Today, more and more enterprises are moving to the cloud to reap the benefits of cost-savings and increased flexibility with their data. However, a successful cloud migration is not easy. If organizations simply move their data into the cloud without setting up access control policies, they will not be able to scale access to data at speed post-migration. These digital transformation initiatives often fail because:
1) people can’t access the data they need to do their jobs
2) some people can access data they have no purpose using, exposing the company to potential compliance penalties
To strategically migrate data and avoid these roadblocks, organizations need to invest in a tool that provides modern policy creation and dynamic enforcement at scale. Okera, the Universal Data Authorization company, simplifies, standardizes and automatically enforces universal fine-grained access control policies consistently for all analytics tools, to protect employees, customers, supply chains and partners. With an integration to Collibra, organizations can easily find, access and understand the data in their cloud, while ensuring only the right people can see and access the data.
What is universal data authorization?
Most organizations have personally identifiable information (PII) in their cloud that must be protected and secured. Those in charge of data security and privacy policy, like the CISO and the Head of Compliance will often set global policy around who can access what types of sensitive data, and individual data owners can further decide to restrict access to their data.
But what if a business analyst needs this data to do their job? This is where Okera’s universal data authorization comes in. Collibra provides the data catalog to help search for the data, and Okera provides the dynamic obfuscation (masking, tokenization, etc) so that the analyst will only see the data they are allowed to see.
Collibra and Okera together
Collibra Data Catalog enables a seamless “data shopping” experience where users can easily find, understand and “checkout” with their data. Users can go into Collibra, search for a data set and add that data set to their “data basket” in minutes. However, sometimes users will need to access PII or sensitive data. When this occurs, business analysts will need to request access to the data to see the full data set. The data owner will be notified of the request and can grant access using Collibra, including any applicable privacy policies.
Through Collibra’s integration with Okera, this request process automatically triggers a workflow to assign the analyst to the correct Okera role. The analyst will be notified when their access is granted, receiving information as to how they can access the data, although this access is not limited to the suggested methods. The next time they go to their analytics tool of choice and run their queries, they will only see the columns they are allowed to see, along with any necessary transformations (masking, tokenization, etc) applied. Okera works “behind the scenes” to dynamically enforce policies on top of a single source of truth table, without the analyst ever needing to enter into another platform.
The benefits of universal data authorization
Every organization wants to democratize access to data, but they also want to make sure sensitive data is protected. This is why Collibra and Okera are such ideal partners. Okera integrates seamlessly with Collibra so business users can reap the benefits of Okera’s dynamic policy enforcement capabilities without ever having to leave the Collibra Platform. With universal data authorization, organizations can scale access across the organization. This speeds up time to insight and allows business analysts to do their job effectively, efficiently, and perhaps most importantly, compliantly.