๐ฃ๐ฒ๐ฟ๐ถ๐บ๐ฒ๐๐ฒ๐ฟ ๐๐ผ๐น๐น๐ฎ๐ฝ๐๐ฒ: ๐ช๐ต๐ ๐๐ฑ๐ฒ๐ป๐๐ถ๐๐-๐๐๐ฎ๐ฟ๐ฒ ๐ฅ๐ฒ๐๐ฟ๐ถ๐ฒ๐๐ฎ๐น ๐๐ ๐ก๐ผ๐ป-๐ก๐ฒ๐ด๐ผ๐๐ถ๐ฎ๐ฏ๐น๐ฒ
Everyone is excited about AI agents querying enterprise data.
Very few are asking the harder question:
๐ช๐ต๐ฎ๐ ๐ต๐ฎ๐ฝ๐ฝ๐ฒ๐ป๐ ๐๐ต๐ฒ๐ป ๐๐ต๐ฒ ๐ฝ๐ฒ๐ฟ๐ถ๐บ๐ฒ๐๐ฒ๐ฟ ๐ฑ๐ถ๐๐ฎ๐ฝ๐ฝ๐ฒ๐ฎ๐ฟ๐?
๐ง๐ต๐ฒ ๐ฆ๐ฐ๐ต๐ผ๐น๐ฎ๐ฟ ๐ฉ๐ถ๐ฒ๐
Traditional security assumed a boundary.
Users authenticated.
Applications enforced access.
Databases sat behind controlled interfaces.
But in Agentic BI, retrieval happens dynamically.
Large Language Models do not โlog in.โ
They generate queries.
If identity is not passed into the retrieval layer, the model does not know:
โข Who is asking
โข What they are allowed to see
โข What policies apply
โข Which rows are restricted
This is what I call ๐ฃ๐ฒ๐ฟ๐ถ๐บ๐ฒ๐๐ฒ๐ฟ ๐๐ผ๐น๐น๐ฎ๐ฝ๐๐ฒ.
The security boundary shifts from the application layer to the data layer.
The literature on socio-technical systems is clear:
When governance mechanisms lag behind technical capability, risk accelerates.
Agents increase capability.
Without identity-aware controls, they also increase exposure.
๐ง๐ต๐ฒ ๐ฃ๐ฟ๐ฎ๐ฐ๐๐ถ๐๐ถ๐ผ๐ป๐ฒ๐ฟ ๐ฉ๐ถ๐ฒ๐
When I led modernization inside a complex health system, access control was never theoretical.
Row-Level Security mattered.
Policy alignment mattered.
Auditability mattered.
If an AI agent can retrieve PHI without inheriting the requesting userโs security context, that is not innovation.
That is regulatory liability.
The solution is not โbetter prompts.โ
It is ๐๐ฑ๐ฒ๐ป๐๐ถ๐๐-๐๐๐ฎ๐ฟ๐ฒ ๐ฅ๐ฒ๐๐ฟ๐ถ๐ฒ๐๐ฎ๐น:
โข Passing user tokens through the RAG pipeline
โข Enforcing database-level RLS
โข Applying ABAC policies at query time
โข Logging and auditing agent decisions
Governance is not a brake on autonomy.
It is the architecture that allows autonomy to exist safely.
๐ง๐ต๐ฒ ๐ง๐ฎ๐ธ๐ฒ๐ฎ๐๐ฎ๐
If your AI strategy treats retrieval as neutral plumbing, your perimeter is already gone.
The future of AI governance is not model control.
It is ๐ฐ๐ผ๐ป๐๐ฒ๐
๐ ๐ฐ๐ผ๐ป๐๐ฟ๐ผ๐น.
And context begins with identity.
Originally Published on LinkedIn