Today, as part of Snowflake’s global Snowday event, we are excited to announce our participation in Snowflake’s Accelerated Data Governance program. We are giving our joint customers additional capabilities which improve data governance by harnessing the unique capabilities of both platforms, including new features we have created to address specific use-cases.
When we first set out to build Satori, we knew our product would be a platform that allows our customers to do great things by using the product as part of an ecosystem or a technological stack, rather than through centralized mechanisms in Satori. Today, we are still taking this approach when designing and building all of our management capabilities with complete API support and when allowing our customers to use Satori with Terraform. Our central goal remains to find the extra value our customers can get by combining Satori’s abilities with those of our technology partners.
This goal is especially true for our relationship with Snowflake. As the first DataSecOps platform, we feel that we have a holistic view of the importance of security, privacy, and governance in today’s data-driven world. In the last few years, we have seen the same growth and attention placed on DataSecOps from Snowflake. In fact, we even took the time to publish our Snowflake Security: Securing Your Snowflake Data Cloud book (published by Apress).
Better Governance for Snowflake Data Cloud Customers with Satori
Snowflake customers using Satori obtain augmented data governance, improved by the following capabilities:
- Continuous sensitive data discovery that allows you to find out whenever new sensitive data is introduced to your Snowflake data cloud. You can then automatically apply security policies on new sensitive data without needing to pre-configure.
- Data access workflows that simplify access control to data stored in the Snowflake data cloud. This feature includes setting access workflows to allow self-service or approval-based access to data, eliminating the need for data engineers to administer them with manual processes or inflating your Snowflake objects.
- Unified security policies that can be configured in Satori, giving Snowflake customers with multiple accounts (or who use other data platforms in addition to Snowflake) the scalability to accelerate their organizations’ data usage.
New Features to Accelerate Data Governance for Snowflake Users
Today, we are introducing two new data governance capabilities that create additional value for our joint customers. These new capabilities complement some of the newer capabilities that Snowflake has introduced for data governance.
Snowflake Object Tagging Sensitive Data Population
Satori continuously discovers sensitive data as it is being accessed. When doing so, Satori creates a data inventory with all data locations and their corresponding tags. Remember that data can always change. For example, a certain table may have no sensitive data for a year until something changes in the ELT or in the data source and sensitive data gets added.
With our new capability, you can always export the tagged columns from Satori to Snowflake where you can use it immediately.
To gain this ability, all you need to do is:
- Go to Data Inventory in Satori and right-click on the Snowflake account for which you want to export tagging.
- Paste the SQL code that was automatically generated into a Snowflake worksheet (or execute it in any other way).
Alternatively, you can use our REST API to automate this per your requirements (i.e. as a daily job, or when required). This is the specific API call for this functionality.
Better Data Lineage with Snowflake Access History
In Satori’s audit interface, you can view all database transactions, including enriched contextual information such as the exact columns accessed in each query, whether or not they were masked, and their data types.
However, when a user accesses a view, governance teams benefit by understanding the origin of the data pulled by using the view. This means they require the source tables where the data is actually stored. For this purpose, the new ACCESS_HISTORY view introduced by Snowflake earlier this year bridges the gap.
In Satori’s audit interface, we have added the following button, which copies this exact information to your clipboard, allowing you to easily extract it.
Pasting the SQL into your Snowflake web UI, or any other client tool will give you all the metadata about the query, including its base tables from access_history, as well as all metadata from the QUERY_HISTORY view.
What’s Next?
Our partnership with Snowflake is focused on providing Snowflake customers with a DataSecOps platform that helps them streamline access to sensitive data by enabling simple management of access workflows, scaling fine-grained access control, and continuously discovering sensitive data. These capabilities help our joint customers achieve more data-driven business value, more quickly.
At Satori, we are continuously working on creating additional capabilities that will benefit Snowflake customers and allow them to extract value from their data more quickly, more securely, and in a well-governed way. If you would like to stay tuned, subscribe to our blog updates.
If you would like to learn more about Satori for Snowflake, visit this page for additional information. If you would like to schedule a demo, fill out the form below.
