It’s Time to Set your Data Free (and Decouple it from Data Protection)
Enterprise data presents endless means by which companies can achieve success. This means that its value will always exceed its current use-cases and must always be determined with potential future use-cases in mind. There are many paths that lead to further unlocking data’s potential, such as a mission to deliver new value to customers or grow the company, product objectives, or even competitive pressure. However, tapping into these drives will only yield results if relevant organizational parties have access to the data they need.
The easier it is for employees and third parties to access and analyze data, the faster enterprises can grow the value derived from it. This, in large part, explains the rise of data lakes and warehouses. Companies intent on enabling wider access across their workforces are adopting these technological innovations as quickly as vendors can deliver them. Unfortunately, necessary security and privacy constraints ultimately limit the wider access they promise in practice, as the controls, processes and audits involved tend to heavily stall data interactions.
Organizations are constantly balancing the need for data-driven innovation with the security required to keep their assets safe. In data collection lies inherent liability; wise executives understand the weight of that risk and work to mitigate it accordingly. Every organization approaches data protection differently to match their own respective needs. Nonetheless, we can distill them into two broad approaches: (1) bolting security and privacy controls on top of existing systems and (2) embedding security and privacy by design.
As far as popular preference goes, most companies today have a tendency to lean towards the former by using tools they already have and native data store tools. On the surface, this looks like the path of least resistance given the promise of integration into their system’s architecture and operations. This is in total contrast to security and privacy by design, which operates independently from underlying organizational systems and processes and tends to be streamlined and automated.
Unfortunately, the approach taken by most organizations does little to address the inherent contradictions that lie in securing data lakes in dynamic, rapidly changing and business-driven environments. The principles behind building data lakes (pooling data in one place, multiple data pipelines; broad access) work against security and privacy requirements (separating sensitive and non-sensitive data; tight control over access; security and privacy auditing). This often results in access controls that are either too restrictive or too permissive. Moreover, it requires mature and streamlined business workflows that are difficult to achieve.
Modern enterprises are far more likely to succeed in implementing security and privacy by design by working towards a security and privacy layer that is detached from data architecture considerations. This involves bringing in data engineers to build the right system for getting the most value out of the data and focusing security and privacy controls on the following core questions: who is accessing data, what type of data is being accessed and how it is being accessed?
Note that none of these questions rely on how data is stored, what its architecture looks like, or the technology that powers it. They can be answered and controlled on a completely separate plane from the data itself. This is the fundamental piece that enables data-driven innovation without any security hindrances.
Satori provides a data access control plane that is decoupled from data architecture considerations. It keeps data safe without restricting access. With Satori, enterprises can:
Provide access to any table and be confident that personal data is safe
Implement access controls and see who is accessing what data
Apply data reduction at real-time without touching your data scheme
No credentials, agents, configuration or installation required
The right approach to decoupled data protection is the real path of least resistance and maximal efficacy. Decoupling data protection from data itself frees up data teams from the barriers and burdens of addressing security and privacy requirements while ensuring that their activities remain secure and ethical. If we truly want to maximize data’s potential and reach new heights of data innovation, it’s time to set our data free.
Recent blog posts
- How to Control Access to PII in Snowflake with Satori
- Sensitive Data Isn’t The Crown Jewels
- Creating an Okta SSO application for a Satori-protected Snowflake account
- The Principle of Least Privileged Data Access
- The Do’s and Don’ts of Nailing that Developer Interview
- It’s Time to Set your Data Free (and Decouple it from Data Protection)