Enterprises today are storing large amount of data in data lakes and data stores to gain insights. At the same time regulations like Sarbanes-Oxley, HIPAA, GDPR are forcing companies to protect sensitive data sets and conduct regular audits. Non compliance
can lead to legal action, reputation damage and business loss.
This poses a big challenge for enterprises to manage data access security in a central and easy manner. Data centric audit & protection (DCAP) solutions enable enterprises to discover, monitor, protect & audit data
effectively.
Insight Lake Security Manager solves this problem by allowing companies to manage security and monitoring of data assets (files, databases), which are present in cloud or on-premise centrally. It enables security administrators to
define access policies easily with rich set of rules. It allows seamless migration by not requiring any change in existing applications and tools. It captures comprehensive audit logs to provide great detail about the access.
Following are the main features provided by Security Manager:
Security Manager solution allows companies to monitor and protect variety of data assets.
Security Manger provides an interactive policy manager UI, which allows security admins to manage enterprise data assets from single pane of glass. They can explore data assets, discover sensitive data assets, monitor them, create policies, check audit logs and view dashboards.
Security Manager integrates with Metadata and Governance solutions and provides insights through a hierarchy of business unit, application, data domain and user.
Security Manager allows companies to import or provision users manually. Users can be easily imported from AD systems. AD integration allows automatic policy handling for users who are removed from AD on their termination.
Security Manager solution provides asset discovery feature, which identifies what types of data stores present in a given network. Rich data profiling of data sets provides fine grain details about the sensitivity of data elements. Discovery feature allows creation of security policies for identified sensitive data elements like alerting, masking, blocking etc. Data discovery can be easily automated to provide continuous monitoring of sensitive elements.
Security Manager allows security admins to monitor user access rights based on user roles. It allows them to identify if excess rights are given to a user whose role doesn't permit them. For example a developer is given drop table rights on production will be a security gap. Monitoring of access rights can be done periodically and alerts could be provisioned. From the interactive UI and dashboards security admins can monitor and explore access rights easily.
Security agents are the main actors, they load policies from central policy server, monitor traffic, apply policies, generate alerts, modify queries for data protection and block access.
Security agents are divided in two types:
Enterprises can utilize rich set of policy rules to control access to data. Rules include: Coarse Grain Permissions - allow, deny Allow or deny data set joins Fine grain masking Data filtering Location Based Access Metadata Attributes
Security manager captures provides comprehensive audit of data assets as well operational policies. It provides :
Audit logs can be pushed to an enterprise based event handling systems or exported to big data based systems.
Analyze and monitor all enterprise data assets using security dashboards
Following dashboards are provided:
