4.8/5 of 53 reviews
4.3/5 of 38 reviews

Artificial Intelligence in eSpatial’s Territory Manager


At eSpatial, AI solutions are developed and operated within an information security framework aligned to ISO/IEC 27001, ensuring robust controls for the protection, confidentiality, and integrity of customer data.

People reviewing territory map

Quick answer

This article outlines our security and data privacy practices in relation to AI within the Territory Manager application and reflects our commitment to maintaining transparency as these practices continue to mature.

AI Technologies used at eSpatial


The Territory Manager application in eSpatial employs a structured AI architecture designed to ensure secure, controlled, and auditable interactions between client applications and AI services.

Client requests are initiated through a browser-based interface and routed via a dedicated chat proxy, which acts as a controlled gateway between the client environment and internal AI services. This proxy enforces communication boundaries and ensures that all interactions are mediated in accordance with established security policies.

Within the infrastructure, an orchestration layer, implemented using an Aegra-based framework (functionally equivalent to LangGraph), manages the flow of messages between system components. This orchestration layer coordinates request handling, tool invocation, and response delivery while maintaining strict control over data movement.

Tool execution is handled by an internally hosted Model Context Protocol (MCP) server, deployed within the primary application environment. The MCP server processes tool requests issued by the AI agent, ensuring that all integrations and data access operations occur within controlled and governed infrastructure.

The AI agent itself (implemented using the Aegra orchestration framework) is hosted within eSpatial infrastructure. This agent is responsible for coordinating interactions, as well as performing centralized tracing and logging, providing full observability and auditability of AI-driven workflows. Hosting the agent internally ensures that message handling and intermediate data processing remain within eSpatial's security perimeter.

For natural language processing capabilities, the agent interacts with an external large language model (LLM), specifically Anthropic’s Haiku 4.5, accessed under a commercial licensing agreement. Under this agreement, customer data submitted through the system is not used for model training or retention beyond the scope of the service, ensuring that sensitive information is not used to train or enhance external AI models. The external LLM operates in a stateless configuration, whereby customer inputs are processed transiently for the purpose of generating a response and are not retained or persisted beyond the scope of the request.

This architecture ensures that customer data remains under strict control, with external dependencies limited to clearly defined, contractually governed AI services.

External MCP Client access


At present, eSpatial does not permit integration with external MCP clients, ensuring that all tool interactions remain within controlled infrastructure boundaries. Any future enablement of external integrations will be implemented using secure authentication and authorization mechanisms, such as OAuth, in line with established security standards.

Access Control and Tenant-Level Configuration


eSpatial operates a multi-tenant architecture in which each customer organization is logically isolated and maintains independent control over its users and feature access. Functionality within the platform is governed by a comprehensive permissions model applied at both the organization level and the individual user level.

Administrative users within each organization are empowered to manage and configure permissions for their own users, enabling fine-grained control over which features are accessible and by whom. In addition, eSpatial maintains administrative controls to enable or disable specific capabilities at the organization level, ensuring that features can be deployed in a controlled and deliberate manner.

Access to AI-powered functionality, including the AI chat capability, is governed by these same permission controls. The AI feature is not enabled by default for all organizations; instead, it is explicitly provisioned via configuration. Organizations that do not have this permission enabled will not have access to AI functionality, and no data from their users will be transmitted to external AI services.

This approach ensures that organizations retain full control over the adoption and use of AI within their environment, supporting both security requirements and internal governance policies.

Monitoring, Tracing and Logging


eSpatial utilizes a centrally managed tracing and logging solution (Langfuse) to support the monitoring and operation of AI-driven workflows. This capability is fully self-hosted within eSpatial infrastructure, ensuring that all logged data remains inside the organization's controlled environment.

Access to logs and trace data is governed by role-based access controls (RBAC), ensuring that visibility is restricted to authorized personnel with a legitimate operational need. This controlled access model supports adherence to the principles of least privilege and data confidentiality.

Tracing and logging are primarily used for operational support and service improvement, including the investigation of customer-reported issues, analysis of system behavior, and evaluation of AI response quality and tool usage. These insights enable us to maintain reliability, improve performance, and ensure the ongoing effectiveness of AI capabilities while operating within a secure and auditable framework. Traces and logs are retained for a maximum of 90 days.

Authentication and Secure Session Handling


eSpatial implements a secure, token-based authentication mechanism to control access to AI-related operations and downstream service interactions.

When a user initiates an AI session, a unique, time-bound authentication token is generated and associated with the user’s existing session and security context. This token is used internally to authenticate and authorize subsequent system-to-system interactions, including calls to internal tooling services.

All tool requests are programmatically authenticated using this token, which is validated within infrastructure to ensure that actions are executed within the appropriate user and organizational security context.

This mechanism is designed such that authentication credentials are handled exclusively within controlled backend services. The external language model (LLM) does not have access to, visibility of, or interaction with authentication tokens at any stage. This separation ensures that sensitive security artefacts remain within the trusted environment.

Tokens are short-lived and managed in accordance with defined security policies, further reducing risk and supporting secure session management practices.

You appear to be offline at the moment, this notice will disappear once your device can connect to the internet again