Pillar 1: Security Controls
Protect data and systems from unauthorized access, misuse, and exploitation.
Overview
Pillar 1 establishes the technical safeguards required to protect sensitive data when AI agents access, process, and generate content. These 19 controls address core risks including data leakage, unauthorized access, insufficient audit trails, and inadequate encryption—all critical concerns for regulated financial services environments.
Primary Regulatory Alignment: FINRA 4511 (recordkeeping), SEC 17a-3/4 (records retention), GLBA 501(b) (safeguards), SOX 302/404 (internal controls)
Control Categories:
| Category | Controls | Focus |
|---|---|---|
| Access Management | 1.1-1.4 | Agent publishing, connectors, permissions |
| Data Protection | 1.5-1.9 | DLP, sensitivity labels, retention, encryption |
| Monitoring & Detection | 1.10-1.14 | Compliance monitoring, insider risk, threat detection |
| Advanced Security | 1.15-1.19 | IRM, endpoint DLP, RBAC, eDiscovery |
Controls
- 1.1 Restrict Agent Publishing by Authorization
- 1.2 Agent Registry and Integrated Apps Management
- 1.3 SharePoint Content Governance and Permissions
- 1.4 Advanced Connector Policies (ACP)
- 1.5 Data Loss Prevention (DLP) and Sensitivity Labels
- 1.6 Microsoft Purview DSPM for AI
- 1.7 Comprehensive Audit Logging and Compliance
- 1.8 Runtime Protection and External Threat Detection
- 1.9 Data Retention and Deletion Policies
- 1.10 Communication Compliance Monitoring
- 1.11 Conditional Access and Phishing-Resistant MFA
- 1.12 Insider Risk Detection and Response
- 1.13 Sensitive Information Types (SITs) and Pattern Recognition
- 1.14 Data Minimization and Agent Scope Control
- 1.15 Encryption - Data in Transit and At Rest
- 1.16 Information Rights Management (IRM) for Documents
- 1.17 Endpoint Data Loss Prevention (Endpoint DLP)
- 1.18 Application-Level Authorization and RBAC
- 1.19 eDiscovery for Agent Interactions