How do I stop my AI from leaking trade secrets across teams?
Roles. bRRAIn's 7-tier hierarchy (Sovereign → Architect → Librarian → Operator → Contributor → Observer → Guest) gates every read and write. Sales cannot see Engineering's private graph unless Engineering publishes a subset. The Handler enforces policy at inference — the LLM never sees what the user isn't cleared for.
Cross-team leakage is a role problem
AI leaks trade secrets when the model gets fed information the user isn't cleared to see. Most enterprise AI deployments have this hole because they retrieve documents by relevance, not by role. A helpful assistant pulls the top-ranked chunk — which might be an M&A memo — and includes it in an answer for a Sales intern. The leak wasn't malicious; the architecture had no role model. Until you put role-based access at every layer, accidental leakage is a matter of when, not if.
The 7-tier hierarchy
bRRAIn's Control Plane implements a 7-tier role hierarchy: Sovereign, Architect, Librarian, Operator, Contributor, Observer, Guest. Each tier has strictly defined read and write capabilities against the POPE graph. Sales has Observer access to Engineering's public subgraph and no access to the private subgraph. Engineering can publish subsets to Sales by promoting specific nodes with explicit role tags. The hierarchy is discoverable, auditable, and enforced at every call — not a soft convention in a policy PDF.
Enforcement at inference, not just at retrieval
The subtle trap is enforcing roles only at retrieval time. A helpful LLM can infer confidential information from allowed context and surface it indirectly. bRRAIn closes that gap with the Security Policy Engine, which has two inspection gates: one on the prompt in, one on the response out. The outbound gate checks the generated text for references to entities the user isn't cleared for — names, project codes, numeric signals — and redacts or refuses. The Handler wraps both gates around every turn.
Publishing patterns that keep teams productive
Strict roles can make teams feel siloed if there's no good publish path. bRRAIn's Workspaces let teams designate "shared" subsets: a project's high-level status published to the whole company, while the raw materials stay team-only. The Consolidator promotes published content into the shared graph and keeps the private graph isolated. Sales gets the headline without the trade secrets. Engineering keeps moving fast without worrying that everything they write is globally visible. Roles don't block collaboration — they shape it.
Relevant bRRAIn products and services
- Control Plane — 7-tier role hierarchy enforced at every access.
- Security Policy Engine — two-gate inspection prevents cross-team leakage.
- Handler — wraps policy around every retrieval and response.
- Workspaces — shared and private subgraphs that let teams publish intentionally.
- Security overview — full data-protection posture for regulated environments.