As companies aggregate more and more data from multiple data sources into cloud data warehouses in order to remove silos and find insights across disparate data, there can be one big stumbling point: access to sensitive data.
This is a problem if the data is so sensitive only a few people in the company should have access to it. This is especially a problem if the data is also so important the company can’t utilize the cloud data platform to its full potential to understand the business without it. That means the data has to be in your cloud data platform—but what if your cloud data warehouse admin isn’t one of the few people in the company who should have access to the data?
The risk of admin power on the platform
Cloud data platform admins have virtually unlimited control over a company’s instance. They set up security protocols, they set up users and access, they manage the data flows in and out. While you might trust your admin, can you trust that their credentials will never be stolen or misused?
There are a couple of ways that someone with admin credentials could get access to sensitive data without non-admins being aware:
Assume the role of a person who should have access to the data such as a CFO. Because they have the power in the platform to set up and modify user accounts, they could impersonate someone with permission to access the data.
Disable platform governance and security controls – views, masking policies and user-defined functions - and access the data directly.
Cloud data warehouse security, visibility and control outside the platform
SaaS-based ALTR acts like a neutral third party, providing consumption visibility and data protection that’s natively integrated into to the cloud data platform yet outside the control of the platform admin. This separation of duties is what makes ALTR’'s platform so powerful when it comes to improving cloud data warehouse security of sensitive data in platforms like Snowflake.
While there’s no foolproof way to stop the admin or someone with their credentials from attempting to access the data, ALTR’s unique combination of data consumption governance and data security can reduce the impact and risk of the two scenarios. ALTR makes it impossible to access the data without key people being notified and can limit the amount of data revealed, even to admins:
- Real time alerts: With ALTR, data can be tokenized outside of Snowflake. When the admin (or any user for that matter), tries to access the data, the platform will have to contact ALTR in order to get the de-tokenized data. When this occurs, it can trigger an alert notifying relevant execs or stakeholders at the company. If none of the allowed users accessed the data, they’ll know unauthorized access has occurred within seconds. Examples of alerts can include text message, Slack or Teams notifications, emails, phone calls, SIEM integrations, etc.
- Data consumption limits: ALTR can limit the amount of de-tokenized data delivered to any user, including the admins. While a user might request 10 million records, they may only get back 10,000 or 10 per hour. This can also trigger an alert to relevant stakeholders.
See ALTR's Customer Success Engineer Jeff Ellerbee walk through this use case:
A separation of duties
Delivering real time alerting and limiting risk to data requires both a SaaS-based tool for tokenization that sits outside the cloud data platform and the ability to implement consumption limits on data requests. A data governance tool alone wouldn't solve the problem. It needs a combined data governance and data security solution unique to ALTR.
ALTR's solution for a separation of duty between operation of data and security of data provides a check on the power of platform admins (and their credentials). The most self-aware cloud data platform admins actually want this kind of outside oversight to ensure the data in their charge is kept secure.