Data migration is not fun. I’ve been there, done that, and I did not like it. It requires ensuring many different pieces come together, including making sure that the data quality is not modified and that the data consumers - users or applications - do not experience downgrades. You are busy benchmarking to obtain the expected results as well as seeing that everything is financially satisfactory and no hidden costs cause risks to the project. Then, you must manage security and compliance. When migrating data, it is necessary to ensure at least the same level of security and compliance as in the previous platform. The previous platform may have already had access control, including granular ones such as column-based access control, it probably had compliance reports to satisfy the auditor, and it likely endured some security hardening. You want to make sure that the migration does not introduce new risks or allow data consumers to access sensitive data to which they do not require access (e.g. PII, PHI, financial data, and other sensitive data).
Migrating to Snowflake DBThere are many good reasons for organizations to consider migrating to Snowflake, including its extensive data sharing capabilities, elasticity, scale, and cost of ownership. Still, despite the wide benefits, such a migration project has inherent risks. For this reason, I describe below how using Satori can both relieve some of this burden and mitigate many of the risks and concerns associated with such transitions.
How Can Satori Make Your Snowflake Migration Safe?
Gaining Visibility of Data AccessAges ago, generals sat atop hills to create battle strategies, deciding the course and path of their forces. Nowadays, we use drones and satellites to gain battlefield visibility, but the concept remains the same - when performing complicated operations, visibility is key. Satori allows for analytic visibility that is important in data access, which can help you answer questions, implement your plan, and adapt quickly when necessary. For example, using Satori, you can easily view which roles or users are accessing sensitive information and in which databases or tables.
Getting quick answers about data usage is the key to swiftless migration
Simplifying Access ControlOne area where such a transition can go wrong is when ensuring access control. Since various processes require different technologies, for example with row-based security and column-based security, there is an added challenge which may either slow down the project, make it more expensive, hinder data security, create compliance regressions, or do all of the above. Using Satori simplifies this process, as setting the access control is simple; the controls are data infrastructure agnostic, so the same policies can be applied for different technologies, not just for Snowflake. Moreover, you can begin setting policies based on data types and, in this way avoid delays and complications associated with configuring each database, schema, table and column according to its content. With Satori, you can set a generic policy, such as “Mask all access to PII,” and proceed from this more efficient starting point.
Knowing the Location of Sensitive DataSometimes it is very challenging to make changes to the data infrastructure such as migration to a new service to keep track of sensitive data. More often than not, sensitive data is spread in many more locations than the “customers table.” Satori reduces this uncertainty and ensures that migration is done correctly, without accidentally exposing sensitive data to consumers who do not require such access.
Universally Masking Sensitive DataIn addition to knowing the location of sensitive data, a good way to maintain out-of-the-box data security that you can build more layers on is applying Satori Universal Masking. This feature allows you to set masking profiles and automatically mask all sensitive data retrieved by Snowflake consumers. This aspect can enable users to use data quickly, without setting dataset anonymization or configuring dynamic masking for each specific column, a process which may delay migration.
Quickly setting up profiles for universal masking helps you allow data access more efficiently
Helping with Compliance ConcernsWith Satori you can monitor and maintain complete reports of all access with added context (such as the nature of data, the access methods, and the roles and groups of the consumers) about access to general data as well as to sensitive data. This benefit should help you achieve a smoother migration process to your new data warehouse. For example, you can export a detailed audit of all access to PII, using Satori Universal Audit.
Getting detailed audit for data access to satisfy audit requirements