Stop staff pasting customer data into AI
AI data loss prevention (AI DLP) is a structured engagement for Australian small businesses that stops confidential client records, source code and financial data leaking into ChatGPT, Copilot, Gemini and other AI tools, without banning AI outright. Cyberhaven research found 11% of data pasted into ChatGPT was confidential and 4.2% of workers had pasted company data into a public AI tool at least once. The risk is not theoretical and it is not limited to Microsoft Copilot. ChatGPT, Claude, Gemini, Otter, Fireflies, Perplexity and dozens of free-tier AI tools are quietly absorbing client records, source code, financial data and contracts every day. AI data loss prevention is how you get that under control without banning AI.
Want to gauge your exposure first? Take the free self-check for an indicative risk score.
AI tools turn every staff member into a data egress point
A bookkeeper pastes a client's P&L into ChatGPT to summarise it. That data now sits on someone else's server.
Multiply that across the team. A salesperson pastes a contract into Claude to redline it. A developer pastes a snippet of source code into Copilot. An office manager uses Otter to transcribe an internal meeting and Otter trains on the audio. None of these people are doing anything malicious. They are doing their jobs faster. But the cumulative exposure is real and almost always invisible until something goes wrong. AI data loss prevention treats this as a real risk surface and brings it under control, without banning the tools that staff genuinely benefit from.
What an AI DLP engagement actually covers
AI tool inventory
Find what AI is actually in use. Sanctioned tools, personal-login shadow tools, browser plugins, meeting bots and the AI features inside your existing SaaS that nobody flipped off.
Data classification
Identify what data your team handles that should never go to a public AI tool. Client records, source code, financial data, health info, contracts, M&A material. Plain-English categories, not enterprise taxonomy.
Microsoft 365 controls
Configure Copilot sensitivity labels, Purview DLP rules and conditional access. Hide records that shouldn't be in Copilot's index. Block enterprise data from leaving via Edge.
Public AI tool policy
A written, plain-English policy on what staff can paste into ChatGPT, Claude, Gemini and other public AI tools. Includes the practical alternatives (paid tier, business tier, self-hosted) for the cases that justify it.
Meeting bot and SaaS AI
Audit which meeting bots and embedded SaaS AI features are training on your data. Turn off the ones you cannot justify. Document the ones you keep.
Incident response
What to do when someone pastes the wrong thing into the wrong tool. Step-by-step playbook covering OAIC Notifiable Data Breach assessment, client notification and tool-vendor takedown paths.
Three ways to engage, all scoped to your size
AssessmentOne-off
Fixed-scope written assessment. AI tool inventory, data classification, gap analysis against Australian Privacy Act, prioritised recommendations. Roughly 2-3 weeks. The right starting point for most small businesses. See our Privacy Act 2026 checklist for what we assess against.
- ✓AI tool inventory
- ✓Data classification
- ✓Privacy Act gap analysis
- ✓Prioritised remediation list
ImplementationProject
We deliver the remediation. Microsoft 365 sensitivity labels and Purview rules configured, public AI tool policy written, staff training delivered, incident response playbook documented. Roughly 4-8 weeks.
- ✓Everything in Assessment
- ✓M365 controls configured
- ✓Policy + cheat sheet written
- ✓Staff training delivered
ManagedRetainer
Ongoing monitoring and quarterly review. New AI tools appear, vendors change their data clauses, staff churn. We keep the controls current and the policy fresh. Monthly retainer.
- ✓Everything in Implementation
- ✓Quarterly control review
- ✓New-tool risk reviews
- ✓Incident response on call
pricing on application. Scope and figure agreed in writing before commencement.
How the engagement runs
30-min scoping call
We confirm the tier, the team contact and the boundaries. What is in scope and what is out. No pitch deck.
Find every AI tool
Browser plugins, personal logins, meeting bots, embedded SaaS AI, sanctioned tools. The full picture before any remediation.
Map the data risk
What data does the team actually handle and which categories should never reach a public AI tool. Plain-English, not enterprise jargon.
Lock the leak surface
Microsoft 365 controls configured. Public AI tool policy written and signed off. Staff training delivered. Cheat sheet pinned.
Keep it current
On the Managed tier we review quarterly. New AI tools appear weekly. Vendors update data clauses. The controls have to keep up.
We work with Australian small businesses, typically 5 to 50 staff. The Assessment tier is the most common starting point. About half of clients move on to Implementation. A smaller subset stay on Managed because new AI tools genuinely do arrive every week.
What this engagement is not
A network or device DLP rollout
Endpoint and network DLP is your MSP's territory. We focus on the AI tool surface that sits above the device layer.
A blanket AI ban
We do not write policies that block AI outright. The point is to keep the productive use while closing the leak surface.
A Microsoft 365 licence sale
We do not resell M365 SKUs or earn margin on Copilot licences. Vendor recommendations are vendor-neutral.
Legal advice
We work alongside your privacy lawyer. We do not provide legal opinions on what does or does not breach the Privacy Act in a specific case.
A penetration test
Different engagement. AI DLP is about authorised users leaking data via AI tools. Pen testing is about unauthorised access. We run that as a separate service.
When this engagement makes sense
M365 Copilot is live or imminent
Microsoft has flipped Copilot on for your tenant or you have signed for the licences. Sensitivity labels and Purview DLP rules need to be configured before staff start asking it sensitive questions.
Renewal form has AI questions
Your cyber insurance renewal or a procurement form has explicit questions about AI usage policy, AI data handling and incident response. You need real answers.
Something nearly went wrong
A staff member pasted something into ChatGPT they probably should not have. Nobody got hurt this time. The owner wants the next time not to happen.
Sector regulator asking about AI
AHPRA, OAIC, ACNC, NDIS, NOPSEMA or a similar regulator is asking how you manage AI in the context of client and patient data.
Procurement questionnaire
A larger client or government tender sent through a procurement form with AI governance questions. Saying nothing about AI DLP loses the deal.
Staff using personal AI logins
You suspect or know that staff are using ChatGPT, Claude or Gemini on personal accounts with company data. Nobody has audited what is going where.
The full capability list
Consulting, automation, security and training, plus the build and fix work when you need it. These are the eight we lead with; 32 in total. Your AI consultant in Perth, working nationally.
AI Consulting
Map your ops, find where AI makes sense, build an implementation plan your team can follow.
Learn moreAutomation
n8n, Make, Power Automate, custom integrations. The boring weekly tasks, automated.
Learn moreAI Security & DLP
Stop data leaking into AI tools. Usage policy, M365 controls, Privacy Act and Essential Eight aligned.
Learn moreAI Training
Train your whole team to use AI well. Role-based programs, workshops and coaching across Claude, ChatGPT and Copilot.
Learn moreApp Development
Apps, tools, MVPs and internal systems built with AI-assisted dev, with senior engineering oversight.
Learn moreVibe Code Audit & Fix
Built with Claude, Cursor, Bolt or Lovable? We find what's broken, patch it, hand it back production-ready.
Learn moreAI Agents
Custom agents for CRM, accounting, project management. Built with Claude, GPT and MCP.
Learn moreAgentic Coding
Autonomous coding agents build features end-to-end. We review, steer, and ensure production quality.
Learn moreFrequently asked questions
AI data loss prevention (AI DLP) is the practice of stopping confidential data from leaving the business via AI tools. That covers Microsoft 365 Copilot pulling from files it should not see, staff pasting client data into ChatGPT or Claude, meeting bots transcribing internal calls, browser AI assistants reading whatever tab is open, and the AI features now embedded in most SaaS tools. AI DLP combines technical controls (M365 sensitivity labels, Purview DLP rules, conditional access), a written usage policy, staff training and incident response.
No. Microsoft Copilot is the most visible risk because of how broadly it has been rolled out, but the bigger surface is staff using ChatGPT, Claude, Gemini and dozens of free-tier AI tools on personal logins, browser AI assistants on company devices, and meeting bots silently joining calls. A real AI DLP engagement covers all of these, not just the Microsoft stack.
Pricing is on application. The Assessment tier is fixed-scope and typically runs 2-3 weeks. Implementation runs 4-8 weeks. The Managed retainer is monthly rolling. Scope and figure are agreed in writing before commencement, no annual lock-in on Managed.
Australian small businesses, typically 5 to 50 staff. Smaller than that the AI Usage Review or a Fractional CAIO engagement is usually a better fit. Larger than that the engagement scales but the playbook is the same.
The engagement is structured around Australian Privacy Act obligations including the Australian Privacy Principles, the Notifiable Data Breaches scheme, and (where relevant) the 2024 Privacy Act amendments. We work alongside your privacy lawyer rather than replacing them. Final compliance sign-off remains theirs.
The incident response playbook covers it: assess whether the data triggers OAIC Notifiable Data Breach obligations, document the exposure, contact the AI vendor through the appropriate takedown path (OpenAI, Anthropic and Google all have one), notify affected clients if required, and update the policy to prevent recurrence. Doing this in advance is what separates a near miss from a notifiable breach.
No, and that is the point. A blanket AI ban gets ignored within weeks and pushes the usage further into the shadows. AI DLP done well makes the sanctioned tools easy to use and the risky paths hard. Most clients see AI usage go up not down after the engagement, because staff finally know what they are allowed to use.
Not necessarily. AI DLP is the one-off and ongoing technical and policy work. Fractional Chief AI Officer is broader ongoing AI leadership. Many small businesses do AI DLP first and only add Fractional CAIO if AI becomes a bigger part of the business model.