Sphere wins 2026 Global Recognition Award
Sphere Partners
RAG Data Ingestion: Connecting Enterprise Systems Without Breaking Security

RAG Data Ingestion: Connecting Enterprise Systems Without Breaking Security

RAG projects don't die at the model or the vector database — they die quietly in the ingestion layer. Here's how to architect connectors, permission inheritance, format handling, and incremental refresh so enterprise knowledge reaches the index without losing permissions, mangling formats, or going stale.

5 min read
In this article

Ask where enterprise RAG projects die, and most people will say "the model" or "the vector database." They're wrong. RAG projects die quietly in the ingestion layer — the unglamorous job of getting knowledge out of the dozens of systems it lives in and into a form the system can retrieve, without losing permissions, mangling formats, or going stale.

It dies quietly because the demo always works: someone uploads a clean folder of PDFs and the assistant answers beautifully. Then reality arrives — the real knowledge is spread across SharePoint, a CRM, a wiki, a SQL database, Slack threads, and a decade of email and legacy documents, each with its own permissions and quirks. Enterprise RAG data ingestion is a solved problem, but only if you architect it correctly from day one. Here's how.

Source connectors: meeting knowledge where it lives

The first principle: your assistant is only as good as the systems it can reach. Enterprise knowledge is federated by default, so the ingestion layer needs connectors across the real estate where work actually happens — SharePoint, Confluence, Salesforce, SQL databases, S3, SAP, REST/custom APIs, PDFs and Word documents, Slack, and Teams. Each connector has to do three things well: authenticate securely (ideally with scoped service credentials), pull content reliably, and carry metadata and permissions along with the content.

The PetroLedger engagement is the textbook case for why connector breadth matters. Critical institutional knowledge was buried across emails, legacy documents, training videos, workflows, and the heads of subject-matter experts — none of it in one tidy repository. The value came from unifying those scattered sources into a single generative knowledge platform, which is what cut new-hire time-to-productivity from 8–12 months toward 3–5 and drove roughly $1.2M/year in savings. The connectors weren't a detail; they were the project.

Permission inheritance: architecture, not cleanup

Here is the rule that separates a secure ingestion layer from a liability: permissions are part of the data, and they must be ingested with it. When a document comes in from SharePoint, its access controls come in too. When a record comes from Salesforce, its visibility rules come with it. Each chunk inherits the access model of its source, and that inheritance is enforced later at retrieval time — so a user can only ever retrieve from sources they're already allowed to open.

Teams that treat permissions as a later "cleanup" task build themselves a breach. Once everything is flattened into one index with no source-level access control, there's no clean way to re-impose it — and the first time the assistant surfaces a restricted document to the wrong person, the project is over. RBAC must be enforced at retrieval time, which means permission metadata must be captured at ingestion time. Architect it in on day one; you cannot bolt it on at the end. (We go deep on this in enterprise RAG security.)

Document format handling: the messy middle

Enterprise content is not clean text. The ingestion layer has to turn a chaotic mix of formats into consistently chunkable, retrievable units:

  • PDFs — the hardest common case. Native-text PDFs are fine; scanned PDFs need OCR, and complex layouts (multi-column, tables, figures) need layout-aware extraction or you'll shred the meaning.
  • DOCX / Office — generally clean text, but headings, tables, and embedded objects need structure-aware parsing so they chunk well.
  • HTML / wiki pages — strip boilerplate (nav, footers) and preserve the real content structure.
  • Structured data (SQL, spreadsheets, CRM records) — not "documents" at all; rows and fields need to be rendered into retrievable text with their schema/context intact, or a number arrives with no idea what it measures.

The output of this stage feeds directly into chunking, so format handling and chunking strategy have to be designed together: extract structure, preserve it, and attach metadata (source, title, section, access level) to every unit.

Incremental vs. full re-index

Enterprise knowledge changes constantly, so ingestion is not a one-time load — it's a living pipeline. The choice of refresh strategy matters for both freshness and cost:

  • Full re-index — re-process and re-embed everything on a schedule. Simple, but expensive and slow at scale, and it leaves a freshness gap between runs.
  • Incremental / change-data-capture — detect what changed in each source (new, updated, deleted) and re-process only those items, ideally on update triggers. Far cheaper and fresher, at the cost of more sophisticated connectors that track state.

For anything beyond a small static corpus, incremental refresh is the production answer: it keeps answers current without re-embedding millions of unchanged chunks, and it handles deletions — critical for both accuracy and compliance (when a document is removed or a person exercises a deletion right, it must disappear from the index, not linger). This is why Sphere treats ingestion as a designed data-pipeline blueprint — connectors, format handling, permission capture, and update triggers — rather than a one-off import script.

The ingestion layer, done right

Put it together and a production ingestion architecture looks like this: secure connectors reach every system where knowledge lives → content is extracted format-aware, preserving structure → permissions and metadata are captured and attached to every unit → chunks are embedded and indexed → and incremental update triggers keep the whole thing fresh and correct as sources change. Get this layer right and everything downstream — retrieval, citations, security — gets easier. Get it wrong, and the best model in the world is answering from stale, mangled, or improperly-permissioned data.

Frequently asked questions

A production ingestion layer should connect to wherever enterprise knowledge lives — SharePoint, Confluence, Salesforce, SQL databases, S3, SAP, REST/custom APIs, PDFs and Word documents, Slack, and Teams. The value of RAG usually comes from unifying these scattered sources, not from any single one.
By capturing each source's access controls at ingestion time and attaching them to every chunk, so permissions are inherited from the source document. Retrieval then enforces them, ensuring users can only retrieve content they're already allowed to open. Permissions must be designed in at ingestion, not added later.
Format-aware extraction: native-text PDFs parse cleanly, scanned PDFs need OCR, and complex layouts need layout-aware extraction to keep tables and columns intact. Office docs need structure-aware parsing, HTML needs boilerplate stripped, and structured data (SQL, spreadsheets) must be rendered into text with its schema context preserved.
Incremental (change-data-capture) refresh is the production answer for anything beyond a small static corpus: it re-processes only what changed — on update triggers — keeping answers fresh, handling deletions, and avoiding the cost of re-embedding millions of unchanged chunks. Full re-index is simpler but expensive and leaves freshness gaps.
Because it's where permissions, formats, source diversity, and freshness all collide. The demo works on clean uploaded files; production has to pull permissioned content from many messy systems and keep it current. Most stalled RAG projects fail in ingestion, not in the model or vector store.

Worried your data isn't RAG-ready? Get a RAG Readiness Assessment — we'll map your source systems, permissions, formats, and refresh needs before you build.

Related: the enterprise RAG pillar guide, RAG chunking strategies, and enterprise RAG security and governance.

We'd love to hear from you!

Please provide your contact details, and our team will get back to you promptly.