The six policy actions
Workforce AI Security gives you six actions to apply to any AI interaction. Select an action to see what happens to a sample prompt.
Sample prompt:
"Hi Claude, please review this code: def auth(user, pwd='Str0ng!Pass123'): api_key = 'sk-prod-a8f2e1b9c4d7'"
Action comparison
| Action | Prompt sent? | Data modified? | User notified? | Logged? |
|---|---|---|---|---|
| Allow | Yes | No | No | Yes |
| Prevent | No | N/A | Yes (blocked) | Yes |
| Redact | Yes (modified) | Sensitive parts removed | Yes (redacted) | Yes |
| Detect | Yes | No | No | Yes + alert |
| Block | No (app blocked) | N/A | Yes (app blocked) | Yes |
| Ask | If justified | No | Yes (justification prompt) | Yes + reason |
Loading...
Think Deeper
Try this:
A customer wants to start with 'Block' on everything. Why is 'Detect' a better first step?
Detect mode lets you see the real usage patterns before disrupting workflows. If you block immediately, you'll face employee backlash, shadow workarounds, and you won't know what you're actually protecting against. Start with Detect → analyse → design targeted policies → enforce gradually.
Cybersecurity tie-in: The six actions map to a graduated response model —
the same principle as firewall rules. You don't need a single policy for everything;
you need the right action for the right data type in the right context.