AI Data Privacy and Tenant Isolation

AI Data Privacy and Tenant Isolation

Overview

Praetorian Guard Platform (PGP) enforces strict data privacy controls around all AI operations. Your data is never shared across tenants, used for model training, or exposed to unauthorized parties — and AI interactions are no exception to these guarantees.

Tenant Isolation

  • Strict Tenant Boundaries: AI operations are scoped to your data partition. The assistant cannot query, access, or reference data belonging to other tenants. Every database operation is filtered by your organization's partition key at the infrastructure level.

  • No Cross-Tenant Training: Your data is never used to train, fine-tune, or improve AI models. Conversations and analysis results remain exclusively within your tenant.

  • Conversation Isolation: All AI conversations are stored in your tenant’s data partition with the same platform protections as other records: encryption in transit (TLS 1.3) and encryption at rest consistent with our data isolation controls (sensitive files use per-tenant AES-256 with customer-managed keys; other data uses AWS default encryption at rest).

  • Access Control: AI assistant access is governed by role-based entitlements. Only users with the appropriate permissions can interact with AI features.

PII Anonymization

Security findings are automatically anonymized before being processed by the AI knowledge system. Sensitive identifiers are replaced with typed placeholders, ensuring the AI reasons about security patterns without exposure to raw sensitive data. Anonymized categories include:

  • Usernames, email addresses, and personal names

  • IP addresses, domain names, and URLs

  • Credentials, passwords, API keys, and tokens

  • Cloud resource identifiers (ARNs) and repository paths

  • Phone numbers, physical addresses, and other PII

Original findings are stored separately from anonymized versions, and anonymization timestamps are recorded for audit purposes.

Per-User Encryption

  • Dedicated Encryption Keys: Each tenant has dedicated AES-256 encryption keys managed through AWS Systems Manager Parameter Store. Sensitive file storage is encrypted with customer-specific keys, not shared infrastructure keys.

  • Key Isolation: Encryption keys are generated uniquely per user and stored securely with integrity verification. Keys cannot be accessed by other tenants or by platform administrators without explicit authorization.

Data Lifecycle

  • Retention and TTL: Platform data includes TTL-based lifecycle management (for example, on conversation-related records in DynamoDB and corresponding cleanup paths in other stores). Conversation data follows the same retention policies as all platform records. There is not currently a per-conversation or user-configurable retention control exposed in the product UI or API — lifecycle settings are applied as part of the platform’s standard operations. Customers with specific retention requirements should contact Praetorian to discuss options as part of their engagement.

  • Comprehensive Account Cleanup: Account deletion workflows remove data across all storage layers — database records, graph relationships, file storage, encryption keys, and identity credentials — ensuring complete data removal upon request.

Infrastructure Security

  • AWS Bedrock: All AI model inference runs through Amazon Bedrock, which provides enterprise security controls including VPC isolation, IAM-based access, and AWS CloudTrail audit logging.

  • No Data Retention by Model Providers (contractual): Under our AWS Bedrock enterprise agreement, prompts and completions are not retained by the model provider for training or similar reuse. Provider-side handling is governed by that agreement and AWS’s published Bedrock terms for your deployment, not by an application-level “disable payload logging” switch in Guard.

  • Encrypted In Transit: All communication between PGP and the AI inference layer is encrypted using TLS 1.3.

  • Regional Data Residency: AI inference occurs within the same AWS region as your PGP deployment, ensuring your data does not cross geographic boundaries during AI processing.