Systems and methods are disclosed for data protection in a cluster of data processing accelerators (DPAs) using a policy that partitions the DPAs into one or more group of DPAs in the cluster. A host device instructs the DPAs to organize themselves into non-overlapping groups according to a policy for each DPA in the cluster. The policy indicates, for each DPA, one or more other DPAs the DPA is to establish a communication link with, to implement the grouping. Once grouped, the host device and a DPA can access all resources of the DPA. DPAs in the same group as a first DPA can access non-secure resources, but not secure resources, of the first DPA. DPAs in a different group from the first DPA cannot access any resources of the first DPA. A scheduler in the host device can allocate processing tasks to any group in the cluster.