Skip to content

Getting Started with Satori DataSecOps

Welcome to the Satori DataSecOps platform. Satori DataSecOps helps data driven organizations streamline data access by automating access controls, security and compliance across their data infrastructure.

Screenshot

At its core, Satori is a universal data access service that monitors, classifies and controls access to sensitive data, live.

Screenshot

Setting Up Your Data Store Connection

The first step, is to setup and connect Satori to your data store. A data store is a repository for persistently managing and storing data. A data store can contain multiple databases and collections of data in a single location.

Screenshot

Connecting your data store to Satori is a simple and straight forward task. The first thing that you need to do is select the data store type that you want to connect to Satori. Satori supports the following data stores.

Screenshot

Add a Data Store to Satori

Perform the following steps to add your first data store to Satori:

  1. Go to Satori and click the ADD DATA STORE button.
  2. Now select the data store of your choice.
  3. Provide your new data store with a name.
  4. Enter the data stores hostname.
  5. Select the cloud provider.
  6. Select the region. (Ensure to select a region that is located close to where your data store is deployed to reduce latency).
  7. Click the CREATE button.

Test Your Data Store Connection

Now that you have added a data store to Satori, it's now time to test the connection.

To test that Satori and your data store are connected perform the following steps:

  1. Login to your data store.
  2. Run the a query on the data store.
  3. Go to the Audit Log view and ensure that Satori displays your data repository.

Your First Dataset

Now that you have added and tested your data store to the Satori environment, it's time to setup your first dataset. A dataset is a collection of data store objects such as tables or schemas from one or more data stores, that you wish to govern access to as a single unit.

For example, a set of tables in a Snowflake account which contain private customer information such as name, address and purchase history can be represented in Satori as a Customer Data dataset"

Screenshot

Create and Configure the Dataset

To add a dataset to Satori perform the following steps:

  1. To create your first dataset, go to the dataset view and click the ADD button.
  2. Name your dataset and provide a brief description.
  3. Select the relevant locations that you want to add to your dataset, these may include: tables, schemas or databases.
  4. Optionally, assign one or more data stewards to the dataset. (The data stewards job is to provide oversight and governance for the dataset).
  5. Click the SAVE button.

Screenshot

Adding a Group to Satori

Satori provides you with a central location for creating and maintaining your user groups directory for simple data access management.

To create a new user group in Satori perform the following steps:

  1. Go to the User Directory view.
  2. Click the ADD Group button.
  3. Provide a name for your new group.
  4. Enter a description for your new user group.
  5. Enter the new members name
  6. Select the user type from the drop menu list.
  7. Click the Add Member button.

Screenshot

In addition to defining user access permissions to your dataset you can also open the dataset to user access requests and self-service access at the flip of a switch.

Create a New User Access Rule.

User access rules help you govern who has permission to access your dataset. Permissions to access datasets are defined for individual users or groups and can be limited to a predefined time range.

In addition, Satori can automatically revoke permissions if they are unused. This helps organizations avoid excess and unused permissions.

Screenshot

To add a new user access rule to your dataset, perform the following steps:

  1. Click the User Access Rules tab in the dataset view and click the ADD button.
  2. Grant access to an individual or a group by choosing one of the available options from the drop menu list.
  3. Choose the access level permissions from the available drop menu options.
  4. Now define the access expiration timeframe (Expiration dates for access help you to monitor and keep track of who exactly can enter a specific dataset).
  5. Finally, select the Security Policy enforcement method to default policy.

Screenshot

Create a Masking Profile

The Satori masking profile enables you to create reusable masking configuration profiles, add them to a security policy and apply them to multiple datasets.

Masking profiles allow organizations to mask query responses for their users to avoid exposing sensitive information.

To configure a new masking profile, perform the following steps:

  1. Go to the Masking Profile view in Satori.
  2. Select a masking profile template from the template gallery and click the CREATE PROFILE button.
  3. Update the name and description of the masking profile.
  4. Adjust the data transformations to suite your requirements and then SAVE the profile.

Screenshot

Configure a Security Policy and Assign it to a Dataset

The Satori Security Policy is a reusable container that can be configured to contain multiple sets of dynamic masking configurations with their corresponding masking profiles and data filtering configurations.

A Security Policy can be applied to an individual dataset or multiple datasets.

Screenshot

Create your First Security Policy

To create a new security policy, perform the following steps:

  1. Go to the Security Policies view.
  2. Click the plus button to create a new security policy.
  3. Set a name for your security policy and configure a Dynamic Masking rule.
  4. Define which users can view the masked data.
  5. Assign the masking profile you created previously to the new dynamic masking rule.
  6. Create a data filter to restrict the records returned based on the authorization context of the user.
  7. Save the security policy.

Screenshot

Adding you First Security Policy to a Dataset

  1. Go to the Dataset view.
  2. Click the Security Policy tab.
  3. Assign the security policy to a single or multiple datasets.

Screenshot

Ensure that Satori Access to your Dataset.

  1. Click the User Access Rules tab.
  2. Ensure that the "Give Satori access to the Dataset" toggle switch is turned on.

Screenshot

Test the Security Policy on your Data Store

  1. Go to your data store and run a query
  2. View the results table in your data store and varify that the security policy has been correclty implemented on the data.
  3. View the results as can be seen in the data preview example screenshot

Screenshot

Learn More About Satori Data DataSecOps

To learn more about Satori DataSecOps click the Introduction to Satori NEXT button below, or scroll to the top of this page and select the relevant topic that you are interested in learning more about.