Governance: An Architecture for Trust and Control

In enterprise, speed without control is a liability. The Arkham Governance framework is engineered to provide both. It is not a separate, bolted-on feature; it is woven into the fabric of every component to provide the security, visibility, and control needed to manage complex data and AI workflows with confidence.

Our approach is built on three pillars: Resource Organization & Permissions, Operational Monitoring, and Infrastructure Security. Together, they ensure that the right people have the right access to the right resources, with a complete audit trail of all activities. This is how our platform enables you to innovate quickly while giving security and operations teams the peace of mind they require.

The Governed Experience: How Trust Enables Speed

Governance in Arkham is not an obstacle; it's a guardrail that makes it safe to move fast. For a builder, the experience is seamless:

  • Start in a Project: A builder joins a Project, which acts as their centralized, secure workspace for a specific initiative.
  • Permissions are Inherited: They are granted a role (Viewer, Editor, or Owner) at the Project level. This role is automatically inherited by all resources within that project—datasets, pipelines, and models. There is no need to request access to individual assets.
  • Work with Confidence: As they build pipelines or train models, all actions are automatically scoped to their Project and logged in a central audit trail. If a pipeline fails, they are notified automatically. This creates a secure, transparent, and efficient environment to get work done.
  • Purpose-Based Access Control: The foundational element of governance in Arkham is the Project. A Project is a collaborative workspace that groups all resources for a specific business initiative. Access is managed at the Project level and inherited by all resources within it, ensuring that users only have access to the data they need for their specific purpose.
  • Operational Monitoring: Arkham provides granular, real-time visibility into all data and AI jobs through the Pipeline Monitoring service. Every execution is tracked with a unique ID, and detailed logs are securely stored and auditable. This is crucial for debugging, ensuring operational excellence, and providing a complete audit trail.
  • Infrastructure Security: Arkham does not use a shared, multi-tenant environment at the cloud level. Each client is provisioned with their own dedicated AWS account, providing the highest level of resource and data isolation and configured from the ground up with security best practices like VPC isolation and encryption at rest and in transit.

The Arkham Governance framework is comprised of two core components that provide the foundation for secure and auditable work.

  • Projects: The core workspace for organizing resources and managing purpose-based access control.
  • Pipeline Monitoring: Your tool for ensuring operational excellence and auditing all data and AI pipeline executions.

Concept

Description

Project

A secure, collaborative workspace that groups all resources for a specific initiative.

Access Control

Permissions (Viewer, Editor, Owner) that are assigned at the Project level and inherited by all resources.

Audit Log

A complete, immutable record of all actions taken within the platform, such as API calls, data access, and pipeline runs.

Purpose-Based Access

The principle that users are granted access to resources based on the specific, audited business purpose defined by their Project.

Governance in Arkham is not an obstacle; it's a guardrail that makes it safe to move fast. For a builder, the experience is seamless and secure by default.

  • Start in a Project: A builder joins a Project, which acts as their centralized, secure workspace for a specific initiative.
  • Permissions are Inherited: They are granted a role (Viewer, Editor, or Owner) at the Project level. This role is automatically inherited by all resources within that project—datasets, pipelines, and models. There is no need to request access to individual assets.
  • Work with Confidence: As they build pipelines or train models, all actions are automatically scoped to their Project and logged in a central audit trail. If a pipeline fails, they are notified automatically. This creates a secure, transparent, and efficient environment to get work done.
  • Projects: The core workspace for organizing resources and managing permissions.
  • Pipeline Monitoring: Your tool for ensuring operational excellence and auditing pipeline executions.
  • Data Catalog: The central registry where data is classified and access is controlled.
  • TARS: The AI co-pilot that inherits and respects all user permissions defined in the governance model.