Dasera Crater Lake 5.0 automates data governance and security operations
Dasera has released Crater Lake. With this release, Dasera provides Security, Data, and Compliance teams with full data store, user, and usage context, thus empowering them to make the right business decisions to safeguard their data while saving time and money.
About Crater Lake
Crater Lake is the deepest lake in the United States. Coincidentally, Dasera’s newest release features a deep analysis of context. The release incorporates Role-Based Access Controls (RBAC) that provide granular control over permission management and an Open API that enables users to programmatically connect Dasera’s platform to external databases and platforms to further enrich existing metadata.
Crater Lake fosters data governance and data security to address one of the main problems companies are facing – lack of data ownership and cross-functional collaborations.
How Crater Lake 5.0 changes data governance and data security
Since data governance is a shared responsibility, it requires collaboration across Security, Data, and Compliance teams. Effective data governance cannot be achieved if these stakeholders work in functional silos.
To help the teams have a smooth collaboration experience, the Crater Lake release incorporates API-powered integrations, object-level privilege analysis, user identity mapping, and continuous visibility into user activity.
Crater Lake 5.0 highlights
Prevent insider risk from over-privileged Users
According to Aberdeen Strategy and Research (2021), 78% of insider data breaches are unintentional, and even well-meaning users may cause damage.
Over-privileged users, or those who have greater data access than they need to do their job, increase the potential for breaches within an organization and allow hackers and rogue insiders to misuse and exploit sensitive information.
Thus, organizations must enforce the principle of least privilege which states that users should only have access to data they need to do their job. Enforcing this principle ensures administrators know who has access to sensitive data and what policies govern the data access permissions.
Dasera has implemented two new features to give administrators visibility into the privilege level users currently have and which privilege level they should have for each data store. These features further demonstrate Dasera’s commitment to proactive data security.
Object-level privilege analysis
Dasera empowers administrators with information about which users have access to what type of sensitive data. Correlated with the employee metadata, the principle of least privilege helps admins determine what departments should be authorized with data access and in what circumstances the access should be revoked.
User identity mapping
Now Dasera can automatically map database users to Active Employees based on the company’s corporate policies. This feature provides visibility into ghost database users that do not map to any Active Employees or service accounts.
This helps Data teams gain visibility into over-privileged users and clean up their data access posture. They can also map multiple usernames on different databases to the same Active Employee identity, so their profiles can be aggregated to provide the correct risk posture.
Gain visibility into every action with user audit trail reporting
Unfortunately, data breaches continue to increase in frequency, which means every company needs to be prepared to respond to a breach of their data.
In the event of a breach, audit trails can facilitate the reconstruction of historical events related to a record, including the “who, what, when, and why” of the action that was performed by a user that resulted in an incident.
With the latest Crater Lake 5.0 release, Dasera is now able to capture the time of record creation, alteration, or deletion by every platform user onboarded via Role-Based Access Control (RBAC), thus mitigating the risk of data breaches.
The forensic data from the audit trail will enable quicker response to and remediation of the data breach.
Enrich metadata with Dasera’s Consolidation API
It is imperative for data, security, and compliance teams to operate their cloud systems at scale and leverage services that coexist well within their ecosystems.
Dasera launched a Consolidation API as part of the Crater Lake release in order to meet customers’ needs for the apps and workflows integrations.
The Consolidation API includes secure pathways for full capabilities of Dasera classification and tagging, enabling organizations to exchange metadata and enrich the data context irrespective of where it resides in their environment.