Security Classification
Security classification is the most important component for protecting the organization’s information and managing regulatory compliance. It’s a powerful tool that lets you, with Owner permissions, control which types of models are used in different Spaces, based on the information’s sensitivity.
Guardrails and frameworks
Think of a security class as a workspace with guardrails. As an administrator, you establish the guardrails (the rules). Within this workspace, your employees (Creators) can work with full creative freedom and build assistants, secure in knowing that they can never use models or methods that leave the predetermined security frameworks.
Classification can be done on five different components (models and tools) according to the table below
| Component | Purpose | Considerations |
|---|---|---|
| Language Model | Reasoning & Text | Choose model based on where it runs (Sweden/EU/Global). |
| Embedding | Searchability in files | Max one per security class to avoid data errors. |
| Transcription | Speech to text | Must match the meeting’s confidentiality level. |
| Integrated tools | Standard functions | Blocked if the class is lower than the space. |
| Custom tools (MCP) | Custom connections | Requires manual classification based on the source system’s data. |
Why use security classification?
The purpose is to prevent sensitive information from being handled by the wrong type of models. If you, for example, have a Space for HR matters, you might want to ensure that only models operated within Sweden or the EU are used, and thus block models operated in the USA.