Home/Insights/AI & Analytics · Data Governance · Strategy
AI & Analytics · Data Governance · Strategy

MCP, AI Agents And The Governance You Now Need

HA

Hopton Analytics

Analytics Consultancy

December 2025·4 min read
MCP, AI Agents And The Governance You Now Need

The Model Context Protocol lets AI assistants query and act on your live data. Two checks decide whether it helps you or leaks at conversational speed.

The boring standard that just raised the stakes

A wave of companies have shipped connectors for the Model Context Protocol, Apollo among the louder ones. MCP is a standard way to let an AI assistant talk to your tools and data with proper permissions and without a bespoke integration for every system. The demos show sales prospecting. Ignore the demos. The pattern underneath them is the story.

We cover the practical side of this in our AI work, and Are your people happy? The first question in any Data or AI project looks at a closely related question.

The pattern is this. AI tools are starting to get governed, permission-scoped access to your real data, and the ability to act on it rather than merely read it. You ask a question in plain English, the assistant queries the actual source, respects the permissions of the person asking, and can write something back. That this is settling on one open standard rather than fifty proprietary ones is the quiet good news. The loud bad news is what it does to your exposure.

Two ways it bites, both avoidable

An AI agent runs as somebody. Wire it in to inherit the user's access and you are fine. Wire it in with a service account that can see everything and you have handed a tireless, fluent, utterly confident assistant the keys to the whole estate, and it will summarise your payroll into a chat window for whoever thought to ask. That is not a horror story. It is the default outcome when the setup gets rushed.

The second bite is quieter and worse. Feed an agent loose definitions and it will answer with total conviction using a number three of your departments would dispute, and people will believe it more, not less, because it arrived in a clean sentence with no hedging. A wrong figure in a dusty report gets ignored. The same figure, delivered on request by an AI agent, gets acted on.

The two checks to run before you connect anything

Before any AI tool touches live data, answer both. If either answer is wrong, do not connect it yet.

Does the tool inherit the permissions of the person using it, or its own. It must be the person's. Anything else is a leak waiting for a prompt. And does it read from one governed definition layer, a semantic model or its equivalent, or is it free to roam the raw tables and invent its own logic. It must read from the governed layer, or every answer is a coin toss in a confident voice.

The part worth getting excited about

Here is the reframe. The unglamorous, nobody-thanks-you-for-it discipline of data governance has quietly become a competitive capability. The winners will not be the ones who bolt on the most connectors. They will be the ones whose data was already clean and governed enough to be safely connectable. Everyone else is about to discover, in public and at speed, what their permissions and definitions were really like.

That is the centre of our analytics strategy and governance work, and why we are so particular about the Microsoft Fabric and semantic layer underneath these tools. Get it right and MCP is a gift. Get it wrong and it is the same gift, set on fire. Either way, run the two checks before the demo runs your data.

If any of this sounds familiar, talk to us about your data.

Related reading

HA

Hopton Analytics

Analytics Consultancy

Part of the Hopton Analytics team, delivering governed analytics programmes for UK mid-market organisations.

Get started

Ready to put this into practice?

Reading about better analytics is a start. Working with us is how it happens.

Book a free analytics audit