Structify access controls: how do I restrict sensitive fields and set permissions by role/team?
AI Revenue Analytics

Structify access controls: how do I restrict sensitive fields and set permissions by role/team?

8 min read

Quick Answer: Structify gives you granular, enterprise-grade access control so you can lock down sensitive fields (salary, discounts, PII) and expose only what each role or team actually needs. You set permissions at the data source, table, column (field), and even row level—then tie those rules to roles (RevOps, Sales, Finance, Exec) so dashboards and Slack answers respect those boundaries automatically.

Why This Matters

If you’re the one owning data governance, you’re stuck between two bad options: open everything up and risk leaking salary or customer PII—or lock everything down and become a bottleneck for every “quick” question. Structify’s access controls are built so you don’t have to choose. You can let GTM teams answer questions in plain English (including in Slack) while keeping finance-only fields, HR attributes, and sensitive deal details behind clear, auditable permissions.

Key Benefits:

  • Protect sensitive data without slowing teams down: Hide or mask fields like ARR, compensation, personal emails, or health info while still letting users analyze pipeline, ROI, and churn risk.
  • Permissions that match how your org actually works: Grant access by role, team, or function—so Sales sees what they need, Finance sees more, and the data team sees everything.
  • Govern once, reuse everywhere: Set rules once at the semantic layer and have them apply automatically to queries, charts, dashboards, and Slack answers—no manual dashboard-by-dashboard permissions.

Core Concepts & Key Points

ConceptDefinitionWhy it's important
Data Ontology & Semantic LayerStructify’s unified layer where entities (Accounts, Opportunities, Contacts) and fields are defined once, with relationships and business definitions.It’s the control plane for governance—so “ARR” means the same thing across teams and access rules are consistent across tools and dashboards.
Role-Based Access Control (RBAC)Permission model that assigns access rights to roles (e.g., RevOps, AE, CSM, Exec) instead of individual users.Makes it easy to manage at scale—swap someone’s role and their access updates automatically, no hunting through dashboards.
Row- & Column-Level SecurityColumn-level: limit or hide specific fields. Row-level: control which records a user can see (e.g., only their region or team).Lets you expose powerful self-serve analytics while respecting privacy, territory rules, and compliance constraints.

How It Works (Step-by-Step)

Structify’s access controls ride on top of a unified semantic layer. You connect your sources once, define your entities and fields, then apply governance rules so every query and visualization respects your policies—no matter where the data came from.

  1. Connect Sources & Map Your Ontology

    • Connect the systems that matter: Salesforce/HubSpot, Zendesk, Gong/Chorus, ad platforms, data warehouse, plus PDFs, contracts, and web-scraped competitor data.
    • In the semantic layer, define your core entities: Accounts, Opportunities, Contacts, Tickets, Campaigns, etc.
    • Align key metrics and fields: “ARR,” “Pipeline,” “Discount %,” “Net Retention,” “Salary,” “PHI/PII fields,” so everyone uses the same definitions.
    • This gives you one place to apply access rules that propagate across sources and outputs.

  2. Define Roles & Permission Groups

    • Create roles that match how your org actually operates:
      • RevOps / Data: full access across most revenue data, with rights to manage the ontology.
      • Sales (AEs, SDRs): access to their pipeline, accounts, and topline revenue metrics—but not salary, raw PII exports, or sensitive notes.
      • CS / Support: access to accounts and tickets, but maybe not detailed discount or commission data.
      • Finance / Leadership: wider access to financial metrics (margin, bookings, full ARR breakdown).
    • Optionally create more granular groups like “EMEA Sales,” “Enterprise AE,” or “Partner Team” when territory-based row-level rules matter.
    • Assign users to roles via SSO/IdP where possible (Okta, Azure AD), so joining/leaving teams automatically updates access.

  3. Set Access Controls at Source, Field, and Row Level

    You control three main layers of access:

    • Source-Level Access (Which systems they see)

      • Decide which tools each role can tap:
        • Sales might see CRM + call logs + marketing campaigns.
        • CS might see CRM + support tickets + NPS survey data.
        • Finance might see everything plus cost data from your warehouse.
      • If a role doesn’t have access to a source, Structify simply never exposes fields or metrics derived from it.

    • Field / Column-Level Permissions (Which fields they see)

      • Mark sensitive columns in the semantic layer:
        • Compensation details (OTE, salary, bonus).
        • PII fields (personal email, phone, address, health details).
        • Internal-only flags (risk scores, internal notes, negotiation strategies).
        • Highly sensitive revenue fields (discount % by rep, margin, internal cost).
      • For each sensitive field, choose for each role:
        • Full access: can query and visualize.
        • Masked access: can see derived aggregates but not raw values (e.g., only ranges or high-level summaries).
        • No access: field is invisible; doesn’t appear in schema, queries, or UI.
      • Because this lives in the semantic layer, the rules apply everywhere: dashboards, exports, Slack answers, and ad-hoc questions.

    • Row-Level Permissions (Which records they see)

      • Define rules that map to your structure:
        • “AEs see only their own accounts/opportunities.”
        • “Regional leaders see all accounts in their region.”
        • “CSMs see accounts where they’re the assigned owner.”
        • “Only finance sees customers flagged as ‘at-risk for non-payment’.”
      • Use attributes from your CRM or warehouse (owner_id, region, segment) as the filters.
      • Structify enforces these rules automatically, so when an AE asks in Slack, “Show me my Q4 pipeline by stage,” they only see their own book of business—even if the underlying table has global data.

  4. Apply Governance to Queries, Dashboards, and Slack

    Once roles and rules are in place, Structify becomes “safe by default”:

    • Plain-English questions: When someone asks, “What’s our average discount for enterprise deals?” Structify:
      • Uses the semantic layer definition of “enterprise” and “discount.”
      • Filters rows they’re allowed to see.
      • Removes or masks columns they’re not allowed to access.
    • Dashboards and charts: You can build a single “Global Pipeline Health” dashboard, and:
      • Execs see everything.
      • Regional leaders see only their region.
      • Individual reps see only their accounts.
    • Exports and embeds: CSV/Excel exports, embeds, and shared links respect the same access controls—no “export everything” back door.

  5. Audit, Evolve, and Scale Safely

    • As your stack changes (new fields in Salesforce, new cost centers in your warehouse, new web-scraped competitor data):
      • Update definitions once in the semantic layer.
      • Review new fields and mark them as sensitive or not.
    • Use audit logs (where enabled) to see:
      • Who accessed what data.
      • Which roles queried sensitive metrics.
      • Changes to roles, permissions, or semantic definitions.
    • This keeps you compliant as policies evolve, without redoing dashboard permissions every quarter.

Common Mistakes to Avoid

  • Letting dashboards bypass governance:

    • Mistake: Building one-off dashboards with their own filters and sharing logic that doesn’t align with central rules.
    • Avoid it: Always rely on Structify’s role-based access and semantic layer. Build dashboards on governed entities and fields so you don’t have to remember custom rules per report.

  • Tagging sensitive fields only at the warehouse level:

    • Mistake: Assuming that column masking in the warehouse is enough, while unstructured inputs (PDFs, contracts, notes) stay unmanaged.
    • Avoid it: When Structify turns documents and web pages into structured data, classify and permission those extracted fields (e.g., “contract value,” “renewal terms,” “PHI”) inside the semantic layer as well.

  • Over-permissioning ‘power users’:

    • Mistake: Giving RevOps or marketing “god mode” by default because they ask for more access.
    • Avoid it: Create a clearly defined “Data Admin” or “RevOps Admin” role with explicit responsibilities and keep other power users in roles that match what they legitimately need.

Real-World Example

You’re the RevOps lead at a B2B SaaS company. Leadership wants every AE to self-serve answers like “Which of my deals are stuck in stage 3 the longest?” without exposing full discount schedules, competitor battlecards, or customer PII.

Here’s how you set it up in Structify:

  • Connect Salesforce, Zendesk, Gong, and your warehouse that holds cost data.
  • In the semantic layer, you define:
    • Entities: Accounts, Opportunities, Contacts, Tickets, Calls.
    • Key metrics: ARR, ACV, Discount %, Time in Stage, Support Volume, Win Rate.
    • Mark Discount %, Internal Margin, and PII fields (personal email, phone) as sensitive.
  • Create roles:
    • AE: account + opportunity access filtered to records where they’re the owner; no access to Internal Margin, masked access to Discount %.
    • Sales Manager: all opps for their team; full access to Discount %, no access to Internal Margin.
    • Finance: full access to all revenue and cost metrics, all regions.
  • Define row-level rules:
    • AEs: owner_id = current_user.
    • Managers: owner_id in their team list.
    • Finance: no row restrictions on revenue tables.
  • Now when:
    • An AE asks in Slack, “Which channels generate the most pipeline for my accounts?” Structify joins CRM with ad data, applies AE row filters, hides margin, and returns a clean chart.
    • Finance asks, “What’s gross margin by segment for Q3?” Structify uses the same entities but applies finance-level access to include cost data the AE never sees.

No new dashboards, no special-case filters, and no risk that someone drags “Internal Margin” into an export they shouldn’t have.

Pro Tip: When you onboard a new sensitive field (like “Salary Band” or “PHI Flag”), add it to the semantic layer and set its default access to “No Access” for all roles. Then explicitly grant access only to the roles that truly need it (HR, Finance, or Compliance) so you never accidentally expose it in a new dashboard.

Summary

Structify’s access controls are built so you can say “yes” to self-serve analytics without losing control of sensitive data. By anchoring permissions in a unified semantic layer—where entities, metrics, and definitions live—you set roles, lock down fields, and apply row-level rules once, then reuse that governance across every question, chart, dashboard, and Slack answer. No SQL, no custom dashboard permissions, and no guessing whether a report is safe to share with the CRO.

Next Step

Get Started

Back to AI Revenue Analytics

Keep Reading

More from AI Revenue Analytics

Structify API: how do I create a dataset schema, run a document processing job, and pull results programmatically?

Read more

Structify Enterprise: how do I run a SOC 2/HIPAA security review and set up SSO/RBAC?

Read more

How do I build a dashboard in Structify for spend → pipeline → closed-won and share it with leadership?

Read more