← Back to patterns Issue #004 · Conceptual

Secure In-Boundary Processing

Every component stays within the customer tenant — explore how each layer enforces the trust boundary

🔒 CUSTOMER TENANT BOUNDARY
🟣 M365 Copilot Platform
💬
Copilot Chat
User-facing interface. All interactions authenticated via Entra ID.
📋
Declarative Agent 🔒 Tenant-Scoped
Agent config bound to customer's M365 tenant. Cannot access other orgs.
Scoped API requests
🔌 MCP Connectors — Scoped to Tenant
🔧
ADO 🔒 Org
Work items, repos, pipelines. Scoped to customer's Azure DevOps org.
📧
Graph 🔒 Tenant
Mail, calendar, files, people. Delegated tenant permissions.
📄
SharePoint 🔒 Site
Documents, lists. Scoped to authorized sites only.
Results aggregated in-session
⚙️ In-Memory Processing
🧮
In-Memory Aggregation
No persistent external store. Data lives only in session memory. Zero data residue.
Grounding data → model
🧠 Tenant-Scoped AI
🧠
Azure OpenAI — Customer's Instance 🔒 Tenant
Customer-provisioned deployment. Data processed in their Azure region. Data never leaves the tenant boundary.
No External API Calls
Agent never calls outside the tenant
No Cross-Tenant Data
Zero visibility into other orgs
No Public LLM Endpoints
Private Azure OpenAI only
🛡️ "Our data can't leave" → "Show me how" — This pattern removes the #1 blocker for regulated industries.

The Cheat Code · ABS Tech Strategy · Back to all patterns