Last month, as part of Snowflake’s global Snowday event, Snowflake introduced a series of game-changing capabilities on its native data governance solution, Snowflake Horizon. Today, Satori is excited to announce our participation in Snowflake’s Horizon Partner Ecosystem. With our pre-built integration with the Snowflake Data Cloud, we’re giving our joint customers additional capabilities that utilize the power of both platforms to significantly improve data governance. When we first set out to build Satori, we knew our product would be a platform that allows our customers to do great things as part of an ecosystem or technology stack, rather than through centralized mechanisms in Satori. Four years later, we still follow this approach, such as when we’re designing and building all of our management capabilities with complete API support, or when we allow our customers to use Satori with Terraform. Our central goal remains to find the enormous value our customers get from combining Satori’s abilities with those of our technology partners. This goal is especially true for our relationship with Snowflake. As a Data Security Platform, we have a holistic view of the importance of security, privacy, and governance in today’s data-driven world. In the last few years, we have seen the same growth and attention placed on data security from Snowflake. We’ve always been loud with our public displays of affection for Snowflake, not least with the book we published in 2021: Snowflake Security: Securing Your Snowflake Data Cloud (published by Apress).
Better Governance for Snowflake Data Cloud Customers with Satori
Snowflake customers using Satori can improve their data governance function with the following capabilities:
- Continuous sensitive data discovery that allows you to find out whenever new sensitive data is introduced to your Snowflake Data Cloud. You can then automatically apply security policies on new sensitive data without needing to pre-configure.
- Data access workflows that simplify access control to data stored in the Snowflake Data Cloud. This feature includes setting access workflows to allow self-service or approval-based access to data, eliminating the need for data engineers to administer them with manual processes or inflating your Snowflake objects.
- Unified security policies that can be configured in Satori, giving Snowflake customers with multiple accounts (or who use other data platforms in addition to Snowflake) the scalability to accelerate their organizations’ data usage.
New Features to Accelerate Data Governance for Snowflake Users
In developing our integration, we introduced two new data governance capabilities to create additional value for our joint customers. These new capabilities complement some of the newer capabilities that Snowflake has introduced for data governance.
Snowflake Object Tagging Sensitive Data Population
Satori continuously discovers sensitive data as it is being accessed. When doing so, Satori creates a data inventory with all data locations and their corresponding tags. Remember that data can always change. For example, a certain table may have no sensitive data for a year until something changes in the ELT or in the data source and sensitive data gets added. With our new capability, you can always export the tagged columns from Satori to Snowflake, where you can use it immediately. To gain this ability, all you need to do is:
- Go to Data Inventory in Satori and right-click on the Snowflake account for which you want to export tagging.
- Paste the SQL code that was automatically generated into a Snowflake worksheet (or execute it in any other way).
Alternatively, you can use our REST API to automate this per your requirements (i.e. as a daily job, or when required). This is the specific API call for this functionality.
Better Data Lineage with Snowflake Access History
In Satori’s audit interface, you can view all database transactions, including enriched contextual information such as the exact columns accessed in each query, whether or not they were masked, and their data types. However, when a user accesses a view, governance teams benefit by understanding the origin of the data pulled by using the view. This means they require the source tables where the data is actually stored. For this purpose, Snowflake’s ACCESS_HISTORY view bridges the gap. In Satori’s audit interface, we have added the following button, which copies this exact information to your clipboard, allowing you to easily extract it. Pasting the SQL into your Snowflake web UI, or any other client tool will give you all the metadata about the query, including its base tables from access_history, as well as all metadata from the QUERY_HISTORY view.
What's Next?
Our partnership with Snowflake is focused on providing Snowflake customers with a Data Security Platform that helps them streamline access to sensitive data by enabling simple management of access workflows, scaling fine-grained access control, and continuously discovering sensitive data. These capabilities help our joint customers achieve more data-driven business value, more quickly. At Satori, we are continuously working on creating additional capabilities that will benefit Snowflake customers and allow them to extract value from their data more quickly, more securely, and in a well-governed way. To see if Satori would be a good fit for your data governance in Snowflake, read more about Satori for Snowflake or book an exploratory demo with a member of our team.