One of our MSP partners, Vivitec, recently engaged with a client who was in the early stages of defining their AI strategy. Recognizing both the opportunities and risks of AI adoption, the client had not yet formalized their official best practices for AI usage. To minimize risk, leadership implemented a company-wide policy prohibiting the use of AI tools until they established a proper framework.

The Challenge

While the policy was clear as written, the client had no visibility into real-world AI usage across the organization or a way to systematically enforce the policy. With employees increasingly exploring AI tools in the browser, enforcement and monitoring became a significant challenge. Without the ability to track usage, the client risked shadow AI adoption, non-compliance with internal policy, and potential exposure of sensitive corporate data.

The Assessment

Vivitec, led by CRO Bruce Kelly, offered a two-week browser security assessment powered by Atakama’s Managed Browser Security Platform. Once completed, the assessment results where remarkable: seven employees had been using ChatGPT on a daily basis, having spent over fourteen hours collectively on the tool during the period.

Unsurprisingly, the client was shocked, operating under the mistaken assumption that their employees had been following the AI policy. As is usually the case, the lack of visibility resulted in undetected policy violations.

The Solution

With Atakama’s Managed Browser Security Platform, Vivitec provided:

• Granular visibility into browser activity, down to the user level,

• Policy enforcement that aligned with the client’s corporate guidelines, and

• The ability to outright block access to ChatGPT and other AI tools.

This empowered the client with the ability to enforce their policy, while also providing actual usage data sufficient to help them formulate their future AI strategy.