Introducing Satori’s Posture Management Capability

With the growing volume and complexity of data, ensuring the security and compliance of sensitive information is a critical issue for data-driven organizations. However, it’s not enough to take reactive actions against security threats. Organizations need to adopt proactive data security measures. Therefore, a Data Security Platform should not only provide data security for data currently accessed, but it should also indicate the potential security risks within an organization’s data.

This is why we’ve added Posture Management to the capabilities of our Data Security Platform. We believe Posture Management is a necessary component of data security platforms. A single platform manages the current security risk by tracking the security posture of data and access to data, as well as controlling access to data and security policies. To scan the data stores and get the permissions of users to data we use Universal Data Permissions Scanner (UDPS) which we released as a free open-source tool. UDPS scans all data stores, to answer the question of “who has access to what”. Posture Manager manages the scans on a periodic basis, analyzes the information, and adds analytics, insights and KPIs. 

The ability to provide comprehensive visibility and control over data authorization highlights Satori’s ability to provide proactive data security. Knowing who has access to sensitive data before it is touched ensures that an organization can identify any areas of weakness and shore up any defenses before they are exploited.   

In this blog post, we explore in detail the features and benefits of Satori’s Posture Manager and how it empowers organizations to protect their sensitive data proactively. 

Data-driven organizations collect and use large volumes of data that are often spread across a wide variety of data stores. This makes it difficult to know who has access to what data. The lack of visibility and control over the potential access to data can lead to unauthorized or potential unauthorized access to data and over privileged users. 

Using posture manager, data-driven organizations can analyze sensitive data authorizations and track KPIs to improve data access posture. This also makes compliance audits and forensic investigations easier and more efficient. 

If you have large volumes of data that include sensitive data across multiple databases, warehouses, or lakes then you need to know who has the potential to access any or all of this data. It is difficult to keep track of who has access to what data and this difficulty grows exponentially when data is difficult to locate. The inability to know who has access to what data is a security and compliance risk. 

It is possible for you to build your own alternative, however, especially if you use multiple data stores this process is time and resource intensive. Instead, for more simple requirements you can use Satori’s open-source UDPS with its build vs. buy option. 

Satori’s Posture Manager leverages the power of UDPS to offer a holistic understanding of data access authorization. By scanning all data permissions, Posture Manager provides valuable insights and analytics to help improve data access posture. This comprehensive understanding allows organizations to identify and eliminate the risks of data breaches resulting from over-privileged users before they occur. 

1. Enhanced Data Access Visibility. The Posture Manager provides a centralized view of data access permissions across all data stores within an organization. This visibility enables companies to understand who has access or could have access to what data at any given time, ensuring transparency and accountability.
2. Proactive Risk Mitigation. By gaining real-time insights into data access authorizations, organizations can proactively identify and address potential security vulnerabilities. Posture Manager helps prevent data breaches by allowing companies to take action against over-privileged data access promptly or even before they occur.
3. Compliance Audits. The Posture Manager facilitates compliance audits by offering historical views of authorization permissions over time. This feature streamlines the auditing process, making it easier and more efficient to demonstrate compliance with regulatory requirements.
4. Data Store Discovery. Satori scans and monitors an organization’s cloud accounts to identify and track new data stores. This feature ensures that no “shadow databases” or unauthorized data stores go unnoticed, enabling prompt action to enforce proper access controls.
5. Simplified Data Security and Compliance. Satori’s Data Security Platform, which incorporates Posture Management, enables frictionless, just-in-time access to data. With a self-service data portal, users can select the data they need while adhering to the organization’s guardrails and policies. This streamlined process alleviates the burden on data teams, allowing them to focus on more valuable tasks.

Satori’s Posture Manager provides a wealth of information about the overall security posture of data access, this includes the number of Database Users, Data Assets, Monitored Data Stores, and the percentage of Governed Data Assets.

Once you have the required permissions you can set up the Posture Manager.  

The following example provides a quick and easy three-step process for how to configure a Posture Manager for a Redshift database.

1. Run the SQL statements
2. Enter the user and password generated previously
3. Enable auto-scan

Now you have a Posture Manager for your database. Let’s take a look at all of the information available.

The first step is to scan all of your data. Satori has developed an open-source tool UDPS that scans all of your databases to find the location of your sensitive data.

The following graphs display both the current and previous authorized data assets’ status. This is a good starting point to understand the state of your current data posture. In addition, the graph of the governed assets over time displays how the percentage of governed assets has changed over time.

There are a number of different options to change the views with the ability to filter by database user, location, number of duplicate permissions found, and whether or not the location is secured by a Satori Dataset. 

In this example of the Authorized User Asset Details we included the user, their permission, the data store and data asset they have access to and whether they have any duplicate permissions. 

You also have the ability to drill down even further into the specific permissions and hierarchy per user.

Satori’s Posture Management addresses the complex challenges associated with data security and compliance. By providing comprehensive visibility, proactive risk mitigation, and streamlined access management, Posture Manager empowers organizations to stay ahead of data breaches, maintain regulatory compliance, and optimize operational efficiency. 

The Posture Manager empowers organizations to take a proactive approach to reduce unauthorized access to data, secure sensitive data, ensure compliance with regulations, and improve data democratization. To learn more about Satori book a meeting with one of our experts.