Architecture, Governance, and Controls
Deployment Architecture: Managed vs. Self-Hosted
-
In managed environments, Sisense offers a provisioned and secured LLM and Vector DB with an option for BYO-LLM.
-
In self-hosted environments, the customer must supply and manage both the LLM and Vector DB, ensuring full sovereignty.
Security-First Architecture
Sisense’s Security-First architecture is designed to ensure enterprise-grade protection and data isolation:
-
Single-tenant AWS VPC with MongoDB Atlas DB isolation
-
TLS 1.2+ encryption in transit, AES-256 at rest
-
Role-based access controls with SSO & 2FA
-
Private Access for secure connectivity to AWS resources
Governance & Controls
-
Opt-In Required: All Generative AI features are disabled until enabled by an admin. Sisense Intelligence features that run locally are disabled by default.
-
Access Control: See a feature-level control matrix below.
|
Feature |
System Level |
Data Model Level |
Dashboard Level |
Widget Level |
|
Explanations |
✅ |
- |
- |
- |
|
Forecast |
✅ |
- |
- |
✅ |
|
Trend |
✅ |
- |
- |
✅ |
|
Exploration Paths |
✅ |
- |
✅ |
- |
|
Simply Ask (Legacy NLQ) |
✅ |
✅ |
✅ |
- |
|
Assistant |
✅ |
Coming soon 2025.4 |
✅ |
- |
|
Narrative |
✅ |
- |
- |
✅ |
|
Semantic Enrichment |
✅ |
- |
- |
- |