[millgrove]

Hey Peter, that's a great point! I've listed my thoughts below:

A couple things: 1. From a compliance / risk point of view, the customers we've spoke to treat AI-enabled tools differently from standard enterprise products. The main reason is because the standard terms for free-tier usage specifies that model developers might use your inputs to train future iterations unless a user opts out. For that reason, a single third party that doesn't do anything with your data is better than the various AI tools that employees might use (and if you don't have an enterprise license with one provider like ChatGPT, that won't stop your employees from using free alternatives).

2. When it comes to sensitive data, there are different tiers. Companies like to keep their customer lists private, for example, but many tools in the sales stack rely on reading that data out of Salesforce as long as those vendors pass a security/compliance audit. Private keys are another tier of sensitivity, and we absolutely don't expect our users to share those. They can, however flag other text strings like "key=" or "API_KEY" or "username"