April 24th, 2026
New
Changelog: New Browser Extension Controls for PII, Sensitive Data & File Uploads
We’ve released three related capabilities in Swif’s browser extension and admin console to help security and IT teams monitor sensitive activity and control risky file uploads—without disrupting employees’ normal workflows.
This update introduces:
PII Tracking in Swif’s Browser Extension
PII Tracking in Swif’s Browser Extension | Help Center | Swif.aiSensitive App Prolonged Activity Tracking
Sensitive App Prolonged Activity Tracking in Swif’s Browser Extension | Help Center | Swif.aiFile Upload Restriction in Swif’s Browser Extension
File Upload Restriction in Swif’s Browser Extension | Help Center | Swif.ai
1. PII Tracking in Swif’s Browser Extension
Swif can now detect and track Personally Identifiable Information (PII) activity in AI tools and web apps, using admin-defined rules.
What’s new
Team‑level PII tracking rules in the Swif admin console:
Configure under Settings → Teams → Shadow IT → PII Tracking.
Target specific user groups (e.g., Engineering, Finance, All employees).
Scope which apps/domains are monitored (e.g., ChatGPT, Gemini, internal AI tools).
Choose whether to monitor prompts, file uploads, or both.
Silent PII detection in the browser extension on MDM‑managed devices:
Monitors prompt submissions and file uploads on in‑scope apps.
Reports PII events to Swif for analysis and storage.
No pop‑ups or banners shown to end users for PII detection itself.
PII reporting dashboards:
Org‑level and team‑level counts of PII events.
Employee PII event detail reports with:
Counts of prompt vs upload events.
App / rule context.
Redacted snippets by default (e.g.
<EMAIL_ADDRESS>,<PERSON>).Optional “revealed” view for privileged admins.
Why it matters
Gives security and compliance teams visibility into where and how PII is flowing into AI tools and SaaS apps.
Uses a privacy‑first model (local‑first detection, redaction, and strict role‑based access) so admins get context without broadly exposing raw PII.
Full details:
PII Tracking in Swif’s Browser Extension | Help Center | Swif.ai
2. Sensitive App Prolonged Activity Tracking
A new Sensitive App Prolonged Activity capability tracks when users spend extended time on high‑risk apps or domains you define as sensitive.
What’s new
Sensitive App Monitoring rules at the team level:
Configure under Settings → Teams → Sensitive App Monitoring.
Define:
User groups the rule applies to.
Sensitive domains (manual entry or uploaded domain lists).
Rules can be created, edited, disabled, or deleted by admins.
Prolonged activity detection in the extension:
Runs on Swif MDM‑enrolled devices.
Detects sessions per device + domain + browser tab.
Marks a session as “prolonged” once it passes a defined time threshold.
Reports:
Device and team identifiers.
Rule ID and domain (subject to privacy settings).
Session start/end timestamps and derived duration.
Ignores domains not covered by active rules and fails safe if rules can’t be loaded.
Shadow IT / Sensitive App Monitoring insights:
“Sensitive App Prolonged Activity” summary widget:
Total prolonged activity detections in the selected timeframe.
“Top Devices with Sensitive App Prolonged Activity” widget:
Devices with the highest prolonged time on sensitive apps, including:
Device and assigned user.
Total prolonged time, session count, and last activity.
Per‑device detail views:
Breakdown by rule and domain.
Session counts and durations per domain.
Why it matters
Highlights unusual or sustained access to sensitive systems (e.g., CRM exports, payment processors, HR systems, data rooms).
Helps teams prioritize investigations based on time spent on high‑risk apps, not just login events.
Full details:
Sensitive App Prolonged Activity Tracking in Swif’s Browser Extension | Help Center | Swif.ai
3. File Upload Restriction in Swif’s Browser Extension
Swif now lets you control where employees can upload files on the web, with in‑browser enforcement and analytics in the Shadow IT dashboard.
What’s new
File Upload Restriction rules at the team level:
Configure under Settings → Teams → File Upload Restriction.
Each rule includes:
Rule name and status (active/disabled).
Target user groups.
Domain coverage (destinations covered by the policy).
Empty state plus “Create rule” CTA when no rules exist.
Flexible domain configuration:
Manual Domain mode:
Enter domains like
example.comorsubdomain.example.com.Handles whitespace, duplicates, and preserves supported wildcard patterns (e.g.
*.example.com) or surfaces validation errors when unsupported.
Domain List mode (upload):
Upload a CSV (and other supported formats where available).
Backend parses domains, normalizes entries, and rejects invalid content with clear errors.
Enforcement in the browser extension:
Detects file uploads and evaluates:
Organization and device context.
Active user/user group (including non‑login token scenarios).
Destination domain.
Blocks or restricts uploads based on your rules.
Shows an inline Blocked Upload Notice:
Clear explanation that the upload was blocked by policy.
Accessible design (keyboard and screen‑reader friendly).
Graceful handling of long filenames and messages.
Optional CTAs such as “Learn more” or “Contact IT”.
Shadow IT Insight Dashboard widgets:
“File Upload Blocks” KPI widget:
Total number of blocked upload events over the selected time window.
“Blocked File Uploads” activity widget:
Per‑user view of blocked upload attempts on restricted domains.
Detail panel for deeper context.
Both widgets handle loading, empty, and error states gracefully.
Why it matters
Gives you policy‑based control over file exfiltration from managed browsers.
Pairs with PII tracking and Sensitive App Monitoring to build a cohesive data protection posture across prompts, uploads, and app usage.
Full details:
File Upload Restriction in Swif’s Browser Extension | Help Center | Swif.ai