It’s January - the time of year when we kick off our New Year’s resolutions. One of the most common is “getting in shape”, and that often means signing up for a gym membership. In fact, about 12% of all gym memberships happen in January, according to the IHRSA. However, 50% of those new members quit within 6 months!

This year, why not consider beefing up your data governance and security program with ALTR instead?  

3 ways the ALTR Free plan is better than a gym membership:  

1) It’s free, for real

Obviously. But it’s free with no strings attached. Unlike some gym memberships, there’s no bait and switch. There’s no credit card required, there’s no limited time offer, there’s no 6-month trial rate – ALTR Free is free for life. You can use it as long as you want, upgrade if or when you’re ready, or stay on the free plan forever.  

In fact, with ALTR there’s no contract at all. We’ve worked hard to make sure that our free version provides a complete data control and protection on its own. If you don’t find it’s providing the functionality you need, we hope you’ll let us know so we can improve. But if it’s just not doing it for you, you can quit at any time. Unlike the gym, you won’t have to send a notarized letter, certified mail to the company’s headquarters and then watch and wait to see if this is the month they stop debiting your account!  

2) It’s not intimidating to get started

Depending on the shape you’re in, beginning a workout program can be intimidating. Maybe you’re not sure where to start, you don’t know how to use the machines, you’re worried you’ll be judged, or don’t want to deal with Instagram influencers recording their workouts while you’re just trying to burn off holiday calories! It can be the same with a data governance program. The idea may be so overwhelming you think you need 6 months to even figure out what data you should protect and where it is, before you can even think about launching your program.  

With ALTR, it’s simple to get started. There’s no big set up, no long implementation project, no coding knowledge necessary. There’s no hardware to purchase and no consultants needed.

You can sign up directly through Snowflake Partner Connect or here on our site, connect your databases, discover and classify data instantly, choose the columns of sensitive data you want to protect – in just a few minutes! No matter what stage of data governance you are, ALTR gives you the space and tools to grow at your own pace.

3) It’s easy to maintain

Going to the gym can be tough to keep up. At the end of a long day or before you even get going, you have to find the motivation to put your gear on, drive to the gym no matter the weather or the traffic, then you have to actually do the work! And you have to do it 3 to 5 times a week to make an impact.  

With ALTR, once you set it up, you can just sit back and let it do the work for you. ALTR automates access to data, limits data consumption based on the rules you set, and blocks unauthorized access automatically. Our data usage heatmaps show your top users, what data they accessed, when and how much. It’s like a Fitbit for your data consumption. The difference is you don’t have to do a thing to see the numbers go up. ALTR helps you build up your core data governance, control, protect muscles so you can focus on the heavy lifting of moving sensitive data to the cloud.  

Stay on the couch and get fit with ALTR

We built the ALTR Free plan to give everyone access to effective data control and protection – we’ve done away with long implementations, high costs, complicated contracts, time-consuming maintenance. We’ve eliminated all the roadblocks, and there are no more excuses.  

The ALTR Free plan can help you kick start your data control and protection fitness in 2022. And it’s safer than a Peloton.

Today’s data-driven enterprises know that making data available across the company can lead to improved results—from higher sales to better customer satisfaction to improved market share. But the business-level need to make data available has been in conflict with the business-level requirement that data be shared securely. These competing business drivers have led to an odd mismatch between what companies would like to do with data and what they have actually been able to achieve. In order to provide data both swiftly and securely to users, companies should focus on these 3 keys to faster and safer data delivery.    

Know and show your data

Before you can provide data to users, you must document what data you have. This means discovering data across databases and software, in cloud SaaS platforms and on-premises in legacy databases. The data must be typed: are they names, social security numbers or email addresses? Then it should be tagged by business context: is the email address from Salesforce or HR? Is it a prospect or employee?  

Once the data has been discovered, analyzed and classified, the available data types and tags can be displayed to users via a data catalog—just like any e-commerce platform. Users should be able to search for data to enable a specific use case, such as sharing custom coupons near specific locations. They can select email addresses, GPS data, available inventory and any other information needed to achieve the goal and add those to their “data shopping cart”, regardless of where the data is from or located. The backend structure is completely seamless to users. The goal is to make it as easy as ordering from Amazon.

Control and govern your data

Unfortunately, here’s where the e-commerce metaphor falls apart. While the e-commerce process is mostly automated all the way through, security-focused “default to no” and Zero Trust policies have forced companies to evaluate requests individually and manually as they come in. This leads to labor-intensive data control and release processes on the back end. Once a user “places an order” for data, that sets off a workflow that primarily consists of email notifications to one or more data stewards. What should be a 5-minute fulfillment task can actually take 3-4 days. Data stewards must check the policies to confirm whether the user is authorized to have access to the data. The requester may have asked for data from multiple locations with various owners – Snowflake data may be owned by analytics and Oracle on-prem data by IT or operations. There can often be different data stewards for different data sets, and review/approval tasks often fall on data teams who have other full-time responsibilities on top of their data steward duties.  

Such a manual process is rife with human error.  Data stewards could accidentally provide access that is too broad or for too long or just to the wrong data. Because human error can lead to data breaches, manual processes increase the risk of that. Still, this process was almost manageable when the requests were 1 or 2 per week. But customers are telling us that they’re seeing 1 or 2 per hour now. It’s simply not sustainable.

Unify and automate your process

Unifying and automating the entire process solves this issue and upgrades the complete data delivery experience. It makes the whole mechanism faster and more secure than the sum of its parts. The data governance tool acts as the brain, knowing who should have access to which data. Automated data discovery, analysis and cataloging with SaaS-based tools like OneTrust and Collibra allow companies to find data across the entire ecosystem, document data lineage, and type and tag it. Once that data has been identified, policy and permissions can be applied.  

Then the access control tool like ALTR acts as the muscle, regulating access based on commands it receives from the brain, bypassing the time-consuming and error-prone manual authorization workflow. ALTR’s SaaS-based solution also spans across multiple database types – both on prem and in the cloud – to update access permissions in real time. This provides one central command and control center across the data ecosystem, unlike proxy-based solutions that must be implemented and managed separately for each database. And ALTR also helps define and control what “access” means – is it root level access or a reader account? Is the data masked or limited by amount? For example, HIPAA regulations require that only the minimum necessary standard of data is available to the user to achieve their task.  

Finally, the constant consumption feedback ALTR provides acts as the senses, letting the brain know what data is actually being consumed, by whom. This allows teams to double check usage against existing policies and correct any misalignments. If we go back to the Amazon example, this would be as if someone bought too many masks to resell during a pandemic, and Amazon stopped the purchase as against its policies.  

The promise of data delivered

When users have access to the data they need in minutes instead of days, the whole company can perform better. When unification and automation not only deliver that speed, but also reduce the risk of human error leading to a breach, the company’s entire data set is safer even as its being shared. Now the promise of data usage across the company can be delivered.  

Download our White Paper to learn how the best data strategy is enabled by a strong data defense.

‍

We’re continuing our series of predictions for the 2022 data governance landscape from ALTR leaders Dave Sikora, James Beecham, Doug Wick, and Pete Martin.  

All the activity around data, especially sensitive data, we discussed in our previous predictions (1, 2 and 3) will continue to draw attention from regulators. We have already seen several state-level laws including CCPA and CPRA in 2020 in California, Virginia and Colorado passed this year, and active bills in at least 6 other states. Every time a new state law is passed it increases the complexity of data access controls for governance and security teams.  

And this will make data literacy just as necessary as financial literacy for executives, including board members. They’ll need to have a crisp understanding of how data works in the business, where it comes from, who it goes to, what data is meaningful and what can be ignored. Leaders will need to understand what’s required by regulations and how the way company is using data creates regulatory risk. We expect that soon company executives will be looking at “data flow” statements alongside cash flow statements each quarter.  

Companies that have this competency baked into their business will be in a better position to weather the next big regulatory storm: a U.S. federal data privacy law on the level of the Sarbanes-Oxley Act of 2002. “SOX”, passed in reaction to several financial scandals including Enron, Tyco and WorldCom, requires corporate officers of publicly traded companies to personally certify that the company's financial statements are accurate. Officers who sign statements they know are inaccurate can face criminal charges and penalties including prison. We certainly hope that we don’t see scandals as shocking as those of the early 2000s, but if data breaches continue to worsen, we can expect legislation that requires publicly traded companies to have board-level data audit committees documenting how the company is protecting sensitive data, with CEOs and CDOs required to sign accountability statements.  

To see all our predictions for 2022, download our white paper here.

We’re continuing our series of predictions for the 2022 data governance landscape from ALTR leaders Dave Sikora, James Beecham, Doug Wick, and Pete Martin.  

In our last post, we talked about how the democratization of data access will lead to an order of magnitude increase in the credentialed access threat. But a positive effect of the growing democratization of data is the opportunity for companies to truly become “data-driven,” unlocking enormous economic value over the next five to 10 years. Currently, companies don’t really have a good handle of what’s truly going on inside their business – broadly across the various functions or in detail down to the transaction level. They don’t have the visibility or measurement around operations or their customers. But by making the data available to everybody, companies will get more operationally efficient across the board: marketing will get more effective at reaching potential customers, logistics will get more proficient at moving supplies and products through the business, and so on.  

At the same time data is spreading across the business, its importance is pushing the prominence of data up the executive ladder. This will lead to the elevation of the Chief Data Officer. Their responsibility will be to use all this data to make sense of the business – to correlate data points and create a high-level understanding of how the company is operating from a data flow perspective. We’re already seeing this happening to a certain extent with the percentage of organizations reporting the appointment of a CDO increasing from 12% in 2012 to 65% in 2021. This will have the side effect of pushing the CIO and the Information Technology teams lower in ranking, potentially reporting to the CDO, simply focused on putting the technology structure in place to enable a data-driven strategy.  

Venture Beat calls the combination of data and AI embedded within companies for analytical and operational purposes “the beginning of the era of the intelligent, automated enterprise.”  

Obviously, we’re just at the very early stages of this massive upheaval, but even what we’ve seen so far will help support what Gartner notes are CEO priorities for 2022: growth, digitalization and efficiency. These are all enabled if you can make better sense of your data. With disparate applications and disparate data points, the only way to take the business to the next level is to connect all those dots to create a holistic picture and uncover real insight.  

Watch our blog for more predictions to come around new risks to data, the crucial role of data in the business, and the regulatory environment ahead…

Heading into the holidays, we can’t help but look back at the whirlwind last two years. The COVID-19 pandemic caused a disruption unlike any we’ve seen in the last few decades. Employees across the world began working remotely like never before. Because data has become such a critical part of this work, it needed to follow the employees, quickly escalating digital transformation and the move of data to the Cloud. Snowflake’s record setting IPO in September 2020 demonstrates the value of this opportunity. But the shift also put an abrupt burden on IT teams to protect that remote work and the data required from new threats and escalating old ones. Data thieves and hackers took advantage of the disruption to step up attacks, like the recent Robinhood leak that exposed data of 7 million customers. As data exfiltration and PII leaks continued, regulatory attention around protecting personal information in the US increased.  

All in all, it’s a challenging yet thrilling time to be part of the data ecosystem. And data governance and security are more critical than ever.  

As we look toward 2022, it’s a given that data will continue moving to and consolidating in the Cloud. But this will lead to other shifts in the data governance landscape, uncovering surprising new possibilities and challenges for companies who want to stay ahead of the competition by making the most of their data. Over the next few weeks, we’ll share some predictions from ALTR leaders Dave Sikora, James Beecham, Doug Wick, and Pete Martin to help companies know what they might expect in 2022.  

Prediction #1: Companies Will Dare to Data Share, Safely

Centralizing data in the cloud enables increased flexibility, availability and sharing of data – within the enterprise and without. In the past, if you wanted to share data that lived in an on-prem datacenter with another group or with an external partner, you would have to extract and then email or FTP the file – a cumbersome, manual process. Increasingly, companies will take steps to make data more easily available via the cloud – to connect applications, to monetize it or even utilize it to create a more effective AI.  

For example, earlier this year, NBC Universal announced a new solution to monetize the audience data it gathers by making it available to partners, on a cross-cloud data clean room environment powered by Snowflake. Advertisers will be able to safely and securely join their own data, without exposing any viewer personally identifiable information (PII). The Snowflake platform lets NBC Universal govern what data is housed in the clean room, how data can be joined, what types of analyses can be performed on the data, and what data can leave. Disney is doing something similar by making Snowflake its single source of data to share securely with its internal teams and partners. Snowflake is enabling the monetization of sharing further with their Data Marketplace which allows companies to offer up unique, proprietary data to Snowflake customers to utilize along with their own data.  

Secure cloud-based sharing will also help overcome one of the main ML/AI roadblocks: training data. 91.9% of firms report that the pace of investment in Big Data and AI projects is accelerating, but AIs don’t come fully formed out the box – they require massive amounts of data to learn on to be effective. Companies may contract with an ML or AI provider, but the model needs to be trained on relevant data for that specific company’s use case before deployment. Data privacy concerns have limited the ability to provide real data to AI vendors, with companies in some cases relying on synthetic data, but implementing secure data sharing allows for use of real data instead.

Essentially, the ability to securely share sensitive data easily from the cloud will enable increased data sharing and increased insights.  

Watch our blog for more predictions to come around new risks to data, the crucial role of data in the business, and the regulatory environment ahead…

‍

We’re continuing our series of predictions for the 2022 data governance landscape from ALTR leaders Dave Sikora, James Beecham, Doug Wick, and Pete Martin.  

In our first post, we talked about how companies will utilize secure data sharing to get more value out of data. Next year, we’re all confident that data will become even more critical to business and will continue consolidating in the Cloud. But this consolidated data pool will have the unfortunate side effect of drawing criminal attention. Data that used to exist in specific, disparate software or databases such as Workday, Salesforce or SAP is being uploaded into a consolidated cloud database, accessible from all over the world, with a single username and log in supplying entry. As this trend continues, these cloud data platforms will become an even more attractive target for “hackers.”  

But can it even be called “hacking” when companies leave the door open? Many of the most well-known data breaches of the last few years were the result of misconfigured cloud database or application security. A June 2021 IDC survey of CISOs and security decision makers showed that almost 100% of companies had experienced a cloud data breach in the past 18 months.  

While data warehousing has been growing for the last ten to twenty years, at the beginning, only a small group of individuals had access to the data. As the realization of the possibilities this information provides has spread across the business, there has been an increased push to democratize access. Companies have started handing out access to data like Oprah handed out car keys – “You get credentials, and you get credentials, and you get credentials!” This, along with the growth in data sharing, increases the credentialed access threat potentially by an order of magnitude. And that unfortunately means, for the sixth year in a row, we will likely see “credentialed access” as one of the top drivers for data breaches in the 2022 Verizon Data Breach Investigation Report and the IBM Cost of a Data Breach Report.  

Watch our blog for more predictions to come around new risks to data, the crucial role of data in the business, and the regulatory environment ahead…

In 2020, you moved your simple and easy workloads into a Cloud Data Platform like Snowflake but got stuck moving more sensitive data workloads for security, privacy, or compliance reasons. In this post, you’ll learn how easy it has become to pair your Cloud Data Platform with a fully SaaS delivered and credentialed security provider to overcome the challenges of using sensitive data in the cloud. Whether you're the data engineer, the data architect tasked to use the data, or the security engineer tasked with securing the data, pairing ALTR with Snowflake will help quickly turn a data workload ‘no’ into a workload ‘yes’!

The Beginning: Data is Awesome

We all remember our first time logging into that beautiful blue Snowflake web UI, running our first sample query on the sample data set, and how cool it felt. But we quickly got our snow boots under us and wanted to start using real data. At first, migration was easy. Let's pretend you're on the marketing analytics team and wanted to cross-reference your marketing spend in AdWords with this month's orders broken down by zip code — with a few clicks, you have easily added AdWords data into Snowflake as well as data from your eCommerce SaaS provider. You can now easily run reports either from the last 30 days or the last three years, and you didn't have to call IT. The rush of being in control of your marketing analytics destiny is pretty neat, so you begin to add other sources into Snowflake, removing data silos, and making your job easier and faster. This goes on for a few months, and everything is dandy.

The Middle: Data is Scary

Then you get the great idea of importing your customers' information from Salesforce Marketing Cloud emails and campaigns. You want this data to cross-reference web cookies or email responses to coupons you've been using. You'd also love to get some of the more sensitive data that still lives on-prem in a legacy operational database. Only this time when you go to quickly import this data, you are blocked first by the firewall — you don't have a username/password and you realize the security teams can see you trying to access that information, then you get a call from your local neighborhood DBA and security engineer. You explain what you were trying to do and show them all the cool stuff you've been doing with Snowflake and how much better the company will for the work. But they point out that you cannot just simply move this customer data as you did with the other data. It's at this moment that you realize you're standing on the edge of a cliff. This cliff looks dangerous and leads to a canyon that is vast and full of wild GDPR and CCPA animals as well as the worn-out brands that have had massive data breaches. The canyon is real and it causes everyone on that call, DBA, security, and you to stop in your tracks.

But on the other side of the canyon, you see increased revenues, reduced marketing waste, and more efficient campaigns. All things the business would love to have and use. So you begin to brainstorm with the security and DBA teams. “What if we just did this...?”, or “How about we try to port legacy security system X to Snowflake?” “Won't work,” says the DBA and security teams – running VPN connections between on-prem and Snowflake isn't possible; or the latency impact it will have makes using Snowflake not possible; or the privileged access management tool (PAM) you have doesn't support Snowflake and will never support Snowflake.

Everyone is on the same page trying to get across that canyon together but it seems hard to navigate the dangers of the canyon. You need a bridge. Something stable and safe you can walk on to cross the canyon and bring that customer data with you. It needs to be flexible enough to handle different types of data because if you can get the customer data you want across the canyon, then others will surely try to bring more sensitive data with them behind you. It needs to be strong enough to stand up to the dangers of the wild compliance and regulations animals below it all howling for your hard-earned revenue if you screw up. It almost feels like you can't make it across.

The End: Data is Safe

One day you wake up and see a post on LinkedIn from some guy who is a 2nd connection to the person you shared a cube with as an intern 6 years ago. He's talking about data security being delivered as SaaS, or DSaaS (Data Security as a Service), and how it has a native integration with Snowflake to help observe data access and detect and respond to improper access — they even offer tokenization of data at rest. All of this can be enabled quickly with Snowflake? They have attestations and certifications to store and control access to PCI, PII, and HIPAA data types. You reconvene the DBA and security engineering team, standing on the edge of the canyon once more, you spec out what could be a pretty nice bridge to get you across. This bridge is ALTR DSaaS. Everyone agrees after researching the product and trialing the software that this could be the answer.

From the trial, everyone learned that they could:

• Ensure each access to sensitive data is logged for as long as the business requires
• Integrate these logs into their central logging server or SIEM
• Ensure that only authorized users can view the sensitive data
• Quickly and easily set a policy that watches data access and prevents breaches by only allowing the right amount of it out to each user
• Utilize tokenziation as a service to make even their most sensitive data safe for use in the cloud

Low and behold, everyone’s boss signs off on the usage since ALTR DSaaS has the features and scalability needed to cross the canyon safely. You can now begin to move sensitive workloads without fear that someone will be able to steal credentials and take data. You know after running the trial that SQL injection attacks won't work with ALTR in place. You can provide all needed parties with Observability reports that policy is in place and is being enforced. ALTR DSaaS has satisfied even the most stringent of requirements because it extends beyond RBAC controls and places policy on data, ensuring that only authorized users access data, and only as much data as is allowed. Information at rest can be protected without the overhead of encryption keys, and the SaaS deployment matches Snowflake scale so the data is actually usable even with the highest levels of security.

Canyon crossed, goals achieved, next workload please.

To learn more about how ALTR can protect your sensitive data in the cloud, check out this white paper.