Latttice Governance
Latttice employs four layers of computational data governance—Data Sensitivity, RBAC, ABAC, and FGA—to provide secure, compliant, and fine-grained control over your data products
Last updated
Latttice employs four layers of computational data governance—Data Sensitivity, RBAC, ABAC, and FGA—to provide secure, compliant, and fine-grained control over your data products
Last updated
Effective governance ensures your data remains secure, accessible, and compliant. With Latttice, data product owners are empowered to control who accesses data, how it is used, and ensure sensitive information is protected.
Governance in Latttice is seamlessly integrated into every step of the data product lifecycle, providing confidence and flexibility without adding complexity. This comprehensive approach enables you to meet regulatory requirements, foster trust in your data, and ensure that data products remain valuable and actionable across your organization.
The four layers of security Latttice deploys are:
Data Sensitivity
Latttice allows you to classify your data based on its sensitivity, ensuring that personal, confidential, or restricted information is identified and protected. This layer helps you comply with privacy regulations like GDPR, HIPAA, or CCPA by applying specific access and usage restrictions to sensitive fields, such as names, addresses, or financial data. Latttice utilizes the industry classification for data which is public, internal only, confidential, and restricted. Users are also categorized into these classifications to ensure they are mapped to the correct level of sensitivity.
Role-Based Access Control (RBAC)
Latttice employs it's own roles based on the permissions required to operate within the Latttice platform. Within organizations that employ identify management capabilities such as Okta or Microsoft Active Directory, Latttice can integrate to those systems to ensure RBAC policies are inherited. Please note, that due to the varied natured in which organizations deploy these capabilities, this functionality is not available out of the the box. Either our service professionals or a Latttice Partner can assist with set up.
Attribute-Based Access Control (ABAC)
ABAC provides more granular control by applying permissions based on specific attributes at the element level. A library of ABAC rules are available to cover scenarios for data quality, data privacy, data governance, data enrichment, and data transformation. Latttice also provides a AI agent which will analyze your data product and provide suggestions for data quality and data privacy treatments that could be applied.
Fine-Grained Access (FGA)
FGA allows for the most precise level of control, managing access to data at both the row and column level. For example, a salesperson might only see customer records for their assigned region (row-level control), while certain columns, like social security numbers, remain hidden for everyone but compliance officers. This ensures users see only the data relevant to their tasks, enhancing both security and usability. The benefit of these rules is the ability to create one data product that can be then used for many audiences, reducing the number of data products that need to be managed.