Each week appears to convey information of one other knowledge breach, and it is no shock why: securing delicate knowledge has turn out to be tougher than ever. And it is not simply because firms are coping with orders of magnitude extra knowledge. Information flows and person roles are continuously shifting, and knowledge is saved throughout a number of applied sciences and cloud environments. To not point out, compliance necessities are solely getting stricter and extra elaborate.
The issue is that whereas the information panorama has advanced quickly, the standard methods for securing that knowledge are caught up to now. Gone are the times when knowledge lived in predictable locations, with entry managed by a selected few. As we speak, virtually each division within the enterprise wants to make use of buyer knowledge, and AI adoption means big datasets, and a continuing flux of permissions, use instances, and instruments. Safety groups are struggling to implement efficient methods for securing delicate knowledge, and a brand new crop of instruments, known as knowledge safety platforms, have appeared on the scene up to now few years to deal with the hole.
One in every of these gamers, Satori, claims their knowledge safety platform can “safe all knowledge, from manufacturing to AI”. We needed to research this declare. However first, what does that even imply for safety groups? Let’s break it down into two elements: “safe all knowledge” and “from manufacturing to AI.”
Safe all knowledge
When Satori says it secures all knowledge, it signifies that not like different knowledge safety platforms, Satori focuses on securing each sort of knowledge inside a company, not only a particular subset. Legacy knowledge safety options, together with DSPM (Information Safety Posture Administration) platforms, primarily give attention to securing analytical knowledge — knowledge that’s usually used for enterprise intelligence or reporting.
Nevertheless, Satori extends its safety to cowl operational knowledge, semi-structured knowledge, and different knowledge varieties that different platforms might overlook. This complete method ensures that not solely is your analytical knowledge safe, however all types of knowledge, together with semi-structured, are protected all through their lifecycle.
From Manufacturing to AI
“From manufacturing to AI” refers back to the safety of knowledge throughout the complete pipeline, from its creation and use in manufacturing environments to its software in AI fashions and processes. That is the place many knowledge safety options fall quick. Legacy platforms typically focus totally on securing knowledge in analytical environments like knowledge lakes, warehouses, and lakehouses. However they typically neglect operational or manufacturing knowledge, the place dangers can come up.
For instance, builders or engineers may have non permanent entry to manufacturing databases to deal with points or carry out upkeep. With out correct safeguards, giving them entry can result in over-privileged entry, making them an inside menace. Satori’s method helps mitigate this danger by making certain that entry to delicate manufacturing knowledge is tightly managed, even for non permanent or emergency conditions.
Moreover, legacy knowledge safety options neglect BI instruments, leaving implementation of row-level safety on these instruments to safety groups – not a easy job. Satori, alternatively, helps fine-grained entry management on BI instruments, permitting safety groups to handle entry to them alongside knowledge shops.
So how does it work?
You possibly can’t safe knowledge if you do not know what knowledge you will have and the place it is situated. Satori combines the visibility capabilities provided by DSPMs, that are required by safety groups to safe buyer knowledge. This makes it simple to reply the first knowledge safety questions throughout databases, knowledge warehouses, and knowledge lakes:
- The place are my knowledge property (databases, warehouses, and so forth)?
Satori constantly discovers and displays knowledge property.
- The place is my delicate knowledge?
Satori constantly classifies knowledge and tags it with acceptable knowledge sort tags.
- Who has entry to what knowledge?
Satori analyzes your knowledge retailer configuration to provide you knowledge entry governance and perceive what customers have entry to what knowledge.
- Who has entry to what delicate knowledge?
When mixed with Satori’s steady knowledge discovery and classification, you understand who has entry to a selected database or desk and what kinds of delicate knowledge are used.
- Who’s doing what, with what knowledge?
Satori provides you full Information Exercise Monitoring throughout all of your knowledge shops in a central location. You possibly can simply enrich audit logs by creating personalized entry log reviews for platforms like Splunk, Snowflake, DataDog, or Elastic. That method, you understand precisely what customers have been doing with the information, who permitted these actions, and what safety insurance policies have been utilized.
In Satori, knowledge shops are found robotically by scanning cloud accounts or added instantly within the administration console, by way of API or with Terraform.
Join all your cloud accounts to Satori and obtain notifications for all the new knowledge shops and knowledge property added to them.
As soon as found, knowledge shops are constantly monitored to provide a full stock of the information property they comprise, labeled to the column stage with a broad set of out-of-the-box or customer-built classifiers.
A mapping of the permissions construction is carried out to obviously present which customers have entry to what knowledge property.
Lastly, any dangerous misconfiguration which will degrade their safety posture is detected, with alerts produced for the related groups to remediate. Groups can use Satori’s posture supervisor to get an summary of your group’s database person permissions over time:
Greater than visibility
Most safety groups go about tackling the information safety problem in a sequential course of:
- Map out your knowledge
- Determine who has entry to what knowledge
- Apply controls to cut back danger and meet compliance necessities
The issue with this method is that groups typically get caught in step 1, getting caught in a loop as new knowledge shops and customers are launched. Satori overhauls this course of by introducing automation at each step. Each the work of discovering and classifying knowledge and the enforcement of safety insurance policies occur in actual time, adjusting robotically as new knowledge shops are added.
Satori makes it simple to implement the suitable safety controls at scale, utilizing:
RBAC (role-based entry management) and ABAC (attribute-based entry management)
Satori permits organizations to use RBAC and ABAC universally, even on platforms that should not have such native assist.
You possibly can create masking profiles, which might then be used to create dynamic masking insurance policies.
Momentary knowledge entry
When customers want entry to knowledge, they will get it robotically for a set period of time. This relieves the group of over-privileged knowledge entry, one of many essential root causes of delicate knowledge publicity.
Advantageous-grained entry management throughout a number of knowledge shops
For instance, you’ll be able to apply knowledge masking to your Snowflake cloud knowledge, in addition to your MSSQL and Postgres databases.
Enforcement of approval workflows
In lots of instances, entry to most datasets requires approval from knowledge house owners or knowledge stewards. Satori makes it simple to implement such a course of instantly or by integrating with workflow instruments like Jira, ServiceNow, and even Slack.
Ultimate phrases
Satori does not simply present you the place your knowledge is or who has entry to it — it helps you actively management it, from manufacturing databases to AI fashions. By automating key duties like discovering delicate knowledge, managing permissions, and implementing entry controls, Satori makes defending knowledge less complicated and more practical. For safety groups, it is a solution to transfer past simply mapping knowledge safety dangers and really mitigate them.
To be taught extra about Satori, go to Satori’s web site or schedule a 1:1 demo assembly.
