Skip to main content

Data Governance

The Data Governance Platform in Saddle Data provides centralized controls to ensure data security, privacy, and compliance across your entire organization. It allows you to define global policies that are automatically enforced at both the design phase (UI) and execution phase (Worker).

Core Pillars

1. Global Data Tags

Data Tags are standardized labels used to identify sensitive information across different data sources. Instead of managing security field-by-field, you define a tag once and apply it to any column in the Data Catalog.

Common tags include:

  • PII (Personally Identifiable Information): Names, SSNs, phone numbers.
  • PHI (Protected Health Information): Medical record numbers, health history.
  • Sensitive: Financial data, internal IDs, proprietary information.

2. Automated Security Policies

Global Policies define exactly how tagged data must be handled. When a policy is active, Saddle Data becomes "security-aware."

  • Auto-Injection: When you add a tagged column to a flow, the required transformation (e.g., HASH or MASK) is automatically added to the pipeline.
  • Managed Locks: Security transformations are "managed," meaning they cannot be deleted or bypassed by a flow editor unless the underlying policy or tag is changed in the Governance Center.
  • Dynamic Sync: If you update a policy (e.g., changing from MASK to HASH), all flows utilizing that tag are automatically updated to reflect the new security requirement.

3. Execution Circuit Breakers

The Governance Circuit Breaker is a fail-safe mechanism built into the Saddle Data Worker. It acts as the final line of defense against data leaks.

  • Runtime Validation: Before any data is loaded into a destination, the Worker validates the pipeline configuration against the active global policies.
  • Prevention of Bypasses: If a flow is manually modified (e.g., via IaC or direct API call) to sync sensitive data without the required transformation, the Circuit Breaker will immediately abort the run and report a security violation event.

Governance Control Center

The Governance Control Center is the centralized UI for compliance officers and administrators to:

  1. Define and Manage Tags: Create custom tags tailored to your organization's needs.
  2. Author Policies: Map tags to specific mandatory transformations.
  3. Review Violations: Monitor the activity feed for any circuit breaker events or blocked syncs.

Workflow

  1. Define Tags: Create tags like PII in the Governance Center.
  2. Set Policies: Create a policy: "Columns tagged PII must be HASHED using SHA-256."
  3. Catalog Tagging: Review your Data Catalog and tag the email column in your production database as PII.
  4. Automatic Protection: Any new flow that includes that email column will now automatically have a HASH transformation applied and locked.

Plan Gating

Plans

The Data Governance Platform, including Global Policies and Circuit Breakers, is an Enterprise+ feature. Basic Data Tagging is available on Enterprise plans.