Jahn Consulting

Jahn Consulting — BlogNotes from practice: AI architecture, governance and enterprise AI.https://jahnconsulting.io/Your AI Agent Has a Governance Gap — And Your IAM Won't Close Ithttps://jahnconsulting.io/en/blog/dissemination-control-ai-agents/https://jahnconsulting.io/en/blog/dissemination-control-ai-agents/Authentication and authorisation aren't enough for AI agents with tool access. This post explains the missing third layer — Dissemination Control — and a four-tier architecture to implement it incrementally.Sun, 15 Mar 2026 00:00:00 GMTAn AI Agent Deleted a Production Databasehttps://jahnconsulting.io/en/blog/ai-agent/https://jahnconsulting.io/en/blog/ai-agent/An AI agent wiped an entire production infrastructure. The industry responded by stripping agents of access — and misses the point entirely. The real fix is architectural.Tue, 10 Mar 2026 00:00:00 GMTHow Well Does Automated Anonymization Actually Work?https://jahnconsulting.io/en/blog/ner-models/https://jahnconsulting.io/en/blog/ner-models/A practical evaluation of automated PII anonymization for LLM pipelines: spaCy vs. Flair (via Microsoft Presidio) on German business texts, including the limits of contextual personal references and a recommended approach (regex + NER + documented residual risk).Tue, 03 Mar 2026 00:00:00 GMTAI Agents as Team Members: Roles, Permissions, Boundarieshttps://jahnconsulting.io/en/blog/ai-agents-as-team-members/https://jahnconsulting.io/en/blog/ai-agents-as-team-members/AI agents are not autonomous pipelines — they are team members with defined roles, permissions, and boundaries. A practical report on dissemination control, persona agents from real customer data, and the architecture that makes collaboration between humans and AI secure.Thu, 26 Feb 2026 00:00:00 GMTWhy AI Assistants Bypass Your Permissionshttps://jahnconsulting.io/en/blog/context-scope/https://jahnconsulting.io/en/blog/context-scope/AI assistants can bypass permission boundaries by mixing information from different project contexts. This article shows through a real scenario why context separation matters more than the choice between MCP and API — and which three architecture approaches solve the problem.Mon, 23 Feb 2026 00:00:00 GMTAI in the Enterprise: Why Data Access is the Real Architecture Challengehttps://jahnconsulting.io/en/blog/ai-data-access/https://jahnconsulting.io/en/blog/ai-data-access/RAG on enterprise data rarely fails because of the model — it fails because of access control. An architecture guide on chunk-level permissions with OPA, GDPR masking, and the structural conflict between data protection and AI usage.Sat, 21 Feb 2026 00:00:00 GMTAI Problems Are Not AI Problemshttps://jahnconsulting.io/en/blog/ai-problems-are-not-ai-problems/https://jahnconsulting.io/en/blog/ai-problems-are-not-ai-problems/Why most risks of using AI are scaled versions of familiar enterprise problems — and why that's good news.Sun, 15 Feb 2026 00:00:00 GMT