Matillion and ALTR have partnered to ensure secure data migration to Snowflake in a way that allows users to operate on that data while keeping it protected. Here’s an example setup to illustrate how the integration works. If any sensitive data migrated to Snowflake needs to be transformed -- cleansed, standardized, etc. -- it can be de-tokenized, viewed and transformed in Matillion by an authorized user and tokenized again with ALTR.
Initial Matillion + ALTR Setup
- Before migrating data to Snowflake, ALTR sets access permissions for the sensitive columns that Matillion will migrate. This ensures that no role other than the Matillion role has access to data as it’s being tokenized.
- Additionally, ALTR sets a read rate limit of 0 reads allowed on sensitive columns, limiting Matillion’s role to write-only capabilities and setting up an alert if the role ever tries to read sensitive data.
- Lastly, ALTR does not set up de-tokenization of sensitive data at this time. Once tokenized, no one can see raw data in the clear.
ETL & Tokenization
Using Matillion, data is loaded into a staging database in Snowflake as usual, with one change: Matillion is configured to call ALTR when sensitive columns are loaded so ALTR can tokenize the data. As Matillion loads data into Snowflake, ALTR tokenizes the data in real-time. Once loaded and tokenized in Snowflake, data can be copied into production databases to be operated on.
After Data Migration to Snowflake
ALTR uses deterministic tokenization, which means tokens can be operated on without needing to be de-tokenized. This means your users can analyze and join tables based on tokenized columns without ever needing to see the underlying data. If a user or role does need access to the de-tokenized sensitive data, ALTR can allow locked down access which includes auditing of every access and rate limiting of reads to prevent data theft or accidental exposure.
ALTR + Matillion + Snowflake Outcome
Secure data migration to Snowflake with Matillion and ALTR is simple and effective, so you don’t need to spend a ton of time implementing and maintaining it. With ALTR and Matillion, you can safely and easily migrate your sensitive data to Snowflake and operate on that data at cloud scale.