Comment by bandrami
11 hours ago
Exfil remains the big worry for my company and the main blocker from adopting agents in general. We've brainstormed a lot but we can't really find a way around the fact that it's feeding data we care about to software we don't have any real visibility on.
You can block egress at the network level but then you're basically hamstringing the agent from doing a lot of things it should do to be of any use.
Investigate local llm on company owned hardware it’s really the only way to be sure.
Well that as the set up is non-negotiable (it legally has to be on premises); the issue is a model nonetheless exfiltrating data if we give it any network access.
Create an anonymized/obfuscated copy of your data and let the agents use that?
That's already sounding like more work than what we would be trying to automate
It sounded like there would be a big value unlock. Depends on your circumstances of course.
8 replies →
I think the only solution to this kind of challenge is forcing the agent to go through a proxy which handles all the authentication and authorization for the agent (thus it never has too much access to abuse), and monitors for exfiltration or prompt injections.