I previously spoke and wrote about the importance of agile data governance. Taking a more agile approach is crucial for organizations adopting modern data infrastructure with cloud data stores like Snowflake, Amazon Redshift and others, where data is constantly changed and accessed by a lot of users across the organization.
In this article, I will show how Satori helps do just that.
What is Agile Data Governance
Agile data governance is an all-encompassing term referring to organizational policies and procedures that govern data management. Data governance guarantees that data is safe and secure. Additionally, it also ensures that the data is protected, reliable, documented, controlled, and evaluated.
Since data is a critical business asset, it is necessary to ensure that it is useful, available, and secure. Data governance has five main principles: accountability, normative laws and regulations, administration of data, data quality standards, and transparency. Read more about data governance here.
Agile data governance describes the systems and processes that allow for data to be held securely in the presence of continuous sensitive data discovery, integration with existing data governance tools, and streamlining access to sensitive data to create security policies that are independent of the specific data infrastructure.
We outline how an agile data governance framework operates below.
No Disruption When Adding More Data
If sensitive data is spread across a variety of databases, lakes, and warehouses an agile data governance framework is one that is adaptable. Especially if there is sensitive data moving across and between these different locations, it was important for us to make sure that adding additional data limits disruptions to the business. This is true for new data objects (such as tables, views, schemas or databases), as well as new database clusters or cloud data accounts.
Applying Security Policies Immediately On New Data
In Satori, since you can create security policies for specific data types (such as PII), on the basis of identities, security policies can automatically be applied to new data. For example, a security policy that applies dynamic data masking on PII and PHI can be applied on new data as it’s being accessed. In this way, Satori enables organizations to immediately find and secure continuously updated sensitive data, so that the sensitive data is not exposed.
Seamless Addition of New Data Stores
We understand that sometimes data is stored across different data stores. Therefore, we simplified and streamlined the process of adding new data stores, reducing the time and distruptions to the business.The addition of new data stores is lightweight, and requires only a hostname change.
Satori does not modify your data layer, or require any changes to the way you’re writing queries. This allows easy onboarding of additional data to Satori, whether they’re databases, data warehouses or data lakes.
Continuously Discover Sensitive Data
We recognize that sensitive data exists in many forms and may be scattered across many locations. Often in modern data stores sensitive data is often intertwined with non-sensitive data, and changes frequently. In these cases, it can be difficult to first locate and then secure this sensitive data. Satori simplifies this process, reducing the reliance on data engineering teams who are already overburdened, by continuously finding and then classifying sensitive data. This process not only frees up the data engineering team to work on their projects, but also ensures that sensitive data is secure.
Audit & Monitoring You Can Actually Use
In today’s world it is important to ensure that compliance is up-to-date and there is a comprehensive auditing and monitoring process in place to guarantee compliance with regulations. Logging data access can be a “check in the box”, but data access is precious for many reasons – operational efficiency, security, and compliance.
With Satori all your data access logs are located in one place. More importantly, you’re getting a wealth of additional information, such as attribution to the real user accessing the data, types of data being accessed, geolocations, and more. This ensures that compliance and monitoring are up-to-date and encompass all of the organization’s data.
Enabling Controlled Data Access At Scale
At Satori we want to allow data engineering teams to work on projects that they enjoy and enhance decision-making to maximize business profits. To help free up the burden of access control on the data engineering team, Satori enables the distribution of data access control to the different data owners and stewards. In this case, the data engineering team does not have to grant another data access request. Further, enabling access control is scalable, and as your company grows this process grows with the company without requiring additional coding or creating new controls.
Single Control Pane For All Data Stores
Sometimes it is important to get a “big picture” view of the data on the data platforms and the governance procedures in each platform. Having a broad view of the data can help optimize decision-making and enhance business analysis. Therefore, Satori removes the need to break down data governance requirements to the different data platforms and instead provides a single control pane that includes information for all data stores in one place.