Home / User stories / Permission-aware AI
CKCarmen · CISO, financial services
Permission-aware AI

Turn on AI that can’t surface what people were never allowed to see.

Carmen’s board wants Copilot. Carmen knows that pointing an LLM at raw storage will expose things buried for years. She needs retrieval that respects every ACL — for people and agents alike.

The reality today

Ungoverned AI is a breach waiting to happen

Flattened permissions

Most AI indexes ignore source ACLs, so a prompt can reach restricted content.

No provenance

You can’t prove where an answer came from or whether the asker was entitled to it.

Egress blind spots

Sensitive data leaves in answers and exports with nothing watching the door.

“The fastest way to fail an audit is to let an LLM read everything. We needed the opposite.”

How the system works

ACLs travel with every document, enforced at query time

SharePointACLs intactOneDriveACLs intactBox / S3ACLs intactFileportpermission-aware indexredacted in · blocked at egressPeoplescoped resultsAI agentssame guardrailsYOUR SYSTEMSPEOPLE & AGENTS
See it in the product

Results scoped to the asker, PII redacted on the way in

Search

One query, every system, permission-scoped

A single search runs keyword and semantic retrieval together across SharePoint, OneDrive, Box and the rest — the same answer no matter where the file lives. Results are scoped to each user's permissions, and sensitive fields like SSNs and phone numbers are redacted before they're ever shown.

Fileport product — One query, every system, permission-scoped
What happens, step by step

From problem to proof

1

Capture permissions on the way in

Each document keeps its native ACL as it’s ingested — nothing is flattened.

2

Enforce at query time

Every search and answer is filtered against the user’s live directory identity.

3

Redact sensitive fields

PII like SSNs and phone numbers is redacted before results are ever shown.

4

Guard the exit

DLP evaluates every egress — block, justify, or redact — and logs the decision.

Why it lands

What Carmen can attest to

Per-identity
retrieval, people & agents
At query time
ACL enforcement
Fail-closed
by default
FAQ

Common questions

Does this work for AI agents too?

Yes. Agents retrieve through the same permission-aware layer via an MCP server, so they’re bound by identical governance.

What if a document’s permissions change?

Retrieval is checked against your live directory at query time, so revocations take effect immediately.

Is anything co-mingled across tenants?

No. Knowledge is never flattened or co-mingled beyond its source permissions.

Related reading

Keep exploring

Pressure-test it.

Bring your hardest access scenario — we’ll show permission-aware retrieval refuse what it should.

Book a demo