New contextual data enforcement layer enables enterprises to safely connect Claude, Copilot, ChatGPT, and other AI agents and clients to corporate data, enabling safe and seamless adoption.
Bonfy announced Contextual Data Enforcement, a new capability in the Bonfy platform that introduces a control layer between AI clients and enterprise data, enabling organizations to govern what content AI systems can retrieve and use in real time—beyond native user permissions, and without new infrastructure.
The problem is simple and dangerous: AI agents, assistants and coding tools such as Claude, Copilot, and ChatGPT are being adopted at an accelerated rate across the enterprise. Very quickly, organizations are discovering a sharp mismatch: AI clients can connect to SharePoint, Google Drive, and other data stores instantly, but the underlying security tooling has no way to enforce content-level policies on what those AI systems retrieve. Native permissions determine what users can access. They do not determine what AI should be allowed to retrieve, use, or expose. The result is a significant and growing security blind spot with long-term implications.
“Traditional control should be overhauled to prioritize trust-based governance models for AI agents by building dynamic governance to embed automated context and checks for bias, privacy, and compliance directly into workflows. Without trust in the data, outputs and decisions of AI models and agents, there is no value from AI.” — Rita Sallam, Distinguished VP Analyst, Gartner Fellow and Chief of Research, Gartner (April 16, 2026)
Also Read: CIO Influence Interview with Kyle Wickert, Field CTO at AlgoSec
A Missing Layer — Now Filled
Bonfy provides a governed connector path that intercepts and controls data retrieval performed through AI clients. As content flows back from Microsoft 365 or Google Workspace, Bonfy inspects it in real time, applying entity-aware, context-rich analysis, and blocks content that violates policy before it reaches the AI clients.
“AI adoption is outpacing the controls meant to govern it,” said Gidi Cohen, CEO and Co-Founder of Bonfy. “With one simple change – swap the connector- organizations gain real control over what AI systems can retrieve and use. No new gateways. No architectural overhaul. Just the missing enforcement layer, finally in place.”
What the Platform Delivers
- Control what AI can retrieve and use — enforce policies beyond user permissions
- Protect sensitive and customer data — even when users have access
- No infrastructure changes — no gateways or architectural overhaul
- Preserve identity context — never expands user access
- Works across AI clients — compatible with Claude, Copilot, ChatGPT and others
Why This Matters Now
Security teams are being asked to enable AI agents and assistants across enterprise workflows—often before they have visibility into what data those systems will retrieve and use.
Once AI clients connect to Microsoft 365, SharePoint, or Google Drive, they inherit the user’s access and can retrieve large volumes of enterprise data. But native permissions do not determine what an AI system should be allowed to retrieve, ground on, or expose.
This creates a critical gap between access control and data protection—one that is already impacting real enterprise workflows.
Bonfy’s approach is different: built on the existing Bonfy engine that today protects email, browser flows, and file sharing, and extends it to AI data access and usage with a lightweight connector swap. No new analytics. No new architecture. Just a missing layer finally put in place.
Bonfy’s new capability pairs with Bonfy’s MCP inspection server, announced earlier this year, to cover both data in use (AI reasoning loops) and data access (AI retrieval). Together, they form the first comprehensive data security model for modern AI workflows.
“Our concern wasn’t whether users should have access to the underlying data — it was that we had no way to control what AI systems could retrieve and surface from it. Native permissions gave us nothing to work with,” said Tal Hornstein, CISO of Cast and Crew. “Bonfy closed that gap without touching our infrastructure, and for the first time we had a control we could actually stand behind when the business asked us to enable AI at scale.”
Availability: Bonfy’s Contextual Data Enforcement is available today with support for Microsoft 365 and Google Workspace, supporting Anthropic Claude and Microsoft Copilot Studio, and OpenAI ChatGPT. Additional enterprise data sources will be added continuously.
Catch more CIO Insights: The CIO as a Value Creator: Moving Beyond Cost Centers to Revenue Drivers
[To share your insights with us, please write to psen@itechseries.com ]
