Skip to content

Security guide

About This Guide

This security guide focuses on iGuard, InspectChat's comprehensive safeguard system designed to protect your organization's data and ensure secure AI interactions. This guide explains the various security measures and how they work to protect your communications.

Understanding iGuard

iGuard is InspectChat's built-in security system that acts as a protective layer between users and AI models. It automatically scans all communications for potential security risks, sensitive information, and policy violations.

Key Functions

  • Real-time message scanning
  • Automatic detection of sensitive information
  • Policy enforcement
  • Compliance monitoring
  • Immediate blocking of risky communications

Security Validations

1. Detect Secrets

Purpose: Prevents accidental sharing of sensitive credentials and keys.

What It Detects: - API Keys - Authentication Tokens - Passwords - SSH Keys - Database Connection Strings

Example Block Message: Whenever the safeguards system detects secrets following message will be displayed to the user. "🔐 -> Potential sensitive information detected: Please ensure you're not sharing any confidential data, passwords, or access keys."

Figure 1: Secret Detection Block Message

2. Detect PII (Personal Identifiable Information)

Purpose: Protects personal and sensitive information from exposure.

What It Detects:

Personal Information

  • 📝 Social Security Numbers (SSN)
  • 💳 Credit Card Numbers
  • 📧 Email Addresses
  • 📱 Phone Numbers (International formats)
  • 🏠 Physical Addresses
  • 🛂 Passport Numbers
  • 🚗 Driver's License Numbers
  • 📅 Birth Dates
  • 👤 Person Names (First, Middle, Last)

Financial Information

  • 🏦 Bank Account Numbers
  • 💰 IBAN Codes
  • 💵 Swift Codes
  • 💳 CVV Numbers

Medical Information

  • 🏥 Medical License Numbers
  • 📋 Medical Record Numbers

Location Information

  • 📍 IP Addresses
  • 📫 ZIP/Postal Codes
  • 🌍 GPS Coordinates
  • 🏢 Location Identifiers

Government Identifiers

  • 🪪 National ID Numbers
  • 🏛️ Government Official Numbers

Digital Identifiers

  • 💻 MAC Addresses
  • 🌐 URLs containing personal info
  • 📱 Device IDs
  • 🔑 Cryptocurrency Addresses

Professional Information

  • 👔 Employee Numbers
  • 🏢 Corporate Email Patterns

Cultural Identifiers

  • 🌍 Nationality
  • 🗣️ Ethnicity
  • ⛪ Religious Identifiers

Example Block Message: Whenever the safeguards system detects personally identifiable information following message will be displayed to the user: "**🔒 -> Personal information detected: For your privacy and security please avoid sharing sensitive information." Example Warn Message:

3. Sentiment Analysis

Purpose: Maintains professional communication standards and prevents harmful content.

Monitors For: - Hostile Language - Inappropriate Content - Unprofessional Tone - Harassment - Discriminatory Language

Threshold Settings: - Low Risk (0.3): Minor unprofessional language - Medium Risk (0.6): Concerning tone or content - High Risk (0.8): Severe violations

Example Block Message

4. Unusual Prompt Detection

Purpose: Identifies potentially harmful or suspicious requests.

Monitors For: - Code Injection Attempts - Prompt Engineering Attacks - System Command Requests - Policy Violation Attempts

Example Block Message

Configuring Safeguards

Administrators can customize iGuard settings:

  • Enable/Disable Validations: Control which checks are active.
  • Set Thresholds: Adjust sensitivity levels.
  • On Fail Actions: Define system responses (block or warn).

Administrators can customize iGuard settings in real-time through declarative configuration files, without the need to restart the system. This allows for immediate adaptation to new policies or threats, ensuring continuous protection and compliance.

Declarative Configuration for iGuard

Configurations for iGuard are defined in a YAML file, allowing for clear and human-readable settings. Changes to this configuration are applied in real-time, enabling administrators to adjust validations on-the-fly.

Here's an example of how the configuration can be set:

validations:
  - name: DetectSecrets
    enabled: True
    models:
      - OpenAI
      - Gemini
    on_fail: block

  - name: DetectPII
    enabled: True
    models:
      - OpenAI
      - Gemini
    on_fail: block
    mode: permissive

  - name: Sentiment
    enabled: True
    models:
      - OpenAI
      - Gemini
    on_fail: block
    threshold: 0.5

  - name: DetectUnusualPrompt
    enabled: True
    models:
      - OpenAI
      - Gemini
    on_fail: block

Response Actions

The on_fail Parameter

Determines how the system responds when a validation fails:

  • Block: Stops the request and notifies the user.
  • Warn: Allows the request but issues a warning.

Block Mode

  • Immediately stops the message
  • Displays error message
  • Logs the incident

Warn Mode

  • Shows warning message to the user.
  • Logs the warning