Skip to main content

Trust · Security & controls

Security and Controls for AI Automation Systems.

B2B operations run on trust. Before an automation touches your CRM, billing, or customer communication, you should know exactly what it can access, what it decides on its own, and what always waits for a human. This page documents the controls we build into every engagement.

Controlled by design. Least-privilege access, human approval gates on high-impact actions, full audit logs, and a documented kill-switch on every live workflow.

The control model

Nine controls behind every automation.

01

Data access principles

Every automation runs on least-privilege access. A system can only read and write the specific records and fields it needs to do its job — nothing wider.

  • Scope defined per workflow, not per platform — read-only where write access isn't required
  • Field-level access where the tool supports it (e.g. a lead-routing agent never touches financial fields)
  • Access is documented in the build spec and reviewed before go-live
  • Credentials stored in a secrets manager, never hard-coded or shared in plaintext

02

Human approval gates

High-impact actions pause for a person. The automation prepares the work; a human approves it before anything irreversible happens.

  • Configurable approval thresholds (value, risk level, customer tier, confidence score)
  • Draft-and-review by default for outbound communication to customers
  • Explicit sign-off required before deletion, bulk updates, refunds, or contract actions
  • Approval events are logged with the approver, timestamp, and the exact payload approved

03

Audit logs

Every meaningful action an automation takes is recorded so you can reconstruct what happened, when, and why.

  • Append-only event log: input received, decision made, action taken, system updated
  • Each entry links the triggering record, the rule or model output, and the downstream change
  • Logs are queryable and exportable for compliance and internal review
  • Override and fallback events are flagged distinctly from normal operation

04

API permissions

Integrations use scoped, revocable credentials. We connect to the minimum set of endpoints required and keep keys rotatable.

  • OAuth scopes or API keys limited to the endpoints a workflow actually calls
  • Separate credentials per environment (sandbox vs production) and per integration
  • Keys are rotatable without redeploying code; revocation is immediate
  • Rate limits and quotas respected with backoff so we never destabilize a client system

05

Error handling and fallback rules

Automations are built to fail safe. When an input is ambiguous, a service is down, or confidence is low, the system stops rather than guesses.

  • Confidence thresholds: below the line, the task routes to a human instead of acting
  • Retries with backoff for transient failures; hard stop after a defined ceiling
  • Dead-letter queue for items that can't be processed, with alerting
  • Graceful degradation — a failed enrichment step never blocks the core handoff

06

Sensitive data handling

We minimize what sensitive data touches the automation, and we control where it goes when it must.

  • Data minimization: only the fields needed for the decision are passed to any model
  • Redaction and masking of PII where the workflow doesn't require it
  • Clear stance on model-provider data usage — we use providers and settings that do not train on your data
  • Retention rules defined per workflow; transient data isn't persisted beyond its purpose

07

CRM and business tool access

Access to your CRM, helpdesk, billing, and internal tools is scoped, named, and reversible. You always know which system can do what.

  • Dedicated service accounts per integration, never a shared admin login
  • Permissions mapped to the specific objects and actions each automation needs
  • Write-backs are idempotent and traceable to the automation that made them
  • You can revoke access at any time without breaking unrelated workflows

08

Monitoring and incident response

Running automations are observed continuously. When something deviates, alerts fire and there's a defined path to contain it.

  • Health checks, throughput monitoring, and anomaly alerts on each live workflow
  • Alerting routed to a named owner with severity levels and response expectations
  • A documented kill-switch to pause a workflow instantly if it misbehaves
  • Post-incident review with root cause and the control change that prevents recurrence

09

What we do not automate without approval

Some actions always require a human decision. We design these as hard gates, not defaults that can be toggled off quietly.

  • Irreversible deletion or bulk destruction of records
  • Money movement: refunds, payouts, invoice changes, pricing changes
  • Legally significant communication or commitments to customers
  • Anything touching employment, contracts, or regulated decisions
  • Mass outbound messaging without a reviewed template and recipient list

These controls are scoped to each engagement during design and verified before go-live. See how they show up in real systems on our case studies and the proof library.

Risk gates

The control layer between AI output and business action.

A risk gate decides whether an automation can continue, pause, escalate, or fall back to a human. Profitec AI uses risk gates to stop AI workflows from acting on weak inputs, low-confidence classifications, missing data, policy conflicts, failed integrations, or sensitive actions that require review.

WorkflowRisk gate
CRM automationDo not update the lifecycle stage when classification confidence is below threshold.
Lead routingEscalate when lead value is high but required fields are missing.
Payment recoveryPause when invoice status and CRM status disagree.
Document processingRoute to a human when extraction confidence is low.
Customer supportRequire approval before sending sensitive or account-specific replies.
AI complianceBlock the automation when the policy classification is unclear.

Control, not blind automation.

The goal is not to automate every step. It is to automate the predictable work and control the uncertain work — so the system knows when to continue, when to ask for review, when to alert the team, and when to stop.

Risk gates are mapped per workflow during our engagement process, and policy-classification gates are covered in AI compliance.

10 · FAQ

Common security questions.

01Does Profitec AI train AI models on our data?

No. We use model providers and configurations that do not train on your data, and we minimize what data is sent to any model in the first place. Sensitive fields are redacted or masked when the workflow doesn't require them, and retention is scoped per workflow.

02Can we keep humans in the loop for sensitive actions?

Yes — that's the default for anything high-impact. Approval gates pause the automation before irreversible actions (deletion, money movement, customer commitments). The system prepares the work and a named person approves the exact payload, which is then logged.

03How do you control access to our CRM and internal tools?

We use dedicated, scoped service accounts per integration with least-privilege permissions mapped to the specific objects and actions a workflow needs. Access is documented, revocable at any time, and never relies on a shared admin login.

04What happens when an automation encounters something it can't handle?

It fails safe. Below a confidence threshold or on a service failure, the task routes to a human rather than guessing. Transient failures retry with backoff; unprocessable items go to a dead-letter queue with alerting. A failed optional step never blocks the core handoff.

05Can you pause or roll back an automation quickly?

Yes. Every live workflow has a documented kill-switch to pause it instantly, plus monitoring and anomaly alerts routed to a named owner. Write-backs are idempotent and traceable, so changes can be identified and reversed.

06Do you keep an audit trail?

Yes. We maintain an append-only event log of input received, decision made, action taken, and system updated — each entry linked to the triggering record and the rule or model output. Override and fallback events are flagged distinctly, and logs are queryable and exportable for review.

07What is a risk gate in AI automation?

A risk gate is a control layer that checks whether an AI workflow should continue, pause, escalate, or fall back to a human. It usually evaluates classification confidence, missing data, policy rules, integration status, and how sensitive the resulting action is.

08How do you prevent AI automation mistakes?

We validate inputs before any AI reasoning, set confidence thresholds, log every action, require human approval for sensitive steps, and create fallback paths for when the system is uncertain. Mistakes are contained by design rather than discovered later.

09Should AI automations run without human review?

Low-risk, repetitive tasks can often run automatically. Judgment-heavy, external-facing, financial, legal, or sensitive workflows should pass through human review or an approval gate before any irreversible action.

Next step

Want the controls mapped to your stack?

We'll walk through how access, approval gates, audit logs, and fallback rules apply to your CRM, billing, and tools — before any automation is built.

Not sure what to automate first? Ask me.