The policy matrix
The policy matrix is your control surface — a single, readable table that governs every AI request. It maps each data class to three settings:
- Minimum trust — the lowest trust tier a destination may be for this kind of data.
- If it can't go there — the fallback action when a destination is below that minimum.
- Internet — the web-access policy for this class.
Fallback actions
| Action | What happens when a destination is below the minimum trust |
|---|---|
| Allow | Send as-is (used when the minimum trust is public-frontier). |
| Redact | Strip the sensitive values, then send. |
| Route | Don't send to this destination; route to an approved one, else block. |
| Block | Never send. |
| Require approval | Hold for an administrator's decision. |
Example default matrix
| Data class | Minimum trust | If it can't go there |
|---|---|---|
| Source code / secrets | — | Block |
| PCI / payment data | Enterprise-managed | Route (or redact) |
| PII / personal data | Enterprise-managed | Route |
| Financial data | Enterprise-managed | Route |
| Strategy / board confidential | Enterprise-managed | Route |
| Public / non-sensitive | Public frontier | Allow |
Some things are always blocked
Regardless of the matrix, raw secrets and prompt-injection attempts are blocked at every tier — no destination is trusted enough. The matrix governs everything else.
You own the dial
The matrix is yours to set, per organization. Loosen a class to allow it on more destinations, or tighten it so it only ever reaches your most trusted model. Whatever you choose:
Every change is auditable
Saving the matrix records a policy change in the audit log, with the old and new values. The people who govern AI are themselves governed.
To configure it, see Administration → policy matrix.