GPTfy helps you protect sensitive information by applying multi-layered anonymization before sending any Salesforce data to AI. These Security Layers work seamlessly within the Data Context Mapping feature and ensure that personally identifiable information (PII) is masked to meet compliance and privacy standards.
What You Can Do
With GPTfy’s built-in security capabilities, you can:
- Identify and anonymize sensitive data using custom and prebuilt rules
- Apply different anonymization strategies based on field type
- Mask data dynamically using Regular Expressions (Regex), blocklists, and field-level logic
Three Security Layers Explained
GPTfy supports three distinct layers of data anonymization. These layers are automatically available upon installing the app and are configurable within the Field Mapping window of Data Context Mapping.
Layer 1: Record-Specific Field Value Based
- Focuses on predefined field values (like Name, Email, Phone)
- Supports field-specific masking rules
Layer 2: Global Format-Based (Regex)
- Applies Regex patterns to detect PII in text area fields
- Optionally uses Regex to detect structured data
- Supports global data formats including:
- Email addresses
- Phone numbers (with locale-specific formats)
- Social Security Numbers (SSNs)
- Driver’s licenses
- ZIP/postal codes
Layer 3: Global Blocklist Value Based
- Uses a predefined blocklist of sensitive values to anonymize
- Ideal for sensitive business terms like product names or confidential identifiers
- Also works within text area fields
Note: Layers 2 and 3 operate only on long text fields and are designed to mask specific strings within unstructured content.
Field-Level Controls for Regex Matching
To improve the precision of anonymization, GPTfy includes advanced options for Regex matching:
| Checkbox | Functionality | Benefits | Potential Drawbacks |
|---|---|---|---|
|
Match Complete Word |
Adds (?<=\s)(?= \s) for matching whole words |
Prevents partial matches within other words (e.g., avoids matching ‘cat’ in ‘category’) |
Might miss matches not surrounded by whitespace |
|
Ignore Special Characters |
Ignores special characters at the start or end of a match (e.g., . , : ; { }) |
Allows flexible matching when data is inconsistently formatted |
Could result in unintended matches if special characters are meaningful |
Steps to Use Security Layers in Data Context Mapping
Step 1: Access the Field Mapping Window
- Navigate to Data Context Mapping from the GPTfy Cockpit
- Select an object and click Field Mappings
Step 2: Choose the Appropriate Security Layer
- For regular fields (e.g., Email, Phone), select Entire Value (Layer 1)
- For long text fields, select Specific Patterns to activate Layers 2 and 3
Step 3: Save Your Field Mapping
After configuring the masking layer and values, click Save
Step 4: Activate the Prompt
- To apply the configured security layers, activate an existing prompt or create a new one that uses the mapping
Step 5: Run the Prompt
- Run the prompt on any Salesforce record to trigger the anonymization process
Step 6: Verify Anonymization in the Security Audit Record
- Open the Security Audit record linked to the processed record
- Review the following fields:
- Data (Original): Original field value
- Data (PII Removed): Value after masking
- Data (Original): Original field value
In the above example, following list will show values anonymized by different Security Layers.
“34e” : “SF-0179-022” – Layer 2 – By Regex
“12321” : “SF-0174-001” – Layer 2 – By Regex
“3333-454-45” : “SF-0175-001” – Layer 2 – By RegexWhen the rules run they process the larger value first then it process the remaining values.
| Field | Description | Table Header |
|---|---|---|
|
Model
|
Auto-filled by the system.
|
|
|
Platform |
Picklist field to define the platform the model runs on. |
|
|
Named Credential |
Use a secure credential (e.g., GPTfy) included in the GPTfy package. |
|
|
AI Technology |
Select the appropriate AI provider. |
|
|
Type |
Specify if this is a Voice, Chat, or Standard model. |
|
|
Top P
|
Sets the cumulative probability threshold (e.g., 0.75) to control output diversity. |
|
|
Temperature |
Adjusts response randomness: lower = more focused, higher = more creative. |
|
|
Max Tokens |
Limits the number of tokens in each response. |
For example – When we have a bigger number (+49 1234 5678901) and a regex (SF-0926-002)is covering the small number (5678901) which is a part of the big number, so the regex of bigger number (SF-0924-005) is at the top of the smaller one. ‘5678901’ belonged to a bigger phone number, so the secondary regex didn’t conflict.
Summary
- Use Layer 1 for complete field-level anonymization
- Use Layers 2 and 3 for inline masking within long text
- Customize Regex behavior using checkboxes to improve accuracy
- View and audit anonymization results directly in GPTfy’s security logs
This multi-layered approach helps you stay compliant and confident in how your data is handled.