Security Layers

Updated on February 24, 2024
Updated on February 24, 2024

GPTfy offers a powerful feature that allows you to anonymize sensitive data in Salesforce before it is sent to AI. This feature helps you identify and anonymize sensitive data in a seamless manner. It has the following capabilities:

GPTfy can identify and anonymize sensitive data in multiple layers:

  • Layer 1 – Record Specific Field Value-based: This layer focuses on specific field values and can be customized to use Regex for specific data types (e.g., Email, Phone, Name).

  • Layer 2 – Global Format-based (Regex): This layer uses Regex patterns to identify and anonymize sensitive data, including common data types like Email, Phone, SSN, Drivers License, Zip Code, and their international/locale-specific variants.

  • Layer 3 – Global Blocklist Value-based: In this layer, you can specify a list of values that should be anonymized, such as product names or other sensitive information.
    Layer 2 and Layer 3 work on the text area fields, where the text inside the field values are scrutinized for PII data, and those values will be specifically anonymized. The type of layer can be determined in the field mapping window of Data Context Mapping.

Security Layer records are added as prepackaged data when GPTfy is installed. These will have a list of Regexes and Blocklists, which can take care of values of different data types.

Steps to Use Security Layers in Data Context Mapping

Step 1: Accessing Security Layers

  • To configure the security layers, you need to navigate to the field mapping window within the Data Context Mapping.

Step 2: Selecting Layer for Field Mapping

  • When creating or editing a Data Context Mapping, you can select the appropriate layer for different types of fields:
    • For non-text area fields, choose “Entire Value” to utilize Layer 1.
    • For text area fields, select “Specific Patterns” to utilize Layer 2 and Layer 3.

Step 3: Save Field Mapping

  • Once you’ve selected the layer for each field, click the “Save” button to save your field mapping settings.

Step 4: Activate the Prompt

  • To apply the security layers, you can either run an activated prompt (if available) or create a new one using the mapping created in the previous steps. Activate the prompt to ensure that then can be used in console to run GPTfy.

Step 5: Running the Prompt

  • Run the prompt on any record in Salesforce.

Step 6: Verify Anonymization

  • After running the prompt, open the security audit record created for that record.

  • In the security audit record, review the “Data (PII Key)” and “Data (PII Removed)” fields. These fields will display the data before and after anonymization, showcasing how the security layers have effectively masked PII data.
  • In the above example, following list will show values anonymized by different Security Layers.

    “(212) 555-5555” : “Phone2” – Layer 1 – By Entire value
    “8878778787” : “SF-0042-001” – Layer 2 – By Regex
    “philips” : “SF-0051-001” – Layer 3 – By Blocklist
    When the rules run they process the larger value first then it process the remaining values.

For example – When we have a bigger number (+49 1234 5678901) and a regex (SF-0926-002)is covering the small number (5678901) which is a part of the big number, so the regex of bigger number (SF-0924-005) is at the top of the smaller one. ‘5678901’ belonged to a bigger phone number, so the secondary regex didn’t conflict.