Blog
-
15 March 2026
Your AI Agent Has a Governance Gap — And Your IAM Won't Close It
Authentication and authorisation aren't enough for AI agents with tool access. This post explains the missing third layer — Dissemination Control — and a four-tier architecture to implement it incrementally.
-
10 March 2026
An AI Agent Deleted a Production Database
An AI agent wiped an entire production infrastructure. The industry responded by stripping agents of access — and misses the point entirely. The real fix is architectural.
-
3 March 2026
How Well Does Automated Anonymization Actually Work?
A practical evaluation of automated PII anonymization for LLM pipelines: spaCy vs. Flair (via Microsoft Presidio) on German business texts, including the limits of contextual personal references and a recommended approach (regex + NER + documented residual risk).
-
26 February 2026
AI Agents as Team Members: Roles, Permissions, Boundaries
AI agents are not autonomous pipelines — they are team members with defined roles, permissions, and boundaries. A practical report on dissemination control, persona agents from real customer data, and the architecture that makes collaboration between humans and AI secure.
-
23 February 2026
Why AI Assistants Bypass Your Permissions
AI assistants can bypass permission boundaries by mixing information from different project contexts. This article shows through a real scenario why context separation matters more than the choice between MCP and API — and which three architecture approaches solve the problem.
-
21 February 2026
AI in the Enterprise: Why Data Access is the Real Architecture Challenge
RAG on enterprise data rarely fails because of the model — it fails because of access control. An architecture guide on chunk-level permissions with OPA, GDPR masking, and the structural conflict between data protection and AI usage.
-
15 February 2026
AI Problems Are Not AI Problems
Why most risks of using AI are scaled versions of familiar enterprise problems — and why that's good news.