Workforce AI Security

Training Presentation

Monitor, Govern & Protect Generative AI Usage

Check Point Security • Training Edition

2

What Is Workforce AI Security?

A platform that helps administrators monitor, govern, and protect generative AI usage across the organization.

Core Mission

  • Provide visibility into ALL AI applications (approved & shadow tools)
  • Evaluate user sessions for potential security risks
  • Analyze context, content sensitivity, and user behavior
  • Block risky activities and prevent data leakage

Bottom Line: Balance innovation with security — safely enable AI while protecting sensitive data.

3

Key Benefits

Increased Visibility

Complete view of all generative AI platforms, their purposes, and associated risks.

Informed Governance

Understand top AI use cases to make better policy and investment decisions.

Data Loss Prevention

AI-driven data classification reduces risk of sensitive information exposure.

Regulatory Compliance

Audit trail of user activities ensures compliance with industry regulations.

Plus: Continuous monitoring, advanced risk assessment, governance & reporting tools.

4

Available Editions

Two deployment options tailored to organizational needs:

Enterprise

Coverage: Web, Desktop, MSP, IDEs

Capabilities: Full Discovery, Governance & Protection

Integration: Complete — all environments

Positioning: Full-featured, comprehensive

Essentials

Coverage: Web applications only

Capabilities: Discovery, Governance, Protection (Web)

Integration: Limited to web apps

Positioning: Lighter, more affordable add-on

5

Architecture Overview

Workforce AI Security operates across three primary layers:

1. Endpoint Monitoring Layer

Captures AI-related user actions on devices:

  • Browser extension — web-based AI chats & tools
  • Desktop proxy — ChatGPT Desktop, coding assistants
  • IDE integrations — AI-powered coding features
  • MCP server visibility — agentic workflows

2. Policy & Classification Engines

Evaluates each AI interaction: Access Policies, Chats/DLP Policies, Agent Policies

3. Management & Governance Layer

Check Point Portal — dashboards, analytics, event logs, policy config, RBAC

6

Data Flow — How It Works

The system processes AI activity through this sequence:

1 User interacts with AI tool
2 Endpoint captures the interaction
3 Cloud analysis: risk & data detection
4 Policy rules applied
5 Action enforced (Allow/Block/Ask/etc.)
6 Events logged & visible in dashboards
7 Admins review & adjust governance
7

Key Terminology

AI ApplicationGenerative AI tool used through web browser or desktop client
MCP ServerService exposing tools, resources, or APIs to AI agents
AgentAutomated AI workflow that may call external tools via MCP
Use CaseFunctional purpose (code generation, analytics, email drafting, etc.)
Sensitive Data TypePatterns for regulated, confidential, or org-specific data
Managed vs UnmanagedOrg-licensed vs personal AI accounts
Risk LevelsCritical • High • Medium • Low • Very Low
8

Overview Dashboard

Central interface for monitoring AI activity — executive summary at a glance

Top Applications

Highest traffic AI apps with risk color indicators:

Critical High Medium

Shows users, sessions, prompts, file uploads & usage trends

Sensitive Data & Use Cases

Top 5 sensitive data types & top 5 use cases driving AI adoption across the org

Top-Risk Users

Users with highest risky activity — pinpoints where oversight/training is needed

Policy Enforcement

Distribution of Allow / Ask / Prevent / Block actions across sessions

Total AI Traffic: managed vs unmanaged split

Risk vs Usage Matrix

Bubble chart: each app's risk level vs usage volume

9

Applications & Discovery

Applications Page

  • All discovered apps grouped by risk, category, popularity
  • Widgets: risk distribution, category breakdown, top used
  • Table: name, risk, category, sessions, users, sensitive content
  • Managed apps labeled for distinct policy control

Discovery

  • Identify active AI apps before applying policies
  • Web, Desktop, IDE, MCP server visibility
  • Assess risk exposure per application
  • Drill into sessions, events, prompts, files
  • Application Catalog: searchable DB of AI services
10

Deployment

Endpoint components monitor AI activity & enforce policies on every device.

Download Options

  • Web Only — browser extension (all licenses)
  • Complete — browser extension + desktop agent (Enterprise)

Deployment Status

  • Device-level table with policy versions
  • Last connection tracking (24h / 7-30d / 30d+)
  • Policy version consistency dashboard

Agentic Endpoint Discovery

  • Script-based discovery (no resident agent)
  • MDM-based or manual deployment
  • Windows & macOS support

Desktop Client Actions

  • Get Info, Reload Policy, Send/Collect Logs
  • System tray icon (Windows) / Menu bar (macOS)
  • Auto-policy update within ~10 minutes
11

Inventory & MCP Servers

Inventory

Visibility into AI agents and AI-enabled applications:

  • Identify AI agents running in the environment
  • Detect unmanaged / Shadow AI usage
  • Does not enforce — provides info for governance decisions

Risk Visibility

  • Risk Severity Distribution (Low to Critical)
  • Shadow AI count, Security Score, Risky Agents
  • Risk Types table with external framework mapping

MCP Servers

Model Context Protocol servers expose tools & APIs to AI agents:

  • Tools — actions model can call on the server
  • Resources — data/assets the model can access
  • Prompts — predefined instructions for the model
  • Sampling — server-to-model text generation requests

Active Servers table: Platform, MCP server, Users, Capabilities, Top tools, Operations (CRUD), Invocations

12

Policy Layers — Layered Protection

Workforce AI Security enforces security across three policy planes:

1

Access Policies — Application-Level Control

Decides if a user can access a specific AI app. Actions: Allow / Ask / Block.

2

Chats / DLP Policies — Content-Level Control

Inspects content sent to AI. Uses Data Types to identify sensitive data. Actions: Allow / Block / Detect / Prevent / Redact.

3

Agent Policies — Tool-Level Control for MCP

Governs MCP server tools, URL/file reputation, prompt injection protection, content moderation.

13

Access Policies

How to Create an Access Rule

  1. Go to Workforce > Manage Interactions > Access
  2. Click Create new
  3. Define: Rule name, Active (ON), Scope (org or selected users)
  4. Set Destination: Any (all apps) or Applications (specific)
  5. Select Action: Allow, Ask, or Block
  6. Enable/disable Logging, then Save

Allowlist Approach

Block all by default, allow only approved apps

Maximum control & predictability

Blocklist Approach

Allow all by default, block only known risky apps

Flexible, minimal restrictions

14

Chats / DLP Policies

How to Create a Chat Rule

  1. Go to Workforce > Manage Interactions > Chats
  2. Click Create new
  3. Select Event type: Prompt, File Upload, or Paste
  4. Set Scope: Entire org or selected users/groups
  5. Set Destination: Any, Selected, or Managed platforms
  6. Select Data Types (max 100 across all policies)
  7. Select Action: Allow, Ask, Block, Prevent, Detect, or Redact
  8. Enable/disable Logging, then Save

Key Point: Data Types Classification powers DLP — predefined + custom patterns detect sensitive content in prompts, pastes, and uploads.

15

Agent Policies

How to Create an Agent Rule

  1. Go to Workforce > Manage Interactions > Agents
  2. Click Create new
  3. Define: Rule name, Active (ON), Source (users/groups)
  4. Specify which MCP server(s) this governs
  5. Select relevant tools to allow or block
  6. Select OS and Platforms
  7. Action: Allow, Ask, or Block
  8. Enable/disable Logging, then Save

Design Tip: Be conservative with agent policies. Refine based on discovery data. Agent policies control actions (invoking tools, CRUD ops), not just access.

16

Policy Action Behaviors

ActionBehaviorData FlowData Control
AllowAccepts without restrictionsAllowedNot restricted
AskUser must confirmConditionalConditional
BlockRejects data, stops actionNot allowedAttempt blocked
DetectLogs only, no interruptionAllowedNot restricted
PreventStrictly blocks, disables submissionNot allowedAction disabled
RedactRemoves/masks sensitive dataSanitized onlySensitive data removed

Files: Allow / Ask / Block / Prevent • Pasted text: adds Detect • MCP: Block / Allow

17

Events & Monitoring

Event Types

  • Chats: user interactions with AI chats — use case, DLP, risk score, enforcement action
  • Agentic: MCP behavior — tools used, policies triggered, sensitive data involved

Interaction Types

  • File upload / file interaction
  • Prompts entered by users
  • Text inputs (text control)

Event Details

Each event row: Application, Type, Time, User, Risk, Use Case, Action, Policy Name, Reason, Sensitive Data, File Names, Prompt (admin view)

Filtering

  • Free text search across all fields
  • Filter icon for specific event types
  • SIEM forwarding available for centralized monitoring
18

Data Types Classification

Categories

Predefined Data Types

Built-in sensitive data patterns

Custom Data Types

Org-specific content patterns

My Groups

Custom collections of types

Check Point Recommended

Curated sensitive data sets

Matching Criteria

Pattern — specific formats Keyword — defined words Dictionary — uploaded word list Weighted Words — scoring threshold Template — document structure File Attribute — name/size/type

Note: Max 100 Data Types across all policies. Context Data Types use AI analysis for meaning-based detection (available for AI category, Text Control & Paste events).

19

Integrations

Connect SaaS platforms to discover and scan agent-based AI workloads.

AI Tools & Assistants

  • Microsoft 365 Copilot
  • OpenAI Enterprise (Compliance API)
  • Claude Enterprise (Compliance API)
  • Devin AI

AI Gateways & Infrastructure

  • AWS Bedrock / Bedrock AgentCore
  • Google Cloud
  • AI Guardrails API

Agent Platforms

  • Microsoft Copilot Studio
  • Salesforce Agentforce
  • n8n
  • Relevance AI
20

OpenAI Enterprise Integration

Purpose

Connects your workspace to OpenAI through a compliance-controlled API for visibility into OpenAI usage.

Prerequisites

  • Active ChatGPT Enterprise plan
  • Compliance API enabled in OpenAI org
  • Admin access to OpenAI console

Configuration Steps

  1. Login to platform.openai.com > Org Settings > Compliance & Security
  2. Create/copy Compliance API key and Workspace ID
  3. In Check Point Portal: Integrations > OpenAI Enterprise > Configure Integration
  4. Paste Workspace ID and API key, click Save

Note: Uses a Compliance API key (not standard OpenAI API key). Discovered agents appear in Inventory for review and management.

21

Claude Enterprise Integration

Purpose

Monitors Claude Enterprise usage via Anthropic Compliance API (read-only access to audit and usage data).

Prerequisites

  • Claude Enterprise plan with Compliance API enabled
  • Must be a Primary Owner on the Anthropic tenant

Configuration

  1. Login to claude.ai as Primary Owner > Org settings > Data and privacy
  2. Create Compliance Access Key with read scopes
  3. In Check Point Portal: Integrations > Claude Enterprise > Configure Integration
  4. Paste key and click Save

Scanning

Manual scan (Scan Now) or Periodic (Off / Daily / Weekly). Agents appear in Inventory with usage levels (Low to Extreme) and models used.

22

Control Policy Patterns

Allowlist

Goal: Block all by default; allow only approved apps

Maximum control & predictability

Blocklist

Goal: Allow all; block only known high-risk apps

Flexible, minimal restrictions

Managed vs Unmanaged

Goal: Same platform, different trust levels

Allow managed, block/restrict unmanaged

Discovery Mode

Goal: Observe before restricting

Access=Allow, Chats=Detect, then enforce

Agent Policy

Goal: Control automated actions

Conservative by design, refine from data

23

Roles & Permissions

Four specific service roles (in addition to Global Roles):

RolePermissions
Read-OnlyRead-only to all pages. Cannot create/edit policies. No prompt viewing.
AdminRead & write to all pages. No prompt viewing.
Admin — View High-Risk PromptsAll Admin privileges + view high & critical risk prompts
Admin — View All Sensitive PromptsFull Admin + visibility into all sensitive prompts (low-risk and above)

Note: Prompts not classified as sensitive are not stored (privacy control). Assign prompt-viewing roles via Account Settings > Users > Specific Service Roles > AI Security.

24

Settings

Privacy & Data Retention

  • Default retention: 30 days
  • Default risk threshold: Low risk and above
  • Prompts without risk level are not stored

User Interactions

  • Upload company logo for blocking messages
  • Customize title & description for Access and Chat notifications
  • Preview messages before saving

Managed Applications

Define organization-approved app instances:

  • Register license details for official subscriptions
  • Apply different policies to managed vs personal accounts
  • Settings > Managed application > Add Organization ID

User & Device Sync

Integrate with MDM for user/device synchronization.

Key Takeaways

Complete visibility into all AI usage across your organization

Layered policies: Access → DLP (Chats) → Agents

Flexible control: Allow, Block, Ask, Prevent, Detect, Redact

Integrate with OpenAI, Claude, M365 Copilot & more

Balance innovation with security — safely enable AI

Workforce AI Security • Training Edition

Slide 1 / 25