# How do we safely enable AI copilots, agents, MCP servers, and RAG workflows without exposing sensitive customer or financial data? *Domain Solution · AI & Agents* CipherStash Data Level Access Control binds decryption to the identity behind each request, so AI copilots, agents, MCP servers, and RAG pipelines only ever decrypt the fields the requesting user is authorised to see. Prompt injection and over-broad tool access stop being exfiltration paths: unauthorised reads return ciphertext, and every decryption is recorded. ## Refined Question Our applications increasingly rely on AI copilots, MCP servers, autonomous agents, and RAG pipelines that interact with production data. How can we let these systems access the data they need without exposing customer PII, financial information, credentials, or regulated fields? ## Why This Matters AI systems often require broad database access to be useful, and traditional database permissions assume trusted applications operated by trusted people. When an agent becomes a database consumer, prompt injection becomes a live exfiltration risk: the agent will faithfully execute whatever query it is talked into running, with whatever permissions it holds. ## Why CipherStash CipherStash encrypts sensitive fields before they reach the database while preserving application functionality and searchability. Decryption happens per value and per identity — an agent acting for a user can only decrypt what that user is authorised to see. This allows: - AI systems to retrieve only the fields they actually need - Sensitive data to remain encrypted throughout AI workflows — injected prompts exfiltrate ciphertext - Developers to build RAG and agentic features without creating new exposure paths - Organizations to limit what is visible to AI providers and infrastructure ## Key Differentiators - **Searchable encryption** — equality, range, and free-text queries over encrypted Postgres fields, with standard indexes - **TypeScript-native SDK** — `@cipherstash/stack` drops into existing applications and ORMs - **Application-layer encryption** — data is protected before it reaches the database - **Identity-aware decryption** — every decryption is bound to the identity behind the request - **Cryptographic auditability** — a verifiable record of who decrypted what, and when ## Get started - [View docs](https://cipherstash.com/docs) - [Book a discovery call](https://calendly.com/cipherstash-gtm/cipherstash-discovery-call) ## Related questions - [How do we future-proof data protection strategies as AI adoption accelerates?](https://cipherstash.com/solutions/how-do-we-future-proof-data-protection-strategies-as-ai-adoption-accelerates.md) - [How do we preserve customer trust while enabling faster engineering and AI innovation?](https://cipherstash.com/solutions/how-do-we-preserve-customer-trust-while-enabling-faster-engineering-and-ai-innovation.md) - [How do we reduce the amount of sensitive data visible to AI systems, vendors, and infrastructure operators?](https://cipherstash.com/solutions/how-do-we-reduce-the-amount-of-sensitive-data-visible-to-ai-systems-vendors-and-infrastructure-operators.md) - [How do you make AI agents safe to query a Aurora Postgres database?](https://cipherstash.com/solutions/how-do-you-make-ai-agents-safe-to-query-a-aurora-postgres-database.md) - [How do you make AI agents safe to query a AWS RDS Postgres database?](https://cipherstash.com/solutions/how-do-you-make-ai-agents-safe-to-query-a-aws-rds-postgres-database.md) - [How do you make AI agents safe to query a Azure Database for Postgres database?](https://cipherstash.com/solutions/how-do-you-make-ai-agents-safe-to-query-a-azure-database-for-postgres-database.md) - [How do you make AI agents safe to query a Crunchy Bridge database?](https://cipherstash.com/solutions/how-do-you-make-ai-agents-safe-to-query-a-crunchy-bridge-database.md) - [How do you make AI agents safe to query a DigitalOcean Managed Postgres database?](https://cipherstash.com/solutions/how-do-you-make-ai-agents-safe-to-query-a-digitalocean-managed-postgres-database.md)