The Information Security Agent

Information security in law firms cannot be optional, and it cannot be a setting in a configuration panel. The Information Security Agent enforces barriers, access controls, PII protection, and prompt security at the platform level—so they hold whether a lawyer is typing, an AI agent is running, or a third-party tool is making a call.

From granular resource-scope data access control and ethical wall enforcement to PII sanitisation across every AI-mediated path, this agent is the security foundation the rest of the platform runs on.

Capabilities

  • Ethical walls enforced as platform constraints—information barriers that hold whether a lawyer is typing or an agent is running.
  • Granular data access control—tenant isolation and resource-scope enforcement across every service.
  • PII sanitisation across all AI-mediated paths: AutoLogger, DocSense, PAR, and tool payloads.
  • Prompt-injection protection built into the platform layer—before untrusted input can redirect agent behaviour.
  • RBAC with consistent rules applied for human and automated access—no privilege gaps between person and agent.
  • Confidentiality-aware processing for documents and activity, with violations flagged before they reach the wrong viewer.

Walls, access, and PII that hold

Ethical walls are platform constraints—not model instructions that a well-crafted prompt can override. Data access control ensures agents and users see only what firm policy permits, with the same rules applied whether a person or an automated process is making the request. PII sanitisation runs across all AI-mediated paths—AutoLogger, DocSense, PAR, and tool payloads—before data reaches the wrong viewer.

Prompt security and confidentiality-aware processing

Prompt-injection protection intercepts malicious or accidental injection attempts at the platform layer before they can redirect agent behaviour away from firm policy. Confidentiality-aware processing flags violations before they surface to unauthorised users. RBAC applies consistent rules for human and automated access, closing the privilege gaps that appear when agents act on behalf of people.

Contact us · All agents · Home