Securing Access to Sensitive Data in Snowflake Within Minutes
Satori helps companies streamline access to data in Snowflake by automating access controls and security. With Satori for Snowflake, data teams can implement a wide variety of access controls and enforce security and compliance policies without writing code or changing existing data flows.
Key Benefits
Self-Service & Approval Workflows to Snowflake Data
Satori simplifies access control by enabling self-service and approval-based access controls, as well as RBAC and ABAC. Satori does this without adding code, database objects or modifying existing data flows. These capabilities streamline access to data so that more users can access data faster while enforcing compliance and security policies.
Security, Compliance, and Privacy Operations for Snowflake
Satori seamlessly integrates into your data operations and automatically applies security, compliance, and privacy policies in Snowflake. Satori continuously identifies and tags PII and other sensitive data, applies relevant policies, and generates compliance reports.
Codeless Fine-Grained Access Control for Snowflake
Satori enforces granular security controls such as row-level security, column-level security, dynamic masking, and ABAC (attribute-based access control). Apply the access restrictions within minutes without writing additional code or adding any database objects. Define access controls in a human-readable UI using an API or with the Terraform provider for Satori.
Capabilities
Simplified Access Control
- Reduce Complexities in Data Access & Roles - Easily apply access control, including fine-grained access control across one or more Snowflake accounts.
- Universal Data Masking - Implement masking, anonymization, and data redaction profiles to known and unknown locations of sensitive data, including semi-structured data.
- Happy Data Engineers - Impose security policies without wasting precious data engineering resources.
- Users Directory - Organize your Snowflake users by access groups and scale RBAC implementation without writing code or polluting your Snowflake account.
Continuous Data Discovery & Classification
- Continuous Data Classification - Out-of-the-box, real-time classification and tagging of structured and semi-structured sensitive data.
- Data Inventory - Autonomous data inventory with continuous classification.
- Custom Classification - Add new classifiers based on your specific business needs.
Decentralized Data Access Workflows
- Distributed Stewardship - Delegate data access management and assign business owners to datasets.
- Approval & Self-Service Workflows - Just-in-time, secure, and compliant data access with automated workflows.
Data Auditing & Monitoring
- Data Access Audit - Complete data access audits with identity and data context including built-in reports for compliance and security.
- Aggregated Auditing - Investigate access and query logs from all Snowflake accounts, as well as data from other platforms, in one place.
How It Works
“The moment you make the secure way slightly more complicated or slower, people will go the non-secure way. You need to make secure data the fastest way of getting things done and that’s what we do with Satori.”
Dr. Diederik Van Liere
VP Data Science and Engineering, Wealthsimple
“We have built a custom ACL (Access-Control List) engine with Satori, that maps to the organizational hierarchy of our customers That’s what makes our healthcare data platform so specialized for this market. You can easily take that hierarchy and put ACL structures in place to say, as you go higher up in the structure, you get broader access, but you can still limit the access for each level: that’s where data masking, data access policies, and data auditing capabilities of Satori are extremely important.”
Arun Buduri
VP of Engineering, IT and CISO, Innovaccer
“From a consumer perspective, there is a lot of friction. Every time you are looking for something, you have a figure out a whole new workflow for that one request. Even for existing requests, things keep changing. What you used to get, you stop getting it suddenly. Why is it so complicated?”
“I can understand that for 20% of the situations, you have to have tight control to make everyone’s life difficult, but for 80% of the cases, if I am not looking at customer, operation or transaction level of data, why should I not have it?”
Abhishek Breja
VP Data Science, Wells Fargo
“We have all of the data regimes that require the controls that must be implemented for GDPR or region-specific requirements like those for Australia, Brazil, or the US.”
“Being able to have an effective line of sight on which data resides where, how internal stakeholders are consuming that data, and what they need to be successful within their role without increasing the risk of data breach or exposure for their organization – that’s the “why” for DataSecOps and Satori.”
Chaim Mazal
SVP of Technology and CISO, Kandji
Snowflake Security Book
It all started when our CTO and our Chief Scientist were discussing a knowledge gap around security for Snowflake data cloud accounts. They wished there was a book to fill this gap, and lacking one, they decided to write one.
The book was published in October 2021, by Apress, and is sold on APress, O’reilly Library, Target, Amazon (as a physical copy or the Kindle version), as well as other book shops.
Omer Singer
Head of Cyber Security Strategy at Snowflake
“This book is an excellent resource for data engineers tasked with achieving the right balance between security and productivity for their Snowflake environment.”
Anita Lynch
Chief Data Officer at New Relic, Inc.
“Yoav and Ben are helping a lot of organizations with these challenges every day across all sorts of technologies, and now they seek to educate people on Snowflake.”
Have Any Questions?
Yes. Satori does not abstract your data or modify your interface or protocol for accessing data.
