Security & Governance

Trust Isn't a Feature.
It's the Foundation.

mploi was designed for organizations where data sovereignty and auditability are not negotiable. Every architectural decision starts with this constraint.

Talk to Our Team

Four Non-Negotiable Principles

The principles your security and compliance teams will recognize on day one.

Data Sovereignty

mploi runs entirely on your infrastructure — on-premises, in your private cloud, or in air-gapped environments. There is no SaaS backplane, no analytics phone-home, no required external dependency. Your data, your conversations, your audit logs, and your model traffic stay inside the boundary you draw.

Deterministic Execution

Security is enforced by the platform, not by prompt instructions. When an agent isn't permitted to invoke a tool, the platform blocks the invocation — regardless of what the model decides. Permissions, tool access, and data scoping are concrete, testable, and auditable.

Complete Transparency

Every conversation, every tool invocation, every authentication event, and every administrative change is recorded in a structured activity log. Your security team can answer "what did this agent do, on whose behalf, with what data?" — exhaustively, for any moment in the system's history.

Model Portability

mploi is not built around any single AI provider. Switch models per-agent at any time, run open-source models on your own GPUs, or restrict regulated workloads to private inference. You retain leverage; you avoid vendor lock-in.

The Controls Your Auditors Will Ask About

Every box on the security questionnaire — answered in the platform, on day one.

Identity & Access

Single Sign-On & Group-Based Access Control

Integrate with your existing identity provider — Azure Entra ID, Okta, Google Workspace, Keycloak, or any standards-compliant OIDC source. Users sign in with the credentials they already have, with the same MFA and conditional-access policies their other tools enforce.

Every primary object in the platform — agents, tools, knowledge sources, MCP servers, dashboards — has its own group-based access control. An "empty ACL" means "open to everyone authenticated"; a populated ACL restricts access to listed groups. Your finance agents stay invisible to marketing. Your production database tool stays invisible to interns. Granularity is per object.

Single sign-on and group-based access control across mploi agents, tools, and knowledge sources
Data-loss-prevention masking sensitive identifiers like SSNs, credit cards, and API keys before AI models ever see them
Data Loss Prevention

Sensitive Data Never Reaches the Model

Built-in pattern recognition automatically detects and masks dozens of categories of sensitive data — SSNs, credit cards, API keys, email addresses, phone numbers, IP addresses, internal identifiers, and many more — before any model sees them. Add custom regex patterns for organization-specific identifiers in minutes.

Masking happens transparently. The model sees opaque tokens; the original values are restored only on the way back to the authorized user. Compliance teams get a clear answer to "did the AI ever see this PII?" — and the platform has the audit log to prove it.

Execution Guardrails

Hard Boundaries on What Agents Can Do

Tool permissions are enforced at the platform layer — independent of the model's reasoning. If an agent isn't authorized to query production, the query never reaches production. No prompt injection can change that. No clever rephrasing gets around it.

Optional human confirmation can be required for any destructive operation. Plan mode forces the agent to draft a proposal and submit it for approval before executing. Every tool invocation is recorded with the exact arguments, the result, the timestamp, and the user identity that authorized it.

Platform-enforced execution guardrails — tool permissions blocked at the platform layer regardless of model behavior
Structured activity audit log capturing every agent action, tool invocation, and configuration change
Audit & Observability

Answer "What Happened?" Definitively, for Any Window

Activity logs capture every action: user authentications, configuration changes, agent runs, individual tool invocations, document uploads, permission edits. Each entry is structured, queryable, and exportable.

The token usage of every model call is captured. The full conversational context is retained per-session. Compliance reviewers can reconstruct the complete history of any interaction — what was asked, what the agent did, what data it touched, and what was returned.

Designed to Pass Your Compliance Review

A quick checklist of the controls your security team will look for.

Data residency

All data and traffic stay inside your environment.

Air-gap supported

Can operate without external network access.

No telemetry phone-home

Nothing reports back to a vendor.

BYO model

Use private inference for sensitive workloads.

SSO via OIDC

Integrate with your existing IdP.

Group-based permissions

Object-level access control across the platform.

Data-loss prevention

Built-in and customizable masking.

Tool-level policy

Enforced at the platform, not by the prompt.

Human-in-the-loop

Require confirmation for destructive actions.

Plan mode

Propose-before-execute for any agent.

Activity audit

Structured, queryable log of every action.

Session continuity

Full conversational context retained for review.

Deployment That Fits Your Risk Profile

mploi is the same product across deployment models. Pick what your security posture requires.

On-premises

Bare metal or VMs in your own data center.

Private cloud

AWS, Azure, GCP, OCI — anywhere you control.

Air-gapped

Fully offline, no external dependencies.

Hybrid

Sensitive workloads private, others to cloud providers.

Flexible mploi deployment options — on-premises, private cloud, air-gapped, or hybrid

Want the Full Security Briefing?

Our team is happy to walk your security and compliance leadership through the platform's controls in detail.

Request a Security Briefing