You’ve connected a business intelligence (BI) tool to a cloud-based warehouse and completed your first analytics project
Perhaps you have identified a new market opportunity or a way to save money. The company wants more now that you’ve achieved your first analytics success. But your BI users have multiplied across the enterprise, wanting to connect to the data warehouse and run analytics from the convenience of a web browser. You realized that answers to the new questions will require access to sensitive data, such as the customer’s address, age, demographics, and other personally identifiable information (PII).
As a BI or data warehouse administrator, you would typically have two choices in this situation:
– Create accounts on the cloud data warehouse for each individual user.
– Use a single “shared service” account that connects to the cloud data warehouse through a single account and extracts data from thousands of BI users. This approach leaves too many holes from a security perspective. Specifically, you cannot apply controls and data protection to individual BI users:
– Use: You cannot see which users are using which data and when, which limits your ability to understand normal data usage by role.
– To access: You cannot apply masking on specific columns to limit access to sensitive data to particular users.
– ComplianceYou don’t have an audit trail or record of individual data consumption, which can lead to serious compliance issues.
– Consumption limits: You cannot limit consumption for specific users to stop authenticated access threats. All users share the same permissions, so administrators must completely disable access in the event of a breach. Data flows either to everyone or to no one.
– Privileged access: You gave warehouse administrators too much access to data they shouldn’t see, such as social security numbers. It’s the secret access threat.
Because of these gaps and risks, organizations often omit sensitive data from their analytics workflows. And even if they include this data in the cloud repository, without being able to control access to it and protect it, they will not allow any sensitive data to be available through the BI tool. It becomes a real catch-22. You want a clear view of the business, and sensitive data like personal information can be key to understanding critical functions like sales trends and forecasts. Omitting this regulated data from analytics workflows limits your ability to comprehensively answer strategic questions – you will miss out on complete insights. Your holistic view of the business is shattered and it would be impossible to realize the full potential of the BI investment. Moving forward, you need a simplified approach to data governance to help paint a clear picture for line of business managers.
The safe inclusion of sensitive customer information in online data platforms and BI tools leaves nothing out of the equation. Ideally, this means combining the administrative simplicity of a shared service account with data governance that provides insight and security down to the individual user, as if everyone has their own account. Sounds too pie-in-the-sky? BI administrators can provide a better view of the business by improving control and protection of sensitive data in four steps:
Implement a data protection and control solution that integrates with your cloud data warehouse.
The governance solution should use the contextual information provided by the BI tool to distinguish users from each other. Focus on solutions that can convey information about the specific BI user, out of the thousands in your organization, who requests it. This allows the data warehouse database administrator to set up and manage a single shared BI service account, while gaining per-user visibility and governance as if each end user of data had his account. Administrators can implement access controls, enforce masking policies, and stop authenticated access threats for thousands of end users, enabling continued access to sensitive data without putting the data at risk.
Configure the appropriate policies in the governance tool.
You should be able to apply policies that restrict access at a granular level that includes per user role or per database row, and then audit each instance. Role-based policies can limit access by groups or geographic areas. Row-level policies allow users to see and analyze only a specific row of information in the database. Both offer BI administrators the ultimate flexibility and controls to compose security policies for sensitive data.
Use a governance tool / BI tool integration.
This will allow you to a) divide service account access by individual users and b) set rate limit thresholds/policies by individual users or roles. We need this to ensure that data analysts or engineers, who are the creators of the analytics reports but not the end user of the data, only have limited access. They need to see a small sample of sensitive data, such as 10 or 20 values, to ensure their reports captured the correct data, but only for a short time because they are not the intended data consumer. Therefore, a rate limiting feature can stipulate the time or the amount of access. You can adjust policy thresholds to optimize collaboration while preventing data theft or accidental exposure.
Configure User Access Alerts
Set up alerts via email, Slack, your SOAR, or SOC to let you know when a user’s access is dangerously out of compliance. Governance creates accountability and enables users to access secure and trusted sensitive content. As part of the audit trail, you want to know exactly when and who is trying to access sensitive data and if there are any abnormal patterns. When it comes to compliance, timely cross-channel alerts and reports will help you stay on track.
In many companies, the demand for access to data and analytics has grown along with the understanding of the value of business information. Many analytics administrators have opted for the shared service account method of accessing cloud data stores. This approach is easier to manage but limits your ability to manage, track, and control access to sensitive data. This can often lead to omitting critical data from the equation, a less than complete view of the business, and incomplete or inaccurate analysis. Integrating a strong data governance strategy creates accountability and gives users access to secure and trusted sensitive content so you can provide a complete view of your organization to business leaders.
About the Author
James Beecham is co-founder and chief technology officer at ALTR, an innovator of comprehensive data protection and control solutions. He has over a decade of experience leading technology and engineering teams in IT architecture design, database and operating system drivers, database security, and the design of data governance and privacy systems. James holds several software patents and a degree in electrical and computer engineering.
Featured Image: ©Astibuag