PII Enforcement automatically detects and masks personal data in prompts before they are forwarded to any AI provider, including names, email addresses, phone numbers, IBANs, credit card numbers, social security numbers, and IP addresses. Anyone using AI in a professional context knows the gap: personal data flows into prompts unfiltered, and neither Business nor Enterprise tiers of the major AI platforms detect or mask it. The usual answer is to buy a separate data loss prevention or anonymisation tool, typically around €10 per user per month. Our built-in PII Enforcement removes that line item by making the protection part of the platform.
How It Works
Administrators enable PII Enforcement. Once active, every prompt submitted by any user is scanned before it leaves BlackMountain. Recognised personal data is masked in place, and only the sanitised prompt is forwarded to the AI provider. The user sees what was detected and what was masked, so the behaviour is transparent rather than silent.
The control sits with the organisation, not the individual employee. That matters in two directions. For compliance and security teams, it closes a known exposure path: staff can no longer paste sensitive data into a prompt, intentionally or by accident, and have it leave the organisation's perimeter. For employees, it removes the burden of having to anonymise everything by hand before asking a question.
Security as a Default
Security is one of BlackMountain's positioning principles, and PII Enforcement is what that principle looks like in practice. Protection is integrated, not sold separately. It complements our European hosting by ensuring that personal data does not reach US-based providers in the first place. Where other AI platforms leave data protection to a second vendor and a second contract, we treat it as part of what an enterprise AI platform is supposed to do.
Category
Press Releases
Author
