Satori for Amazon Redshift
Streamline data access and boost security for Amazon Redshift
Securing Access to Sensitive Data in Amazon Redshift Within Minutes
Satori helps companies streamline access to data in Amazon Redshift by automating access controls and security. With Satori for Redshift, data teams can implement a wide variety of access controls and enforce security and compliance policies without writing code or changing existing data flows.
Key Benefits
Self-Service & Approval Workflows to Redshift Data
Satori simplifies access control by enabling self-service and approval-based access controls, as well as RBAC and ABAC. Satori does this without adding code, database objects or modifying existing data flows. These capabilities streamline access to data so that more users can access data faster while enforcing compliance and security policies.
Meeting Compliance & Security Requirements for Redshift
Satori seamlessly integrates into your data operations and automatically applies security, compliance, and privacy policies in Redshift. Satori continuously identifies and tags PII and other sensitive data, applies relevant policies, and generates compliance reports.
Codeless Fine-Grained Access Control for Redshift
Satori enforces granular security controls such as row-level security, column-level security, dynamic masking, and ABAC (attribute-based access control). You can apply the access restrictions within minutes, and without writing any codes or adding any database objects. Access controls can be defined in a human-readable UI using an API or with the Terraform provider for Satori.
Capabilities
Simplified Access Control
- Reduce Complexities in Data Access & Roles - Easily apply access control, including fine-grained access control across one or more Redshift accounts.
- Universal Data Masking - Implement masking, anonymization, and data redaction profiles to known and unknown locations of sensitive data, including semi-structured data.
- Happy Data Engineers - Impose security policies without wasting precious data engineering resources.
- Users Directory - Organize your Redshift users by access groups and scale RBAC implementation without writing code or polluting your Redshift account.
Continuous Data Discovery & Classification
- Continuous Data Classification - Out-of-the-box, real-time classification and tagging of structured and semi-structured sensitive data.
- Data Inventory - Autonomous data inventory with continuous classification.
- Custom Classification - Add new classifiers based on your specific business needs.
Decentralized Data Access Workflows
- Distributed Stewardship - Delegate data access management and assign business owners to datasets.
- Approval & Self-Service Workflows - Just-in-time, secure, and compliant data access with automated workflows.
Data Auditing & Monitoring
- Data Access Audit - Complete data access audits with identity and data context including built-in reports for compliance and security.
- Aggregated Auditing - Investigate access and query logs from all Redshift accounts, as well as data from other data platforms, in one place.
How It Works
“The moment you make the secure way slightly more complicated or slower, people will go the non-secure way. You need to make secure data the fastest way of getting things done and that’s what we do with Satori.”
Dr. Diederik Van Liere
VP Data Science and Engineering, Wealthsimple
“We have built a custom ACL (Access-Control List) engine with Satori, that maps to the organizational hierarchy of our customers That’s what makes our healthcare data platform so specialized for this market. You can easily take that hierarchy and put ACL structures in place to say, as you go higher up in the structure, you get broader access, but you can still limit the access for each level: that’s where data masking, data access policies, and data auditing capabilities of Satori are extremely important.”
Arun Buduri
VP of Engineering, IT and CISO, Innovaccer
“We have all of the data regimes that require the controls that must be implemented for GDPR or region-specific requirements like those for Australia, Brazil, or the US.”
“Being able to have an effective line of sight on which data resides where, how internal stakeholders are consuming that data, and what they need to be successful within their role without increasing the risk of data breach or exposure for their organization – that’s the “why” for DataSecOps and Satori.”
Chaim Mazal
SVP of Technology and CISO, Kandji
Have Any Questions?
Yes. Satori does not abstract your data or modify your interface or protocol for accessing data.
