Latttice How To Guide
  • Introduction
  • What is Latttice?
  • New? Start Here
  • How To Guides
    • Getting Started
    • Latttice CoPilot
    • Latttice Explorer
    • Latttice Pin Board
      • Editing Data Products via the Pin Board
    • Latttice Governance
    • Latttice Convo
      • Fusing Data Products in Latttice Convo
    • Latttice Connect
    • Untitled
    • The Glossary
    • FAQs
  • Account Information
    • Account Overview
  • Pricing and Plans
  • Account Management
  • Data Security and Ownership
  • Bug Reports or New Feature
  • Legals
    • General Terms of Service
    • Software as a Service (SaaS) Agreement
    • Privacy Policy
    • Acceptable Use Policy (AUP)
Powered by GitBook
On this page
  1. How To Guides

Latttice Governance

Latttice employs four layers of computational data governance—Data Sensitivity, RBAC, ABAC, and FGA—to provide secure, compliant, and fine-grained control over your data products

PreviousEditing Data Products via the Pin BoardNextLatttice Convo

Last updated 4 months ago

Why Governance Matters

Effective governance ensures your data remains secure, accessible, and compliant. With Latttice, data product owners are empowered to control who accesses data, how it is used, and ensure sensitive information is protected.

Governance in Latttice is seamlessly integrated into every step of the data product lifecycle, providing confidence and flexibility without adding complexity. This comprehensive approach enables you to meet regulatory requirements, foster trust in your data, and ensure that data products remain valuable and actionable across your organization.

The four layers of security Latttice deploys are:

  1. Data Sensitivity

Latttice allows you to classify your data based on its sensitivity, ensuring that personal, confidential, or restricted information is identified and protected. This layer helps you comply with privacy regulations like GDPR, HIPAA, or CCPA by applying specific access and usage restrictions to sensitive fields, such as names, addresses, or financial data. Latttice utilizes the industry classification for data which is public, internal only, confidential, and restricted. Users are also categorized into these classifications to ensure they are mapped to the correct level of sensitivity.

  1. Role-Based Access Control (RBAC)

Latttice employs it's own roles based on the permissions required to operate within the Latttice platform. Within organizations that employ identify management capabilities such as Okta or Microsoft Active Directory, Latttice can integrate to those systems to ensure RBAC policies are inherited. Please note, that due to the varied natured in which organizations deploy these capabilities, this functionality is not available out of the the box. Either our service professionals or a Latttice Partner can assist with set up.

  1. Attribute-Based Access Control (ABAC)

ABAC provides more granular control by applying permissions based on specific attributes at the element level. A library of ABAC rules are available to cover scenarios for data quality, data privacy, data governance, data enrichment, and data transformation. Latttice also provides a AI agent which will analyze your data product and provide suggestions for data quality and data privacy treatments that could be applied.

  1. Fine-Grained Access (FGA)

FGA allows for the most precise level of control, managing access to data at both the row and column level. For example, a salesperson might only see customer records for their assigned region (row-level control), while certain columns, like social security numbers, remain hidden for everyone but compliance officers. This ensures users see only the data relevant to their tasks, enhancing both security and usability. The benefit of these rules is the ability to create one data product that can be then used for many audiences, reducing the number of data products that need to be managed.

Applying ABAC rule to Data Products