Satori Data Security Platform helps security and engineering teams streamline data access by automating access controls, security and compliance requirements across their data infrastructure.
Satori eliminates the risk of data breaches due to over privileged user access to customer data. In addition, Satori also helps you meet security and compliance requirements for customer data in days.
Improve security while increasing productivity for both admins and end-users.
1 - Getting Started
The first step is to set up and connect Satori to your data store. A Satori data store represents a database, data warehouse or data lake in your environment and its relevant connection details.
2 - Setup a Data Store
Connecting your data store to Satori is a simple and straightforward task. The first thing that you need to do is select the data store type that you want to connect to Satori.
Two Types of Data Stores are Available
A. Test a Demo Data Store - Used for trying out, or testing a new data store on the Satori Data Security Platform. B. Add your Own Data Store - Satori provides you with the ability to connect to a broad range of data stores repositories
How Does it Work?
Satori leverages a unique method of providing non-intrusive full transparency, visibility and control capabilities for your existing data store infrastructure.
A - Test a Demo Data Store
Try out one of our built-in Demo Data Stores before you add your own data store. This is great for trying out new data store types or to just learn how to use Satori without using your own data store.
- Go to the Data Store view and select the Add Demo Data Store option.
Add the demo data store you want to test drive.
Satori will automatically add the data store to your account.
Now click the “Data Store” breadcrumb to go to the Data Stores View.
See the newly added data store to the management console.
CLICK HERE TO JUMP TO SECTION 3 - CREATE A DATA ACCESS RULE
B - Add your Own Data Store
Satori supports the following data stores as well as others not shown in the screenshot; We continue to add more data stores all the time!
Adding a Data Store to Satori
Perform the following steps to add your first data store to Satori:
- Go to Satori, select the Data Stores view and click the PLUS button.
- Now select the data store of your choice.
- Provide your new data store with a Satori display name.
- Enter the data store's hostname.
- Select the cloud provider.
- Select the region.
- Click the ADD NEW DATA STORE button.
Try to select a region that is located close to where your data store is deployed to reduce latency.
NOTE: For testing purposes, don't worry if your database region doesn't match the regions available in a Satori Test Drive. In production, Satori can be deployed in any cloud and any region.
Granting Data Stores Access to Satori
The following links provide you with the relevant instruction for granting the different types of data stores access to Satori and how to configure various data visualization tools for each data store type:
- AWS Athena - Click Here
- AWS S3 - Click Here
- AWS Redshift - Click Here
- Cockroach DB - Click Here
- Google BigQuery - Click Here
- MongoDB - Click Here
- MariaDB - Click Here
- MySQL - Click Here
- PostgreSQL - Click Here
- SQL Server - Click Here
- Snowflake - Click Here
3 - Create a Data Access Rule
The Access Manager view helps you to keep track of all your access rules. It shows the logical access rule path of a user or a group, as well as the level of access and permissions the user or group has to a specific dataset.
It also provides the access rule expiration date and the revocation date if the rule is not used.
Now go to the Access Managers view
To create a new data access rule click the plus button located in the top left corner of the toolbar. There you can configure the access rule in three simple steps.
Step 1 - Adding a User and Define Privileges
- First, Enter or select a User or Group
- Select the required Access Type
- Set the Time Limit from the available options
- Choose the Access Level
- Finally, configure the revocation of the access rule if it is not used
Step 2 - Selecting the Data
- Now select an existing dataset or create a new dataset.
- If you have created a new dataset, then you must select a data store and a location.
NOTE: Satori automatically creates the dataset with default configurations. To change or update these configuration settings go to the Dataset view.
Step 3 - Protect the Data
Once you have created or selected a dataset either select the Default Security Policy, select a preconfigured security policy or create a new security policy.
To create a new security policy perform the following steps:
- Enter a Security Policy Name
- Select a Masking Profile from the list provided
- Choose the relevant Data Filter and select a location
- Click Save
4 - Get Secure Data Access
The Satori Data Portal is a secure data access cloud app that links all your datasets into a single, unified pane of glass. Satori’s Data Portal gives you full control and access to your data in minutes.
- Go to the Management Console and click the kebab control menu located in the right corner of the application header and select the Data Portal option.
- The Data Portal provides you with all of your available datasets including both your personal datasets as well as datasets that are made available to you.
NOTE: You can request access to read, write or administer datasets in a couple of clicks.
Option A - Connecting the Demo Data Store
If you are using a demo data store you need to get credentials from the data portal so that you can configure your data visualization tool.
For Connecting MySQL, PostgreSQL and Redshift
Now it's time to copy the hostname, port, username, password from the data portal. Perform the following steps:
Click on the tile and copy the hostname and port if relevant and paste them into your data visualization tool connection settings.
Now click on the Key button on the toolbar to get the temporary data store username and password and paste them into your tool.
Almost there, now enter the following database and SSL configurations for the relevant data store:
A - MySQL
SSL is required
B - PostgreSQL
SSL is required
C - Redshift
SSL is required
D - MongoDB
SSL is required
Use the schema value "health"
NOTE: All credentials that are created for demo data stores are configured as "Ready Only", this means the you can only run a query with "read only" permissions.
For Connecting Snowflake
If you are using a Snowflake demo data store - you need to get credentials from the data store settings.
CLICK HERE TO JUMP TO SECTION 5 - RUNNING A QUERY & VIEW THE RESULTS
Utilizing Different Data Tools with Satori by Data Store Type
To learn how to use different data visualization tools with Satori refer to the Granting Data Stores Access to Satori section above.
NOTE: Each of the data store types provides you with various data visualization tool configuration options.
Option B - Using your Own Data Store
Login to your data store using your new Satori hostname and not the original hostname.
- Go to the data store view and click on the data store name and copy the “Satori Hostname”
- Enter the hostname into the connection settings for your preferred tool.
- When using your own data store - use your original database username and password
OPTIONALLY, you can learn about and then use Satori's Data Store Authentication feature which allows you to provision temporary credentials for data consumers for supported data stores.
5 - Run a Query & View Results
Now it's time to check out the power of Satori, perform a few quick steps to reach nirvana.
- Running a query on your data store.
- Go to the Dashboard in the Satori Management Console.
- Click the Refresh button and view the results in the Dashboard.
- Then, go to the Audit Log and expand the row in the table to view all of the query audit data.
- Then, go to the Data Inventory view and see how Satori displays and classifies your data. s Toggle between the Taxonomy Tree and the Location Tree and view the classifications and data access patterns.