Your staff are almost certainly already using ChatGPT and other AI chatbots at work — whether you've approved it or not. That's great for productivity, but it creates a new and easily overlooked risk: sensitive company and client information being pasted into public AI tools, where it leaves your control. Here's what Perth businesses need to know, and how to allow AI safely.
What's the actual risk with staff using ChatGPT?
The problem isn't AI itself — it's what gets typed into it. When an employee pastes a client contract, pricing, personal information or confidential project details into a public chatbot to "summarise" or "rewrite" it, that data is sent to a third party. Depending on the tool and settings, it may be retained, used to train models, or exposed in a breach — and you have no way to claw it back. This is often called "shadow AI": unmanaged AI use happening quietly across the business.
For a Perth business handling client data, that's a genuine confidentiality and privacy risk — and one most owners don't realise is happening.
Should you just ban ChatGPT at work?
Usually, no. An outright ban is hard to enforce, and it pushes staff to use AI on personal devices where you have zero visibility — often making the risk worse. It also means losing the real productivity benefits. The better approach for most Perth SMBs is to allow AI, but control what data can go into it.
How do you stop sensitive data leaking to AI chatbots?
A practical, layered approach works best:
- An acceptable-use AI policy — clear rules on what staff can and can't put into AI tools, and which tools are approved.
- Data-loss prevention (DLP) controls — technology that detects sensitive information and blocks it from being copied or uploaded into AI chatbots, so a mistake is stopped automatically rather than relying on memory.
- Approved, safer AI options — business-grade AI (e.g. Microsoft Copilot with your data protections) so staff have a sanctioned tool that keeps data inside your tenant.
- Staff awareness — a short briefing so the team understands why the controls exist.
The DLP layer is the key one: policies and training reduce mistakes, but technical controls actually stop them.
A real Perth example
A Perth building company came to us with exactly this concern — staff using AI chatbots, and no way to stop confidential information going in. We researched the options and deployed a generative-AI data-protection package that blocks sensitive data from reaching AI tools while letting the team keep working normally. You can read the full story in our Perth building company AI data-loss case study.
What should a Perth business do next?
If your team is using AI (they are), the sensible steps are:
- Assume shadow AI is already happening and find out which tools are in use
- Put a simple AI acceptable-use policy in place
- Add DLP controls to block sensitive data from public AI tools
- Give staff a safer, approved AI option
We can assess where your data is exposed and set this up as part of your cyber security and managed IT — so your team gets the benefits of AI without the data-leak risk. As Computer Mechanics, we've helped Perth businesses adopt new technology safely since 1997. Contact our team or call (08) 9325 1196.
In short: don't ban AI — control it. Staff pasting sensitive data into public chatbots is a real, growing risk for Perth businesses, but an AI acceptable-use policy plus data-loss-prevention controls lets your team use AI productively while sensitive company and client data is automatically blocked from leaving.

