--- title: "Security & Deployment — SOC 2 Certified Supply Chain AI Governance | bluefabric" description: "bluefabric is built with SOC 2 Certified controls: isolated customer environments, encrypted connections to WMS, TMS, and ERP, scoped MCP permissions, governed write-back, and a full audit trail of every AI agent action. Deployment options match your security profile." url: https://bluefabric.ai/architecture/security/ source: content/architecture/security/index.html --- [bluefabric](/)/ [Architecture](/architecture/)/ Security Jump to [Controls](#controls) [Isolation](#isolation) [Encryption](#encryption) [Governed access](#governed-access) [Audit](#audit) [Deployment →](/architecture/deployment/) security & deployment # Built for systems AI _should never touch directly._ Supply chain data is not marketing content. It controls inventory, shipments, suppliers, customers, revenue, service levels, and operational risk. **bluefabric is designed for secure deployment** in environments where data is sensitive, systems are business-critical, and AI agents need strict boundaries. AI can reason over your operations. It should never bypass your controls. [See bluefabric Live →](https://calendly.com/bluefabric/demo) 15-min walkthrough // security boundary production-grade S2 SOC 2 Certified controls framework T Tenant isolation data · compute · access ↔ Encrypted in transit tls · mTLS · scoped ▣ Encrypted at rest storage · keys ⚙ Permissioned agents scoped · governed ≡ Full audit trail who · what · why Uncontrolled AI integration Direct AI access to WMS, TMS, ERP, OMS. Raw model writes into source systems. Uncontrolled agent actions. No clear boundary between reasoning and action. Procurement and IT cannot review what they cannot see. bluefabric in the middle Every read, calculation, and action is scoped. Controlled, logged, and explainable. Agents call one governed layer. Source systems stay protected. The boundary is the product — not an afterthought. The boundary ## Security is not an afterthought. It is the _product boundary._ bluefabric sits between AI agents and the systems your supply chain actually runs on. That means every read, calculation, recommendation, and action needs to be **controlled, scoped, logged, and explainable.** No direct AI access to WMS, TMS, ERP, or OMS. No raw model writes into source systems. No uncontrolled agent actions. The agent gets intelligence. Your systems stay protected. ![Operational controls review across access, activity logging, and change management](https://pub-6d0b5b97762c4335b5b515672d21523f.r2.dev/img/technology/inspector-tablet-warehouse.webp) // SOC 2 Certified controls SOC 2 Certified ## Controls across access, activity, and _operations._ bluefabric is built around SOC 2 security principles and enterprise operating controls. **Access is controlled.** Users, services, and agents operate through defined permissions and policy boundaries. **Activity is logged.** Reads, writes, calculations, tool calls, approvals, and agent actions can be audited. **Operations are governed.** Security procedures, monitoring, and change controls support production-grade deployments. One controlled product for procurement, IT, and security to review — not a mess of one-off AI integrations. Isolated customer environments ## Your operational data should not sit in a _shared mess._ bluefabric is designed with customer separation across data, compute, access, and operational controls. **No shared operational data planes. No cross-customer data exposure.** Data separation Isolated by tenant. Customer data is isolated by tenant and deployment model. The boundary follows the deployment — never blurred between accounts. Compute separation Dedicated environments. Dedicated environments are available for customers that require stronger isolation — runtime, processing, and storage scoped to your tenant. Access separation Scoped to the environment. Permissions, keys, policies, and audit trails are scoped to the customer environment. Every action is attributable to the tenant that triggered it. No shared data planes. No cross-customer exposure. In transit Encrypted connections everywhere. Encrypted channels between bluefabric, source systems, agents, APIs, and user interfaces. Every hop scoped, every transport authenticated. At rest Encrypted storage end-to-end. Operational data, metadata, logs, model context, and intermediate processing outputs are encrypted in storage — not just the front door. Key management Customer-managed keys. Customer-managed key options can be supported in customer cloud deployments — control of the keys stays with the people who own the data. End-to-end encryption ## Protected from source system to _agent response._ Supply chain data moves across systems, files, APIs, agents, and workflows. bluefabric protects that movement with **encryption in transit and at rest**, with key management options depending on deployment model. No silent fallbacks. No clear-text intermediates. No "we'll encrypt this part later." Sensitive data should stay protected from source system to agent response. ![Operational teams collaborating across systems and partners — every connection scoped](https://pub-6d0b5b97762c4335b5b515672d21523f.r2.dev/img/technology/warehouse-workers-tablet-collaboration.webp) // secure source-system connections Secure connections ## A connector should never become a _back door for AI._ bluefabric connects to critical operational systems through controlled integration patterns. **WMS. TMS. ERP. OMS. EDI. APIs. Databases. Data lakes. Portals. Files.** Every connection should be configured with the minimum access required, auditable credentials, secure transport, and clear ownership. **Scoped credentials.** Access only what bluefabric needs for the approved workflow. **Secure transport.** Encrypted API, database, file, and event connections. **Source-of-truth boundaries.** Agents do not overwrite master data unless a governed action explicitly allows it. [Explore Ingest →](/ingest/) // agent request lifecycle 01 Agent request tool · read · action → 02 Permission check user · scope · policy → 03 Allowed surface tool · calc · object → 04 Governed response approval · write-back → 05 Audit trail who · why · what // bluefabric decides what the agent can read which calculations it can call which actions it can request who initiated the action what approval path is required what gets logged Governed agent access ## Agents can ask. bluefabric _governs._ AI agents do not get direct system access. **They connect through bluefabric.** Every request runs through a permission check, an allowed surface of tools and calculations, optional approval, and a logged response — before anything reaches a source system. Agents can ask. bluefabric governs. Your systems remain in control. Governed write-back ## Read-only AI is safe — but _limited._ Operational value starts when agents can move work: update status, request follow-up, trigger an approval, route an exception, or write back to a system. **bluefabric makes write-back structured and controlled.** Permission Policy Traceability **Permission** — is this agent, user, or workflow allowed to request the action? **Policy** — does the action meet business rules and approval requirements? **Traceability** — can the action be explained, audited, and reviewed later? No raw AI output should ever hit your WMS, TMS, or ERP. [Explore the MCP layer →](/use/) Full auditability ## Every agent action is _traceable._ Not just what happened — but who initiated it, which agent performed it, what data it used, which rule allowed it, what system it touched, and what happened next. Who initiated it The user, workflow, system, or approval path that **triggered the request.** What the agent did The tool called, calculation run, recommendation made, or **action requested.** Where it went The source system, object, workflow, API, or **write-back destination affected.** Why it was allowed The permission, policy, approval, or **business rule that authorized the action.** What changed The before-and-after state, response, status, timestamp, and **outcome.** No mystery agents. No mystery writes. No untraceable decisions. Your data, your boundary ## Your data is _not training data._ Sensitive operational data should not be used to train external models. bluefabric is designed so customer supply chain data remains controlled inside the agreed deployment boundary and **is not used to train public models.** Agents get governed access to context and tools. They do not get ownership of the data. Your data stays your data. Deployment options ## Match your _security profile._ Not every customer has the same risk profile. **Dedicated cloud** for the fastest path to production. **Customer cloud** for strict data residency inside your AWS, Azure, or GCP perimeter. **Hybrid** for the messy reality of mixed infrastructure. Dedicated cloud Customer cloud Hybrid Same product. Same governance. Different perimeter. [Compare deployment options →](/architecture/deployment/) ![One controlled product across the operational stack — easy for IT, procurement, and security to review](https://pub-6d0b5b97762c4335b5b515672d21523f.r2.dev/img/technology/workers-tablet-forklift.webp) // one architecture · one review Built for the security review ## Built so IT _can say yes._ AI projects often fail in security review because they look like uncontrolled integrations. Agents connected directly to critical systems. Sensitive data copied into unknown tools. Custom workflows nobody can audit. No clear boundary between reasoning and action. **bluefabric gives IT, procurement, and security one governed product to review.** **Review once.** One architecture. One security model. One control plane. **Govern centrally.** Access, calculations, actions, approvals, and audit trails managed through bluefabric. **Expand safely.** Add agents and workflows without reinventing security for every integration. Built so your CIO's first review is the last review. Why this matters for AI ## AI changes _the risk profile._ A dashboard can show bad data. **An agent can act on it.** That is why bluefabric is built with data separation, governed access, secure deployment, encryption, source-of-truth boundaries, and auditable write-back from the start. Controlled data Policy-bound agents Explainable actions **Sensitive operational data is controlled.** Customer data stays inside the agreed deployment and access boundary. **Agent actions follow policy.** Agents cannot bypass approval workflows or permission rules. **Every action is explainable.** Reads, calculations, recommendations, and writes are tied to the initiating user, the agent that performed the action, the policy that allowed it, and the system or record affected. AI should accelerate operations, not create uncontrolled operational risk. Secure the brain before agents start acting ## Intelligence for agents. _Control for the enterprise._ Your AI agents need access to supply chain context. **They do not need uncontrolled access to source systems.** bluefabric gives agents the clean data, trusted calculations, and governed actions they need — inside a security model your IT team can understand and approve. Intelligence for agents. Control for the enterprise. [See bluefabric Live →](https://calendly.com/bluefabric/demo) [Back to architecture →](/architecture/) [ ← Architecture overview Four layers · one fabric Return to the bluefabric architecture overview — sources, fabric, MCP interface, and AI agents. ](/architecture/)[ Next: how agents consume → Use · the MCP layer How every agent calls the same brain through one governed interface — reads, calculations, actions, and approvals. ](/use/)