# Configuring Data Permissions ## Data Permissioning and Isolation Akkio offers a flexible approach to data access. Data can either be shared at a global (agency-wide) level or isolated per client. This approach respects any data-warehouse-level permissions you might have (e.g., in Snowflake or other databases). #### Global Agency Data * Description: Datasets configured to be accessible to the entire agency. * Access: Any user within the agency (with roles Team Member, Approver, Distributor, or Admin) can see and use these datasets, provided they have at least a Team Member role or higher. * Use Cases: Common reference data or cross-client data that the agency wants to share broadly. #### Client-Specific Data (Data Isolation) * Description: Datasets that are isolated to a specific client’s team. * Access: Only users who are members of that client’s team can see and use these datasets. This allows for strict data isolation, protecting sensitive or proprietary data. * Inherited Permissions: Akkio enforces any underlying database permissions. If Snowflake or another data warehouse is configured to only allow specific users or roles to see certain tables, Akkio respects that setting. ## Best Practices **Least Privilege Principle** Assign the lowest role necessary for a user to perform their job. For instance, if a user only needs to create projects, make them a Team Member rather than a Team Admin. **Client Isolation** * If a client’s data must remain private, ensure only client-specific users and relevant agency team members (who need access) are assigned to that client’s team. **Regularly Audit Roles** * Periodically review users’ roles and client memberships to ensure they still reflect current responsibilities. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.akkio.com/akkio-help-center/getting-started/configuring-data-permissions.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.