the Azure OpenAI Service monitors for inappropriate use that violates the code of conduct. By submitting an opt-out request for misuse monitoring, access to input information by OpenAI operators can also be restricted. By appropriately using the service and submitting an opt-out request, you can prevent input/output data from being used for model improvement and avoid information leakage to external parties. While this differs from risks posed by internet access, it is equally important to prevent information leakage from this perspective.

Summary

• When using ChatGPT in an enterprise, there are security considerations. One of them is access via the Internet.
• In this article, we introduced a method for constructing a closed network environment. NTT DATA supports the quick construction of an environment by preparing a construction template.
• In addition, we can help you start using ChatGPT with a sense of speed by fully addressing security considerations, not only for closed networks.
• Furthermore, NTT DATA provides a wide range of support, from examining use cases for using ChatGPT to building environments and actually using ChatGPT in companies. If you want to use ChatGPT securely, please feel free to contact us! Let's create new business value together.