# Privileges Catalog privileges offer a system for managing authentication and access across catalog, database, table, and column levels. Privilege is a set of rules or policies used to ensure only the intended users have permission to access data. {% hint style="info" %} Upon creating a catalog, access is initially restricted by default, employing the **Deny All** privileges for all users. This approach aligns with governance and security protocols, guaranteeing that essential access is meticulously granted. {% endhint %} {% hint style="info" %} For a user to be able to access, add, update and modify catalog privileges, The [DataAdmin role](https://docs.e6data.com/product-documentation/~/revisions/W5MExJCuvHiG1ioEcgOy/access-control/roles) must be assigned, ***including SuperAdmins.*** For a user to be able to access query editor, The [DataAnalyst role](https://docs.e6data.com/product-documentation/~/revisions/W5MExJCuvHiG1ioEcgOy/access-control/roles) must be assigned, ***including SuperAdmins.*** ***Please be sure to use it cautiously, as it provides access to*** [***read potentially sensitive data***](https://docs.e6data.com/product-documentation/~/revisions/W5MExJCuvHiG1ioEcgOy/faqs/security#what-data-other-data-moves-outside-the-data-plane)***.*** {% endhint %} e6data offers three types of privileges that can be applied to data objects: 1. [Access Control](https://docs.e6data.com/product-documentation/~/revisions/W5MExJCuvHiG1ioEcgOy/catalogs/privileges/access-control) 2. [Column Masking](https://docs.e6data.com/product-documentation/~/revisions/W5MExJCuvHiG1ioEcgOy/catalogs/privileges/column-masking) 3. [Row Filter](https://docs.e6data.com/product-documentation/~/revisions/W5MExJCuvHiG1ioEcgOy/catalogs/privileges/row-filter) {% embed url="" %}