The workspace as control plane

The traditional desktop was the center of work—a physical machine where everything converged. That world is gone. The modern workspace is not a device, OS, or browser. It is a fungible abstraction that comes to life wherever apps, identity, security, and context converge around a worker.

Published: May 1, 2025 — Original post

The formula

Workspace + Worker = Work

Components of a workspace

• Apps: access to applications
• Identity: who is doing the work (human or AI)
• Security: policies and controls
• Context: what task, what business justification

Why this matters for AI governance

AI is showing up everywhere: built into apps, browsers, operating systems, and standalone tools. Each AI implementation has its own admin console, policy language, and security model. You cannot standardize on one AI—fragmentation is reality.

The only place you can apply consistent governance across all AI implementations is at the workspace level. Trying to govern AI by controlling which tools workers use creates policy holes. Governance must work across layers.

The principle

Let AI live where it works best. Govern it where work happens.

The evolution

In the second brain era, "where work happens" is expanding. Work isn't just in apps and documents anymore. It's in a worker's personal knowledge system, their ambient AI context, the MCP connections between their tools. The governance challenge has expanded from "which apps?" to "what data sources is a worker's AI connecting to, what is it absorbing, and where is that knowledge flowing?"

The workspace-as-control-plane concept still holds. The perimeter of what needs to be governed has grown.