Satori Is Launching Self-Service Data Access
“Granting and revoking access to data is such a headache”, a lead data engineer complained. “Why do I even need to be involved? Why can’t data owners be responsible for this process like they are in Google Drive or Dropbox?” Many other frustrated data engineers have expressed a similar sentiment about the lack of streamlined services in this realm. The existence of self-service and just-in-time access provisioning would save data teams a great amount of time, which can then otherwise be used to drive actual value for the company.
We at Satori believe that a crucial part of DataSecOps is giving companies the right tools to deal with data access at scale, so, to combat the aforementioned issues, we set out to build a self-service data access platform with the following concepts in mind:
- It needs to be simple so that data owners can control access to their data without needing constant help from data engineering teams.
- It needs to allow workflows for granting data access, including a self-service, no-friction option.
- It needs to be easy to use without requiring changes in the IdP or involving IT, as these requirements would slow down data access.
Today, we are announcing a new service to enable data driven teams to democratize and streamline data access through secure self-service data access workflows. With this launch, we are automating the entire data access process. These improvements start from the access request which is triggered by an analyst, are followed by review and approval by the data steward, and end with an automatic access revocation when the data is no longer used or needed.
This means you will be able to implement self-service data access workflows, define which users are allowed to access which datasets, and put data access control in the hands of data stewards and owners rather than engineers. All of this is done without changing your existing infrastructure or authentication scheme.
The new Satori Self-Service Data Access capability will reduce a lot of overhead that data engineers perform in lengthy, manual, risky, and difficult-to-manage processes. Instead, data owners will now be able to take control over data access through an easy-to-manage user interface and notifications-based workflow. This capability is now available for anyone using Satori.
Put simply, this capability will reduce the time it takes to manage data access requests in your organization from weeks to minutes:
Getting Started with Self-Service Data Access
Getting started with Satori’s Self-Service Data Access is straightforward.
First, you define a new dataset by navigating to the Datasets section in the left navigation menu. Once inside, click ‘add’ and select the dataset’s locations. A location can be any data store location object such as a table, view, schema, database, or an entire data store. A Satori dataset can include any combination of locations from any data store.
Second, the data engineer defines the data steward(s) for the specific dataset. The steward(s) will then be able to define who can access this dataset, define access and anonymization policies, and approve or reject new access requests from data consumers.
Data stewards’ permissions are limited to the dataset(s) they own, allowing the organization to securely and compliantly distribute data access governance across multiple departments and business units. The organization does all this while maintaining ownership compartmentalization without writing a single line of code.
How to Request Access to a Dataset
So far, we have described the operational benefits of Satori’s Self-Service Data Access control for data engineers and stewards. But what about the data consumer perspective?
With this launch, data analysts and scientists will no longer need to open IT tickets, identify data owners, or provide a request justification and then wait with a pending request status until the tasked data engineer or database administrator becomes available to define the required permissions and database configuration. Satori’s Self-Service Access streamlines data consumers' experiences, as they simply need to request just-in-time access. This request is then reviewed by the appropriate data steward who will decide whether to automatically approve the request for a certain time window, provide indefinite access, or reject the request.
When a data consumer tries to access a dataset without having the proper authorization, Satori will respond with a native database protocol message which will include instructions on how to request access.
Pasting the url in this message into a browser will launch the following webpage, where the data consumer can input their business justification for this access request.
Once the access request has been submitted, the data steward receives a notification to review the new request, decide on the most appropriate permissions and revocation policy, and approve or reject the request at that moment.
If a request is approved, Satori will automatically provide the data consumer with immediate access to the requested dataset.
Gain access to these benefits today and schedule a personal demo of Satori Self-Service Data Access.
Recent blog posts
Posts by Tag
- Data Governance
- Access Control
- Data Protection
- Snowflake Data Warehouse
- AWS Redshift
- data security
- Data Science
- Sensitive Data
- data democratisation
- Snowflake security
- self service access control
- Data Masking
- Human Element
- Least Privileges
- Policy Engine
- RSA ISB
- Row Level Security
- Snowflake Roles
- role hierarchy
- rsa conference
- rsa innovation sandbox
- snowflake stages