Governance Module¶
The Governance module provides oversight of GenAI tool usage and data flow governance through input recording and file transfer recording. It requires an active subscription.
Availability¶
- Browser Extension: Supported
- Outlook Add-in: Not supported
- Microsoft Teams: Not supported
Getting Started¶
- Subscribe to the Governance module in Tenant Settings
- Navigate to Governance > GenAI Prompts and click Enable Now to auto-create a policy linked to the managed AI Tools hostlist
- View captured prompts on the GenAI Prompts dashboard
The AI Tools hostlist is automatically maintained by the hostlist sync worker - it aggregates AI tool domains from multiple curated sources. You do not need to create it manually.
Alternatively, create or edit a policy manually, open the Governance tab, enable Input Recording, and link it to the AI Tools hostlist.
Features¶
Input Recording¶
When enabled on a policy, the browser extension captures what users type into form fields on matching hostnames. Captured inputs appear on the GenAI Prompts dashboard.
- Triggers on form submit and Enter key press (captures complete prompts, not individual keystrokes)
- Excludes password fields
- Deduplicates identical input per field per page load
- Skips trivial content (fewer than 2 characters)
File Transfer Recording¶
When enabled on a policy, the browser extension logs file uploads and downloads on matching websites. Captured transfers appear on the Data Flows dashboard.
- Enable via the File Transfer Recording toggle on the policy's Governance tab
- Logs file name, size, extension, direction (upload/download), and source URL
- Navigate to Governance > Data Flows to view activity
- Use the Enable Now button on the Data Flows dashboard for quick setup with the "All Websites" hostlist
Note: Download Guard blocking and warning (Security module) remains independent - security alerts (security_download_blocked, security_download_warned) always fire regardless of this setting. Only the audit log (file_download/file_upload) is conditional on file transfer recording.
Policy Governance Tab¶
Each policy has a Governance tab (visible when the module is subscribed) containing:
- Input Recording toggle - enable or disable input recording for this policy
- File Transfer Recording toggle - enable or disable file upload/download logging for this policy
Enabling any toggle requires an active Governance subscription; the API returns HTTP 403 otherwise.
GenAI Prompts Dashboard¶
The dashboard page (Governance > GenAI Prompts) provides:
- Configuration banner - shows whether input recording is active, with an auto-enable button
- KPI cards - Total Prompts, Unique Users, AI Sites Used, Top AI Site
- Prompts over time - stacked bar chart by AI site
- Top Users / Top AI Sites - side-by-side bar charts
- Activity table - time, AI site, user, prompt text, field type, device
Data Flows Dashboard¶
The dashboard page (Governance > Data Flows) provides:
- Configuration banner - shows whether file transfer recording is active, with an auto-enable button
- KPI cards - Total Downloads, Total Uploads, Unique Users, Top Site
- File transfers over time - stacked bar chart by direction (upload/download)
- Top Sites / Top File Extensions - side-by-side doughnut charts
- Activity table - time, direction, site, file name, extension, user, device
Recorded Fields¶
Each recorded prompt includes:
| Field | Description |
|---|---|
| Prompt text | The recorded input text |
| Field type | HTML element type: input, textarea, or contenteditable |
| Field name | The name or id attribute of the HTML field |
Each recorded file transfer includes:
| Field | Description |
|---|---|
| File name | Name of the uploaded or downloaded file |
| File size | Size in bytes |
| File extension | File extension (e.g., pdf, xlsx) |
| Direction | upload or download |
| Source URL | The page URL where the transfer occurred |
Subscription Enforcement¶
Features stop automatically when the Governance subscription lapses:
| Layer | How it stops |
|---|---|
check_site API |
Returns input_recording: false, dataflow_recording: false if module not subscribed |
| Policy CRUD API | Rejects enabling governance toggles with HTTP 403 |
| Portal UI | Governance tab disabled; dashboards show module-not-enabled message |
Setting values are preserved in the database after unsubscribe. If the tenant re-subscribes, policies resume without reconfiguration.
Privacy Considerations¶
- Input recording captures the full text that users type into monitored pages
- File transfer recording logs metadata about uploaded and downloaded files (not file contents)
- Ensure that your organization's privacy policy and employee agreements cover this type of monitoring
- Use the Privacy & Data Deletion feature to handle GDPR data subject requests
- The PII purge worker automatically anonymizes recorded inputs based on your configured retention period