Adrián Chamorro
Sunday, June 15, 2025
AI Tools Are Changing How We Code, but Who's Teaching Us to Stay Safe?
Artificial intelligence tools are revolutionizing productivity, especially in coding and development. Tools such as GitHub Copilot, Cursor, and Windsurf are reshaping workflows, making software creation faster and more intuitive. However, with these advancements comes significant responsibility, particularly regarding information security.
Before you paste that next prompt, do you really know where the data will end up and who might access it?
On platforms like YouTube or Medium, countless AI content creators enthusiastically highlight the exciting features of new agentic coding tools. They emphasize their capabilities and the efficiency these tools bring to be more productive. However, this trend often overlooks a crucial issue: the potential risks and consequences of information leaks and compromised security.
In my professional environment, despite recognizing the productivity benefits of these assistants, I abstain from integrating tools like Cursor and Windsurf into my workflow yet. My code doesn’t involve sensitive information, yet caution persists. Why? Because security isn’t just about today’s scenario, it’s about building habits and protocols that protect against unforeseen risks tomorrow.
I want to share with you in this post my thoughts on the security aspect of agentic tools and how to approach it. I just want to give you a bit of a perspective on this big problem we are facing: lack of AI security education.
📈 Growing Use, Growing Concerns
The rise in popularity of advanced AI coding tools has raised justified concerns about security and data protection. While developers quickly embrace these powerful assistants, few fully grasp the details of how their data is managed, stored, and secured.
For instance, platforms like Cursor and Windsurf allow deep agentic functionalities, which means these tools don’t just autocomplete your code; they proactively suggest, generate, and even execute code snippets autonomously. This behavior, while efficient, creates a potential risk for inadvertently exposing sensitive information.
🎓 Why Education Is Essential
Education about AI isn’t merely understanding how to leverage these tools, it’s critical to learn how to safely integrate them into our workflows. Developers and company leaders must understand what data is transmitted, how it’s processed, and what assurances vendors provide regarding information security.
Secure AI adoption isn’t about prompt engineering, it’s about understanding the data path:
- What leaves your laptop?
- Where is it processed?
- How long is it stored?
- Can it train someone else’s model?
- What assurances does the vendor provide?
- What are the legal implications?
Teams and developers who understand these dynamics aren’t slowing down innovation, they’re making informed decisions while still enjoying the productivity boost.
🛡️ Security Measures & Legal Frameworks
Robust security practices for agentic coding tools must include:
- End-to-End Encryption: Data in transit and at rest must be securely encrypted (TLS in transit, AES-256 at rest).
- Data-Minimisation & Zero-Retention Modes: Tools should collect only necessary information and clearly define data retention policies. Process in RAM, don’t persist.
- GDPR-aligned contracts (DPA) & regional data residency: Ensure data is stored in a region where GDPR compliance is guaranteed (e.g., GitHub’s EU cloud option).
- Independent audits: SOC 2 (Type II) and/or ISO 27001.
- Vendor promise not to train on your code: (Copilot default, OpenAI API default).
📊 Quick Security Snapshot
Below is a condensed table comparing six popular code assistant offerings across the levers security and compliance teams ask about first—encryption, data retention windows, whether your snippets are ever recycled for model training, the badges they hold, and where the service actually runs.
| Tool / Plan | Encryption | Data Retention | Training on Your Code | Key Certs | Enterprise / Deployment |
|---|---|---|---|---|---|
| GitHub Copilot Free | TLS / Azure-at-rest | Ephemeral | No (opt-in possible) | GitHub platform controls | Cloud-only |
| GitHub Copilot Business | TLS / Azure | Ephemeral | Never | SOC 2 Type I, ISO 27001, GDPR DPA | Cloud with EU region |
| Cursor (Privacy Mode) | TLS / AWS | Zero retention | Never | SOC 2 Type II | Cloud-only |
| Windsurf Cloud (ZDR) | TLS / GCP | Zero retention | Never | SOC 2 Type II, FedRAMP High | Cloud with EU region |
| Windsurf Self-Host | Your infra | You define | Never leaves network | Your internal audits | Full on-prem |
| OpenAI API / ChatGPT Ent. | TLS / OpenAI or Azure | 30-day (0 on request) | No by default | SOC 2 | Cloud; Azure-EU regions |
(“Zero retention” = vendor promises not to write your code to disk; it lives only in RAM for a few seconds while the model runs.)
*To be fear, Github Copilot Business depends on your GitHub Enterprise Cloud data-residency setting rather than Copilot itself.
Find your perfect copilot: match your engineering persona to the option that fits your risk, quick wins highlighted, pitfalls flagged.
| Persona (what they really care about) | Good fit | Why it works | What to watch out for |
|---|---|---|---|
| Solo hacker / OSS contributor Wants autocomplete, doesn’t store trade secrets, happy to trade a bit of telemetry for speed | GitHub Copilot Free | Low friction, free, suggestions appear in-line. Prompts are discarded after each request and not used for model training unless you explicitly opt-in | No SOC reports, no data-residency guarantees—fine for hobby code, not for client IP |
| Startup dev team (≤ 20 engineers) Can’t leak client code, but also can’t run infra | Cursor with “Privacy Mode” | Enables zero data retention & “never train” on your snippets while staying cloud-hosted | Cursor still transports data through AWS; you’re trusting their controls. SOC 2 Type II is in place, but no HIPAA/FedRAMP |
| EU-based scale-up with GDPR & Schrems II anxiety | GitHub Copilot Business attached to GitHub Enterprise Cloud – EU data residency | When the repos and prompts live in GitHub’s EU region, Copilot inherits the same boundary. SOC 2 Type I & ISO 27001 in force | Copilot’s core model still runs in Microsoft Azure; you’re relying on GitHub’s contractual EU processing commitments, not physical air-gapped inference |
| Enterprise with SOC-2 auditors but no gov-cloud mandate | Windsurf Cloud (ZDR) | “Zero-data-retention” toggle, SOC 2 Type II report, plus FedRAMP-High accreditation even if you don’t need it—nice signalling | It’s still multi-tenant SaaS; keys and logs live in GCP/AWS. Ask for their sub-processor list |
| Public-sector / defense contractor FedRAMP or ITAR orbit | Windsurf Self-Host | Runs entirely inside your network; you own encryption, logs, and audit scope | You also own patching, scaling, and any future model upgrades—budget for ops |
| Global corporation with mixed workloads, legal hold exposure, and LLM experimentation everywhere | OpenAI API / ChatGPT Enterprise | 30-day default log retention with contractually-available Zero-Data-Retention option; SOC 2 Type II; Azure-EU or OpenAI US hosting | Court orders can override retention rules for consumer tiers but not Enterprise/ZDR contracts—still a reminder that legal teams trump tech settings |
🏢 Recommendations for Companies
- Demand the enterprise tier. Free plans rarely include a DPA or audit reports.
- Enforce zero-retention / privacy mode. Make it non-toggleable via admin policy.
- Use SSO & role-based access to revoke seats instantly when staff churn.
- Review vendor SOC 2/ISO reports annually; ask for pen-test summaries.
- Keep secrets out of prompts, no tool can protect data you paste by accident.
- Mandate human review of all AI-generated code before merge.
✅ Conclusion
As we continue embracing AI’s transformative power, education on secure usage is not optional, it’s imperative. Understanding and demanding robust security measures from tool providers ensures the productivity gains from AI are never overshadowed by security compromises.
I hope this article has encouraged you to reflect on the importance of data security in the age of AI. My intention is to contribute to the broader conversation on AI education. I truly believe that, in the near future, we’ll see dedicated subjects in schools focused on these topics. And honestly, I hope that happens sooner rather than later, because we’re already riding the wave.