Okera introduced no code, fine grained access control (FGAC) policy creation with de-identification to its secure data access platform. The elimination of coding creates a highly flexible, easy to use access control management environment, allowing any data owner or steward to create custom policies based on a combination of attributes. The enterprise scale de-identification functionality includes dynamic masking and tokenization.
A new user inactivity reporting capability simplifies access reviews for compliance purposes and enables a "least privilege" access control strategy. Large organizations have a variety of access control use cases and require flexible, attribute based access control (ABAC) policies that can combine multiple attributes, including user, tool, type of data, and location, to enable self-service analytics while ensuring secure, compliant, and agile access to data.
Digital transformation initiatives
Organizations also require the ability to add de-identification and privacy functions, such as dynamic masking and tokenization, without coding. Rather than creating multiple copies of data with and without data transformation, organizations want to automate these functions and enforce these policies dynamically.
"Self-service analytics is the holy grail of enabling enterprises to take full advantage of their data for digital transformation initiatives related to the customer experience, end to end business processes, and improved business decision making," said Nick Halsey, Okera CEO.
Access control management
The democratization of secure, compliant access to data is critical to making true self-service analytics a reality"
"By eliminating the need for coding, we have put access control management into the hands of the data stewards and governance and privacy professionals who understand the intricacies of regulations and internal data privacy policies. This democratization of secure, compliant access to data is critical to making true self-service analytics a reality."
Extending ABAC to support enterprise-scale de-identification and privacy functions dramatically simplifies the process of provisioning data access. The simple point-and-click user interface of the enhanced Okera policy builder lets data owners and stewards create and manage fine grained ABAC policies involving row level filtering and sophisticated de-identification and privacy functions without writing a single line of code.
Industry specific controls
The policies can be edited and are enforced dynamically, allowing for maximum agility in ensuring security and governance.
Benefits of the New Okera Features
- ABAC with de-identification
- Faster response time to the changing compliance and regulatory needs of the organization, without impeding analysts' workflow.
- Use custom, user defined functions to support organization specific and industry specific controls, such as for financial services firms and healthcare organizations.
- Simplify management by leveraging attributes from other systems, such as Active Directory or business metadata, and attribute classifications that already exist in enterprise data catalogs.
- Eliminate the need to copy data for different access control use cases, reducing cost and complexity of access control management.
- No-code data access policy definition
- Offers non-technical data owners and stewards the ability to manage policies with incredible granularity and de-identification without any coding.
- Gain incredible speed and flexibility with how organizations can respond to any new information that would require them to change their policies. Since Okera enforces policies at runtime, the analysts do not need to stop working if a policy changes.
- Inactivity reporting
- Gain visibility into users who may have access to certain data but have not used that access for a specified amount of time.
- Reduce risk using a least privilege access strategy that ensures only those who actually need access to the data retain it.
- Simplify periodic data access reviews for compliance purposes.
More about the enhancements can be read in the blog by Nong Li, Okera CTO and Co-Founder.