OpenAI has reportedly expanded its security operations as it tries to protect its technology from corporate espionage and unwanted access. The changes, reported by the Financial Times, followed an existing security clampdown that accelerated after Chinese startup DeepSeek released a competing model in January.
The reported shift puts tighter controls around who can see, discuss, connect to, or physically reach sensitive work inside OpenAI. It also shows how the company is treating its algorithms, products, offices, data centers, and internal conversations as areas that need stronger protection.
Why OpenAI reportedly moved faster
According to the report, OpenAI was already tightening security before DeepSeek released its competing model in January. After that release, the company accelerated the effort.
OpenAI alleged that DeepSeek improperly copied its models using "distillation" techniques. The source article does not describe the technical details of that allegation, but it places the claim at the center of the company’s reported security push.
The concern is not framed only as a single dispute with one startup. The changes are said to reflect broader worries about foreign adversaries attempting to steal OpenAI’s intellectual property. In that context, the reported controls are aimed at reducing the number of people, devices, rooms, and connections that can touch sensitive systems.
How access to sensitive projects is being limited
One of the clearest reported changes is the use of "information tenting" policies. These policies limit staff access to sensitive algorithms and new products, according to the Financial Times.
The source gives the development of OpenAI’s o1 model as an example. During that work, only verified team members who had been read into the project could discuss it in shared office spaces, according to the report.
That kind of restriction matters because sensitive work can be exposed through more than files or code repositories. A discussion in a shared office area can also reveal direction, capabilities, timing, or product details. By limiting project discussion to verified team members, OpenAI reportedly reduced the chance that people outside the project would hear or learn information they were not meant to access.
The same logic applies to access limits around algorithms and new products. If fewer people can reach a system or discuss a project, there are fewer paths for confidential information to move beyond its intended group.
Offline systems, biometrics, and internet controls
The reported security changes also extend to OpenAI’s technical and physical environment. The company now isolates proprietary technology in offline computers, according to the Financial Times.
OpenAI also reportedly uses biometric access controls for office areas by scanning employees’ fingerprints. That creates a tighter link between physical spaces and verified individuals, rather than relying only on looser forms of entry control.
The company has also implemented a "deny-by-default" internet policy, the report said. Under that policy, external connections require explicit approval.
Taken together, the reported measures point to a security model built around restriction first and access by exception. The main elements described in the source include:
- Limiting staff access to sensitive algorithms and new products through "information tenting" policies.
- Restricting discussion of certain projects in shared office spaces to verified team members.
- Keeping proprietary technology on offline computers.
- Using fingerprint scans for biometric access controls in office areas.
- Requiring explicit approval for external connections under a "deny-by-default" internet policy.
The same report said OpenAI has increased physical security at data centers and expanded its cybersecurity personnel. Those steps suggest that the security effort is not confined to office behavior or employee access. It also covers infrastructure and the people responsible for defending it.
Internal risks may also be part of the picture
The source article notes that concerns about foreign adversaries are only one possible reason for the stronger controls. OpenAI may also be trying to address internal security issues.
Two pressures are mentioned: ongoing poaching wars among American AI companies and increasingly frequent leaks of CEO Sam Altman’s comments. The article does not say these issues caused any specific policy. But it presents them as part of the environment in which OpenAI is tightening access and monitoring sensitive information more closely.
That matters because security problems can come from different directions. A company can worry about outside actors seeking intellectual property while also trying to reduce internal exposure, casual sharing, or leaks from people who already have some level of access.
The reported approach therefore appears broad. It covers conversations, project membership, office areas, computers, internet access, data centers, and cybersecurity staffing. Each area addresses a different route by which sensitive information could leave the company or be seen by the wrong person.
What the reported changes signal
OpenAI’s reported security overhaul shows how high-value AI work is being treated as a deeply protected corporate asset. The company is not only building models and products; according to the report, it is also changing how employees can interact with the systems, spaces, and discussions around that work.
The strongest signal is the move toward narrower access. Sensitive projects are reportedly being separated from general office conversation, proprietary technology is being placed on offline computers, and external internet connections require explicit approval. Physical security and cybersecurity staffing have also been increased.
The source article says TechCrunch reached out to OpenAI for comment. Based on the information provided, the company’s reported security posture is becoming more restrictive as it responds to alleged model copying, foreign adversary concerns, internal leaks, and competitive pressure among American AI companies.