You connected a business intelligence (BI) tool to a cloud-based warehouse and completed your first analytics project
Perhaps you’ve identified a new market opportunity or a way to gain some cost savings. The business wants more now that you’ve had your first analytics success. But your BI users have multiplied across the company, wishing to connect to the data warehouse and run analytics from the convenience of a web browser. You’ve realized that the answers to new questions will require access to sensitive data, such as customer address, age, demographics, and other personally identifiable information (PII).
As the BI or data warehouse administrator, you’d typically have two choices in this situation:
– Create accounts on the cloud data warehouse for every individual user.
– Use a single “shared service” account that connects to the cloud data warehouse through one account and pulls data for thousands of BI users. This approach leaves too many holes from a security standpoint. Specifically, you can’t apply data controls and protection to individual BI users:
– Usage: You can’t see which users are using which data when, limiting your ability to understand normal data usage by role.
– Access: You can’t apply masking on specific columns to limit access to sensitive data to particular users.
– Compliance: You don’t have an audit trail or record of individual data consumption, which can lead to serious compliance issues.
– Consumption limits: You can’t limit consumption for specific users to stop credentialed access threats. All users share the same permissions, so admins need to shut off access entirely if there is a breach. Data is either flowing to everybody or nobody.
– Privileged access: You’ve given the warehouse admins too much access to data they shouldn’t see, such as social security numbers. This is the secret access threat.
Because of these gaps and risks, companies often leave sensitive data out of their analytics workflows. And even if they include this data in the cloud repository, without the ability to control access and protect it, they won’t allow any sensitive data to be available via the BI tool. This becomes a real catch-22. You want a clear view of the business, and sensitive data like PII can be critical to understanding essential functions like sales trends and forecasting. Omitting this regulated data from analytics workflows limits your ability to answer strategic questions comprehensively – you’ll lack complete insight. Your holistic view of the business becomes broken, and it would be impossible to realize the full potential of the BI investment. To move forward, you need a simplified data governance approach to help you draw a crystal-clear picture for line-of-business leaders.
Safely including sensitive customer information in online data platforms and BI tools leaves nothing out of the equation. Ideally, this means combining the administrative simplicity of a shared service account with data governance that provides insights and security down to the individual user, as though everyone had their account. Sounds too pie-in-the-sky? BI admins can deliver a better view of the business by enhancing control and protection over sensitive data in four steps:
Implement a data control and protection solution that integrates with your cloud data warehouse.
The governance solution should employ contextual info provided by the BI tool to distinguish users from each other. Focus on solutions that can send through information on the specific BI user, out of the thousands in your organization, who is making the request. This allows the data warehouse DBA only to configure and manage a single, shared BI service account, yet gain per-user visibility and governance as though every data end-user had their account. The admins can implement access controls, apply masking policies, and stop credentialed access threats for thousands of end-users, allowing continued access to sensitive data without putting the data at risk.
Set up the appropriate policies in the governance tool.
You should be able to apply policies that restrict access at a granular level that includes by user role or by database row and then audit every instance. Role-based policies can limit access by groups or geographies. Row-level policies allow users to see and analyze only a specific row of information within the database. Both give BI admins the ultimate flexibility and controls to dial in security policies for sensitive data.
Use a governance tool / BI tool integration.
This will allow you to a) split out the service account access by individual users and b) place thresholds/rate limit policies by individual users or roles. We need this to ensure that data analysts or engineers, who are the builders of analytics reports but not the end-user of the data, only have limited access. They should see a small sample of the sensitive data, such as 10 or 20 values, to ensure their reporting captured the correct data, but only for a short duration because they are not the intended data consumer. Therefore, a rate-limiting feature can stipulate the time or amount of access. You can adjust the policy thresholds to optimize collaboration while preventing data theft or accidental exposure.
Set up User Access Alerts
Set up alerts to email, Slack, your SOAR or SOC to let you know when a user’s access is dangerously out of compliance. Governance creates accountability and enables users access to secure and trusted sensitive content. As part of the auditing trail, you want to know exactly when and who is trying to access sensitive data and if any patterns are abnormal. When it comes to compliance, timely multi-channel alerts and reporting will help keep you on the straight and narrow.
In many companies, the demand for access to data and analytics has increased along with understanding the value of business insight. Many analytics admins have settled for the shared service account method enabling access to cloud data stores. This approach is easier to manage but limits your ability to manage, track and control access to sensitive data. This can often lead to critical data being left out of the equation, a less than full view of the business and incomplete or inaccurate analysis. Integrating a solid data governance strategy creates accountability and enables access to secure and trusted sensitive content for users so that you can deliver a complete view of your organization to business leaders.
About the Author
James Beecham is a Co-founder and the Chief Technology Officer at ALTR, an innovator of complete data control and protection solutions. He has over a decade of experience leading technology and engineering teams in computer architecture design, database and operating system drivers, database security and data governance and privacy system design. James holds multiple software patents and a degree in Electrical and Computer Engineering.
Featured image: ©Astibuag