Trust tiers
A trust tier describes how much your organization trusts an AI destination — the model and the environment it runs in. Trust is about where your data goes and who controls it, not "cloud versus local."
The four tiers
| Tier | What it means | Example |
|---|---|---|
| Public frontier | A shared, public AI API outside your control | A public model endpoint |
| Enterprise-managed | A model running in your cloud tenancy under contract | Azure OpenAI or AWS Bedrock with your own keys |
| Customer-managed | A model your organization operates directly | A model in your VPC |
| Private / local | A fully isolated, self-contained model | An on-prem or air-gapped model |
Each destination you connect is assigned a tier by an administrator. ThreatLens then enforces, per data class, the minimum tier a request is allowed to reach.
An enterprise-managed destination — your own Azure OpenAI or AWS Bedrock — is a trusted tier, not a second-class option. Most enterprises send the large majority of their AI traffic to an enterprise-managed model, and reserve hard blocks for the few things that should never leave.
How tiers and classes work together
The policy matrix connects the two:
- Each data class has a minimum trust tier.
- If a request's destination meets or exceeds that tier, it proceeds (with any required redaction).
- If the destination is below that tier, the class's fallback action applies — typically route to an approved destination, or block.
For example: financial data might require enterprise-managed — so it grounds to your Azure OpenAI model but is withheld from a public-frontier one.