Today, we are announcing Satori’s Compliance and Security Kit, which enables companies to identify users who access data in a non-compliant manner, automatically discover data security violations, and implement new remediative controls without disrupting global data teams’ day-to-day work.
The new capability will equip enterprises with predefined dashboards and reports that will allow them to easily identify data export attempts, malicious access to individual user records and new PII locations. This means you will be able to:
- Monitor your data access for insider threats, such as departing employees who carry out large DB export transactions
- Rouge employees who access individual subject records in an unethical manner
- Monitor compliance violations, such as new instances of sensitive information in unknown locations, and mapping of all access to PII, PHI and PCI data
Compliance and security requires companies to govern access to their sensitive data. However, when data is spread across multiple locations and data platforms are accessed by distributed analytics and data science teams, ensuring compliance and security becomes a complicated challenge.
To mitigate the associated risk, companies are building layers of DB views, roles hierarchies and redundant versions of the same data sets per use case. This creates additional complexity for data engineering teams and results in costly data operations, which adds even more risk and limits data teams’ speed. The new compliance and security kit helps companies reduce that risk and allows data teams to streamline and increase operations velocity.
This capability is now available for anyone using Satori.
How Does It Work?
Satori functions as a layer between your data consumers and data stores. It inspects every transaction; classifies the data-in-motion; adds identity context through IDP solutions or data store users, groups and roles configurations; and provides centralized analytics, audit, inventory and granular access control policies for all cloud data stores. Once you add Satori to an existing environment, it records all transactions, including the data location, data type, user, role and tool. Starting today, Satori will also feature out-of-the-box Security and Compliance views.
What Views are Available Out of the Box?
- Data access of individual user - Identify insiders looking for a specific individual record
- Data modifications - all DML queries
- Data export - all DML COPY queries
- Sensitive data access from BI tools - All access of BI tools to all instances of sensitive data based on Satori’s tagging
- New PII detected - all PII instances in the data inventory discovered in the last week
- PCI data access - All recent access to PCI across all data stores
- PHI data access - All recent access to PHI across all data stores
- PII data access - All recent access to PII across all data stores
How to Get Started?
Getting started with the new kit is straightforward. Log in to the Satori management console and navigate to the Views section on the left navigation menu.
Here, you can filter by view category or browse through the existing categories. We are now providing Security and Compliance categories, and you can also add new custom categories of your own.
Each view falls into one of three types: Analytics, Audit or Inventory. When you click on a view, you’ll be navigated to the relevant screen with a predefined list of filters, which will be a specific combination of: time, data tags, data category, number of records, tool type, etc.
You can modify the view filters and save them as a new view. Note that views can be either private or public, so they can be shared with other stakeholders. Just make sure to turn on the “shared” toggle.
Our goal is to keep simplifying data governance tasks for data teams. Therefore, we are investing in additional capabilities that streamline daily data operations. Our next plan is to help enterprises organize data access context around identities management, which in many cases is absent from IDP implementations, and data store users, groups and roles configuration. Stay tuned.