Data Access Policies

Data access control is an essential part of data security. It is crucial to ensure that users can only access the data they are authorized to, preventing unauthorized exposure and ensuring compliance with governance requirements.
With the rapid adoption of AI-driven tools, businesses increasingly depend on extensive data collaboration across multiple platforms and teams. While this collaboration enhances efficiency, it also introduces greater risks, making it easier to accidentally expose or intentionally misuse sensitive data. Implementing effective access control reduces these risks, making sure users and AI systems access only what they're explicitly allowed to access, keeping data secure and compliant.

Addressing today's business requirements demands dynamic and fine-grained data controls, which are primarily achieved through two Policy types: Row Access Policies and Masking Policies. Together, these Policies ensure that data access is appropriately controlled and dynamically masked based on user roles and other contextual attributes. Implementing these Policies enables organizations to enforce fine-grained access control, ensuring users can only access the data they are permitted to see while protecting sensitive information.

Row-Level Filtering Policies

Row-level security controls which record a user can access by filtering data based on defined Policies. By applying these Policies, organizations dynamically control data access according to both user Identity and data context.

Key Attributes

• Who can access: Access is determined by a set of rules based on Identity Attributes available in the target platform. Attributes such as department, location, or user group help define which users can access specific data.

  • For example: User Role = 'Senior Manager'.

• What data can be accessed: Specifies which rows a user can access based on Rulesets and filters defined within the Policies (e.g., customer type, location, or department).

• What data this applies to: Row-level Access Policies are associated with tables and views through data mappers to enforce governance and compliance.

Use Case Example

Consider a financial institution where customer data is stored in a large database table with 1,000 rows. A Row-Level Access Policy could be applied to filter data visibility based on predefined rulesets.

For example:
Senior Managers can only view rows corresponding to customers assigned to them.

Example Table

• Manager A can only view rows for Customer IDs 1001 and 1002.
• Manager B will only view Customer ID 1003.
• Manager C will only view Customer ID 1004.

Masking Policies

Masking Policies define how accessible data is displayed by defining instructions for masking specific columns within a dataset. They ensure that sensitive information, such as Personally Identifiable Information (PII), is transformed into an authorized and compliant format.

Masking Policies are dynamic and fine-grained, allowing enforcement based on contextual Attributes such as user role, department, location, and security level, ensuring flexible and adaptive data protection.

This allows authorized users to retrieve relevant data while ensuring sensitive information is protected in compliance with organizational policies.

Key Attributes

• Access Control: Unlike row access policies, masking policies focus on restricting access by defining who the masking instructions apply to.
• Masking Data: Specifies which columns or data fields within a row are subject to masking (e.g., location, account number, or personal information).
• Masking instructions: Determines how the data is masked, with common techniques including:
  • Replacing values with asterisks (*).
  • Replacing with a predefined constant value (e.g., "CONFIDENTIAL").
  • Showing only partial values while masking the rest (e.g., the last four digits of an account number).

Use Case Example

A sales representative may access customer transaction records but should not be able to view personally identifiable information. Additionally, when a user's location does not match the customer’s location, the masking policy ensures the following:

• The customer's name is fully masked with "XXXXX".
• The account number is partially masked, displaying only certain digits such as "1234-XXXX-XXXX-5678".

Example Scenario

John Doe, a sales representative based in New York, is allowed to see full customer details only for customers located in New York. For customers outside New York, the masking Policy applies.

Example Table

• Since John is based in New York, he can see Alice Smith’s full name and full account number.
• For customers in Los Angeles, Chicago, and Houston, their names are fully masked, and only the last four digits of their account numbers are visible.

This policy ensures that John only has access to the necessary data for his region, preventing unauthorized exposure of other customer records.

Combining Row Access and Column Masking Policies

Row Access and Column Masking Policies can be combined within a single Policy to enforce multi-layered data security.

1. Row Access rules filter the data to control which rows a user can see.
2. Column Masking rules apply to restrict sensitive information within those permitted rows.

Example Scenario

A financial institution stores customer transaction records in a database.

• A Row-level Access Policy ensures that managers can only view transaction records for customers assigned to them.
• Additionally, a Masking Policy applies to sensitive fields such as customer name and account number, ensuring PII is masked when a customer's location does not match the manager’s location.

Example Table

• Manager A logs in (New York):
  • Can access the first assigned row only.
  • Customer's name is masked.
  • Only the last four digits of the account number are visible due to the customer's location being in Los Angeles.