Fine-Grained Access Control

Satori’s security policies are decoupled from the data infrastructure and can be applied universally across all data stores. These capabilities include fine-grained access policies which enable you to meet specific security and compliance requirements in a straightforward manner.

Dynamic Data Masking

Dynamic data masking anonymizes your data as it is being queried and tailors the data visualization according to the identity of the user requesting the data. This means that a certain user may view the data redacted while another views it in clear text according to their roles and permissions. Dynamic masking is used to maintain privacy and security while allowing for quick data access and harnessing value from data. Satori’s dynamic masking works across all of your data stores and does not require any prior configuration of data locations. Dynamic masking is configured by data owners without the need for data engineering.

Blog:

Dynamic Masking with Satori

Guide:

Eight techniques for data masking

Row-Level Security

Often, users should only be able to access partial data from data tables, according to specific conditions. For example, each user should only be able to view customer data for their region.

Satori’s row-level security works across all of your data stores and is easy to configure without writing any code. It supports a multitude of row-level security and entitlement scenarios to ensure access control is easily applied.

Blog:

Row-Level security with Satori

Guide:

Row-Level Security

ABAC: Attribute-Based Access Control

Attribute-based access control or policy-based access control allows you to set specific access policies. These granular policies can check properties like the client tools being used, the volume of requests, and more.

Satori allows data owners to implement ABAC regardless of the data store technology and its native capabilities. It allows data owners the ability to apply security policies such as restricting access to sensitive data from certain locations or locking in users to specific BI tools.