Skip to content

Clipboard Paste in GenAI Sites Playbook

The Clipboard Paste in GenAI Sites playbook is triggered when a user pastes data into a GenAI application that includes sensitive keywords. The user is blocked from using the unauthorized GenAI application and is guided to delete the sensitive data before submitting.

The playbook is fully editable through the playbook editor, including:

  • Warning and notice messaging
  • Justification prompts
  • Policy links
  • Acknowledgment messaging

Organizations can tailor the experience to align with their internal GenAI governance policy.

Match Criteria

The playbook triggers when either:

Both the following conditions are met:

  • The application is in the generative-ai-apps list.
  • The pasted data contains keywords in the clipboard-sensitive-keywords list.

Or both the following conditions are met:

  • The domain is in the generative-ai-hostnames list.
  • The pasted data contains keywords in the clipboard-sensitive-keywords list.

Therefore, the playbook targets specific keywords pasted into GenAI tools used in the organization, helping to prevent submission of sensitive data.

Warning

Modification of the default match criteria should only be performed with a full understanding of the configuration. Incorrect updates may result in unintended blocking of application causing significant productivity disruptions. Confirm all updates with your organization administrators before proceeding in order align with your organization’s overall policy efforts and minimize disruption.

Out-of-the-Box Playbook Behavior

When triggered:

  1. The background session is blurred.

  2. A blocking warning is displayed to the user.

  3. A policy message guides the user to review the organization’s AI policy.

  4. The user is presented with two options:

    • Got it - the user is instructed to delete the sensitive data before submission to the application.
    • This is not sensitive – the playbook continues.

Users are prevented from working in the application.

If the user attempts to proceed:

  • They are prompted to provide a justification for why they believe the data should not be flagged as sensitive.
  • The justification is captured and forwarded to the security team.

Note

Clipboard pasting operations are discovered by the playbook immediately after the action, however the pasting operation itself cannot be prevented.

Required Configuration Before Use

Out of the box, this playbook does not include:

  • A populated clipboard-sensitive-keywords list.
  • A defined URL that hosts the company's AI policy.
  • Finalized end-user messaging.

Important

For the playbook to function, administrators must update the playbook before deployment.

Required Updates Before Use

The playbook requires minimal customization to tailor it to your organization's AI policy before it can be used.

To apply the required updates:

  1. Go to Playbooks > Company Policies.

  2. Select the Clipboard Paste in GenAI Sites playbook to customize it.

    Note

    If the playbook is not displayed, add the playbook from the Playbook catalog.

  3. Within the playbook editor, notations highlight where configuration is required.

  4. Replace the default URL in the Company Policy step with the URL that hosts your organization's AI usage policy, for example usage-policy.com.

  5. Select Publish to publish the updated playbook.

The playbook is now live in your organization.

Documentation Feedback

Feedback is provided as an informational resource only and does not form part of SailPoint’s official product documentation. SailPoint does not warrant or make any guarantees about the feedback (including without limitation as to its accuracy, relevance, or reliability). All feedback is subject to the terms set forth at https://developer.sailpoint.com/discuss/tos.