Addressing data access blindspots commonly faced by enterprises, data security leader launches the first open-source authorization analysis tool to provide universal visibility into data access permissions across multiple data stores
User authorization for data access is complex. The answer to the question “who has access to what data?” is often unclear because of complex role hierarchies, different authorization models used for different technologies, and the variety of data that may be accessible across technologies and clouds.
The Universal Data Permissions Scanner (UDPS) simplifies the complexity associated with authorization. This has a significant impact on the ability to quickly and easily share information across departments, increasing the time-to-value. Simultaneously, using the UDPS reduces the security risk from overprivileged users by ensuring that access controls are appropriately applied and revoked.
Proper controls must be in place to prevent unauthorized access, track data usage, identify unusual behavior, and remain compliant with data privacy laws. Without modern tools, however, authorization is particularly difficult to track and remains a significant data security blindspot. Obtaining this view is especially challenging due to complex data infrastructures, inefficient manual processes, and a constantly changing workforce. Authorization information can also be obstructed, making it difficult to identify who has access to various data assets beyond simple data table permissions, with complexities such as hierarchies and dependencies impeding visibility.
The Universal Data Permissions Scanner from Satori addresses these challenges head-on, providing companies with a clear view of data access authorizations. The free tool scans databases, data warehouses, cloud accounts, or data lakes, and analyzes the permissions model of the data platforms to retrieve a human-readable list of users, and their access level to the various data assets, including database tables, cloud storage buckets and files, and more. Notably, the Universal Data Permissions Scanner is platform-agnostic, making it capable of providing authorization intel across any data store. It currently supports Snowflake, Databricks, Amazon S3, Amazon Redshift, Google BigQuery, MongoDB and others. Since this is an open-source project, users can continue to add new data stores, expanding the power and value of the tool for the data security community.
Gaining transparency into data access through the Universal Data Permissions Scanner enables companies to reduce the risks associated with overprivileged users, improve their data posture, enhance data security, and simplify compliance reporting, freeing up valuable time for critical business tasks.
“We developed the Universal Data Permissions Scanner in response to the constant struggles faced by data and security engineers in simplifying data security and better managing authorizations,” said Yoav Cohen, CTO and co-founder of Satori. “Our decision to embrace open-source for this project is rooted in our belief that collaboration and inclusivity are key to solving complex challenges. By making this tool free and open to all, we are inviting all organizations – not just our customers – to join us in enhancing global data security.”