Simplify data access control for Snowflake

No database view explosion or role bloat to contain. No more data extracts to manage. Okera provides dynamic row-level security and fine-grained access control for Snowflake.

Maximize the value of the Snowflake Data Cloud

Keep regulated, sensitive, and personal data protected from misuse, while utilizing the power and functionality of the Snowflake Data Cloud.

Control

Dynamically apply user-appropriate row-level filters, data masking, and de-identification techniques at the point of query to comply with data privacy regulations and security mandates.

Simplicity

Define user entitlements as human-readable data governance policies. Leverage user attribute data from external systems to build data access policies and eliminate unmanageable view explosion and role bloat

Centralization

All data access policies can be managed and enforced in one place, instead of synchronizing data access controls across disparate end-user BI tools and Snowflake.

Visibility

All data access requests are automatically logged for every individual user, down to the exact query, timestamp, access method, data attributes including sensitivity level, and whether requests are approved or denied

See Okera with Snowflake in action

We credit Okera for reducing the hundreds of roles from our legacy database to about a dozen now in Snowflake, while giving us even more granular access control with user attributes. As a platform owner this saves me a lot of time and assures appropriate access as we expand how we use Snowflake with more users and data.

Solution Architect, semiconductor manufacturing company

How Okera’s Snowflake data governance integration works

Analysts and data scientists can continue to use Snowflake Worksheets, as well as their preferred third-party BI and data science tools. There is no need to change existing query definitions, dashboards, or reports. Just simply point to Okera’s native secure data gateway for Snowflake. Users get the full power of the Snowflake SQL syntax as normal.

Authorization occurs in a blink of an eye. Okera analyzes each query, evaluates data and user attributes, and dynamically applies row-level filtering and advanced data security and privacy functions such as tokenization and masking. Rewritten queries are then pushed down to Snowflake, which optimizes each query for security and performance.

Analysts and data scientists can continue to use Snowflake Worksheets, as well as their preferred third-party BI and data science tools. There is no need to change existing query definitions, dashboards, or reports. Fine-grained access control policies, leveraging data and user attributes, are authored in Okera and then synchronized to Snowflake. Apply row-level filtering and advanced data security and privacy functions such as tokenization and masking at the point of query.

Utilize native Snowflake capabilities with the simplicity of Okera

  • Snowflake native SQL syntax – Okera provides complete end-to-end support for the
  • Snowflake native SQL syntax, making the full power of the Snowflake Data Cloud available for all user queries.
  • Snowflake Worksheets: With Okera’s data authorization capabilities, data governance teams can more quickly and confidently grant power users the privilege of running native Snowflake queries directly in the Snowflake web interface.
  • Snowflake Connectors: Combined with support for Snowflake’s native SQL syntax, Okera works with native JDBC/ODBC connectors for the Snowflake Data Cloud. Native connectivity protects investments in business dashboards, reports, and advanced analytics built using third-party BI and other SQL tools.
  • Snowflake UDFs: Okera uses User Defined Functions (UDFs) to implement data security and privacy transformations, such as dynamic data masking and tokenization. Joint customers can also take advantage of the complete Java programming language to create their own UDFs for custom data security use cases and increase speed at run-time.
  • Snowflake Access History API: Okera can use Snowflake’s Access History API to incorporate Snowflake’s native audit capability into the Okera platform. Okera enables the ability to look across data residing within Snowflake and other data platforms, providing additional security context for Snowflake data usage, including what tags are being used and by whom.

 

Learn more about Okera and Snowflake Data Cloud