Universal Data Permissions Scanner: Open-source tool to overcome data authorization blindspots
Satori released Universal Data Permissions Scanner, a free, open-source tool that enables companies to understand which employees have access to what data, reducing the risks associated with overprivileged or unauthorized users and streamlining compliance reporting.
Who has access to what data?
User authorization for data access is complex. The answer to the question “who has access to what data?” is often unclear because of complex role hierarchies, different authorization models used for different technologies, and the variety of data that may be accessible across technologies and clouds.
The Universal Data Permissions Scanner (UDPS) simplifies the complexity associated with authorization. This has a significant impact on the ability to quickly and easily share information across departments, increasing the time-to-value. Simultaneously, using the UDPS reduces the security risk from overprivileged users by ensuring that access controls are appropriately applied and revoked.
Controls
Proper controls must be in place to prevent unauthorized access, track data usage, identify unusual behavior, and remain compliant with data privacy laws. However, authorization is challenging to track without modern tools and remains a significant data security blindspot. Obtaining this view is challenging due to complex data infrastructures, inefficient manual processes, and a constantly changing workforce. Authorization information can also be obstructed, making it difficult to identify who has access to various data assets beyond simple data table permissions, with complexities such as hierarchies and dependencies impeding visibility.
The Universal Data Permissions Scanner addresses these challenges head-on, providing companies with a clear view of data access authorizations. The free tool scans databases, data warehouses, cloud accounts, or data lakes, and analyzes the permissions model of the data platforms to retrieve a human-readable list of users and their access level to the various data assets, including database tables, cloud storage buckets, and files, and more.
The solution is platform-agnostic
Notably, the Universal Data Permissions Scanner is platform-agnostic, making it capable of providing authorization intel across any data store. It supports the following, with more on the way:
- Amazon Redshift
- Amazon S3
- Google BigQuery
- MongoDB
- PostgreSQL
- Snowflake
Gaining transparency into data access through the Universal Data Permissions Scanner enables companies to reduce the risks associated with overprivileged users, improve their data posture, enhance data security, and simplify compliance reporting, freeing up valuable time for critical business tasks. The solution is available on GitHub.