AI agents are rapidly moving from demos to production, acting autonomously across tools, data systems, and workflows—and in the process, they amplify data movement far beyond what traditional governance models were designed to handle. Data security controls built for humans break down when agents operate at machine speed, execute in parallel, and persist sensitive information across new data surfaces like trajectories, embeddings, logs, and tool outputs.
In this talk, we outline the emerging data governance failures in agentic architectures—identity confusion for data access, entitlement creep, recursive leakage across agent chains, new data constructs leading to old controls becoming obsolete, and why out of box agent harnesses and existing IAM are insufficient. We then present Meta’s governance-first approach for safely enabling agents at scale: a defense-in-depth stack centered on Isolation Domains (domain-scoped encryption and output closure), Agent Identity (end-to-end attribution distinct from the user), Agent-Aware Access Control (classification-aware ABAC evaluated at query time), AccessMate (zero-standing-permissions access triage and least-privilege fallback), CodeGuard (secure code generation and runtime execution guardrails), and DataVM—a unified trusted data environment that bounds inputs, tools, and outputs under one governed scope.
Attendees will leave with a concrete reference architecture for building agents that are not merely powerful, but governable, auditable, and regulatory-ready—turning governance from a blocker into the harness that safely unlocks agent autonomy.
