SlideShare a Scribd company logo

Snowflake Data Governance

S
ssuser538b022

Snowflake Data Governance

Data & Analytics
1 of 20
Download to read offline
© 2021 Snowflake Inc. All Rights Reserved SNOWFLAKE GOVERNANCE Natalie Nick - Novartis US Sales Engineer Tino Bourboulas - Novartis EMEA Sales Engineer
© 2021 Snowflake Inc. All Rights Reserved DATA GOVERNANCE CHALLENGES 2 Data Is Everywhere Must be able to eliminate silos inside and outside your organization Managing Data Is Unnecessarily Complex Knowing what your data is — and how it is being used — is hard Security and Governance Are Inherently Rigid Requires managing risk and changing regulations, while getting the most from your data
© 2020 Snowflake Inc. All Rights Reserved SNOWFLAKE PLATFORM 3 DATA SOURCES OLTP DATABASES ENTERPRISE APPLICATIONS THIRD-PARTY WEB/LOG DATA IoT DATA CONSUMERS DATA MONETIZATION OPERATIONAL REPORTING AD HOC ANALYSIS REAL-TIME ANALYTICS
© 2021 Snowflake Inc. All Rights Reserved SNOWFLAKE GOVERNANCE 4 Know Your Data Protect Your Data Understand, classify, and track data and its usage Secure sensitive data with policy-based access controls Securely collaborate and share data across teams Unlock Your Data
© 2021 Snowflake Inc. All Rights Reserved NEW / UPDATED GOVERNANCE CAPABILITIES Access History Object Tagging Classification Know Your Data – what it is, where it is Protect Your Data Know Your Data – who accessed it Conditional Masking Row Access Policies Anonymization 5 5
© 2021 Snowflake Inc. All Rights Reserved KNOW YOUR DATA Automatic Data Classification Why is it important? ● Risk management, compliance, and data security ● Personal data is easier to discover, protect, track and audit ● Prepares data for anonymization What is it? ● Process of analyzing data and tagging it according to its semantic and privacy categories Who does it impact? ● Data owner, Data engineer ● Security Admin, Compliance or Privacy Officer, CDO How does it work? ● System defined function invoked on a table returns the semantic and privacy categories of each column ● Data owner reviews the results, revises if necessary and then applies the tags ● Admin finds columns, applies policies and tracks usage Data owner runs Classification on specific table(s) Alex (Data Owner) name gender age zip_code phone John Smith male 39 79007 123-555-1234 Jane Doe female 50 77001 333-555-1236 Mary Taylor female 46 77020 222-333-1111 Ann Marshall female 48 77042 555-555-1234 Michael Gaines male 75 79003 666-666-1357 Admin finds columns with personal data based on classification Morgan ( Admin) PUBLIC GA PRIVATE DEV 6
© 2021 Snowflake Inc. All Rights Reserved PROTECT YOUR DATA Anonymization 7 Data Owner creates anonymized view Alex (Data Owner) Customer Table name gender age zip_code phone John Smith male 39 79007 123-555-1234 Jane Doe female 50 77001 333-555-1236 Mary Taylor female 46 77020 222-333-1111 Michael Gaines male 37 79003 666-666-1357 Taylor (Data Analyst) name gender age zip_code phone **** male [36-40] 790** ***-***-**** **** female [46-50] 770** ***-***-**** **** female [46-50] 770** ***-***-**** **** male [36-40] 790** ***-***-**** Anonymized View Data Analyst queries anonymized view Admin defines policies Morgan (Admin) PUBLIC GA PRIVATE DEV Why is it important? ● Risk management and compliance ● Retains analytical value ● Unique vs competitors (native anonymity) What is it? ● An irreversible process of de-identifying data according to k- Anonymity (industry standard) Who does it impact? ● Data Owner, Data Engineer ● Security Admin, Compliance or Privacy Officer, CDO ● Data Analyst, Data Scientist How does it work? ● Create an anonymized view that has the k-Anonymity property ● Remove directly identifying information ● Generalize or suppress indirectly or quasi identifying information into groups of at least size k
© 2021 Snowflake Inc. All Rights Reserved Data owner assigns with tag value OBJECT TAGGING ID SSN Phone 101 ********* 248-222-3333 102 ********* 800-778-9904 103 ********* 415-887-8888 Admin creates custom tags Alex (Data Owner) Admin audits tagged objects Morgan (Admin) Morgan (Admin) Confidentiality Track Sensitive Data and Compute Objects PII_Type Department Confidentiality Sensitive PII_Type Phone Department Sales PUBLIC GA PRIVATE 8 8 DEV Why is it important? ● Track sensitive information to satisfy regulatory compliance (GDPR/CCPA, SOX) audit and protection. ● Track resource usage for cost attribution by cost center, department, client etc. What is it? ● Easy-to-manage, scalable way to associate metadata with objects. ● Customers can custom create a tag (new Snowflake object) and assign to any supported object such as column, table, or warehouse in their account. Who does it impact? ● Data owner, Data engineer, Data Stewards ● Security Admin, Compliance or Privacy Officer, CDO How does it work? ● Track sensitive data and resources across an account in three simple steps: Create Tags, Assign to Objects, Audit. ● Privileges for centralized and decentralized tag assignment.
© 2021 Snowflake Inc. All Rights Reserved OBJECT TAGGING Key Capabilities Currently Available: ● Create tags ● Assign tags to objects (warehouse, role, user, database, schema, table, view, column) ● Display tags and relationships with objects using account usage views and functions (e.g. “display all columns associated with tag_x”, “display all tags associated with table_y”) ● Display tag lineage: a. If a tag is assigned to a database, all objects within that database will adopt the tag. b. Users can use a function (e.g. “get_tag_by_lineage”) to display all of the tags for an object that were assigned via lineage ● Today, customers leverage Stored Procedures to scan tags and apply policies based on the tag value Future Roadmap: ● Associate a policy with a tag: Users will be able to associate a policy with a tag, which will automatically enforce policies for other objects based on shared tags. For example - if tag “pii” is associated with policy “pii_string”, and the tag is applied to a table “customer_data”, then the table will automatically inherit the “pii_string” policy (which will dynamically mask the string columns). ● Use tags in conditional logic of policy: Instead of just using the user’s current role, look for the tag on the role (using function “get current tag on role”) - and if tag is approved for data, will grant/deny access.
© 2021 Snowflake Inc. All Rights Reserved DEMO OBJECT TAGGING
© 2021 Snowflake Inc. All Rights Reserved ROW ACCESS POLICIES Dynamically Filter Unauthorized Rows (Policy Admin) Role Allowed Region EU_RL Europe NA_RL North America Policy Look up Customer Spend Region ACME $820,000 North America Koko $2,100,00 North America AGM $5,757,00 Europe Kira $228,000 Asia Table: Sales Table: Entitlement Customer Spend Region AGM $5,757,000 Europe Customer Spend Region ACME $820,000 North America Koko $2,100,00 North America Jordan (Role: EU_RL) Alex (Role: NA_RL) Apply PUBLIC GA PRIVATE 11 11 DEV Why is it important? ● Saves cost and time by reducing management overhead associated with alternatives. ● Improves security posture by centralizing access policy. ● Unlocks data by eliminating data silos while complying with compliance requirements. What is it? ● Easy-to-manage row-level security that dynamically filters rows in a table based on querying user’s authorization. Who does it impact? ● Data Engineers, Security Admin, Compliance or Privacy Officer, CDO How does it work? ● Enforce row level security with four easy steps: Create a policy, Assign to Tables/Views, Enforce row filtering, Audit assignments. ● Privileges for centralized and decentralized policy assignment.
© 2020 Snowflake Inc. All Rights Reserved COLUMN LEVEL SECURITY 12 Dynamic Data Masking External Tokenization AND Alex (Unauthorized) Morgan (Authorized) ID Phone SSN 101 ***-***-5534 ********* 102 ***-***-3564 ********* 103 ***-***-9787 ********* ID Phone SSN 101 408-123-5534 ********* 102 510-335-3564 ********* 103 214-553-9787 ********* Masking Policies INGEST RAW DATA Alex (Unauthorized) Morgan (Authorized) ID Phone SSN 101 882-345-8344 213-44-5563 102 980-234-8934 369-77-0088 103 512-345-6443 802-44-9984 ID Phone SSN 101 408-123-5534 369-22-7781 102 510-335-3564 787-12-3345 103 214-553-9787 312-88-3421 Masking Policies INGEST TOKENIZED DATA External Functions API Gateway De- Tokenization API Customer VPC / VNet PUBLIC GA PRIVATE
© 2020 Snowflake Computing Inc. All Rights Reserved Ingestion And Consumption Policies ID Phone SSN 101 408-123-5534 387-78-3456 102 510-334-3564 226-44-8908 103 214-553-9787 359-9987-0098 ID Phone SSN 101 ***-**-5534 ******** 102 ***-**-3564 ******** 103 ***-**-9787 ******** Alice (unauthorized) Bob (authorized) Ingest raw data Dynamically mask protected (PII, PHI) column data at query time • No change to the stored data • Mask or partial mask using constant value, hash, and custom functions • Unmask for authorized users only Policy based control • Table/View owners and privileged users (such as accountadmin) unauthorized by default • Centralized policy mgt Ease of Management • Apply single policy to multiple columns • Prevent secure view explosion
© 2020 Snowflake Computing Inc. All Rights Reserved Dynamic Data Masking Policies DB 1 Table 1 Column 1 DB 1 View 1 Column 1 DB n Table n Column n <policy condition> <masking function> Masking Policy Resource(s) Policy Admin Apply CASE WHEN invoker_role() IN (‘pii_role’) THEN val WHEN invoker_role() IN (‘support’) THEN regexp_replace(val,'.+@','*****@') ELSE ‘********’ END; Masking Policy Example Unmask Partial mask Mask Masking Policy • Policy contains condition(s) and masking function to apply under those conditions • Policy is applied to one or more table, view, or external table columns in an account • Nested policy execution for views - policy on table executed before policy on view(s) Supports • All data types • Data sharing • Streams • Clone carries over policy associations
© 2019 Snowflake Computing Inc. All Rights Reserved CREATE MASKING POLICY <name> AS (val <data_type>) returns <data_type> -> (SQL expression on val); Example: CREATE MASKING POLICY email_mask AS (val string) returns string -> CASE WHEN current_role() IN ('ANALYST') THEN val ELSE '***MASKED***' END; Create Masking Policy
© 2021 Snowflake Inc. All Rights Reserved ALTER {TABLE | VIEW} <name> MODIFY COLUMN <col_name> [UN]SET MASKING POLICY <name>; Example: ALTER TABLE customer MODIFY COLUMN email SET MASKING POLICY email_mask; ALTER VIEW customer_v MODIFY COLUMN email SET MASKING POLICY email_mask; Note: policies can also be applied to external tables. Apply Masking Policy To Column(s)
© 2021 Snowflake Inc. All Rights Reserved DEMO COLUMN AND ROW-LEVEL POLICIES
© 2021 Snowflake Inc. All Rights Reserved Select * from Info; ID Phone Unique_ID 101 248-222-3333 333-78-9999 102 800-778-9904 779-66-8908 103 415-887-8888 111-00-8888 View: INFO (Directly Accessed) Table: SENSITIVE ID SSN 101 333-78-9999 102 779-66-8908 103 111-00-8888 Table: CONTACT ID Mobile 101 248-222-3333 102 800-778-9904 103 415-887-8888 Log Access History User Tables Columns Taylor Info, Sensitive, Contact ID, Phone, Unique_ID, SSN, Mobile Morgan Sensitive ID, SSN Select * from Sensitive; PUBLIC GA PRIVATE Taylor (Privileged User) Morgan (Admin) ACCESS HISTORY Satisfy Regulatory Compliance, Understand Usage with Column-level Access Visibility 18 18 DEV Why is it important? ● Satisfy Compliance Audits for SOX, PII, and other sensitive data access with audit reports. ● Optimize storage with visibility of unused tables and columns. ● Lowers cost by eliminating need to parse query statements. ● Unique column-level viz vs. Cloud competitors What is it? ● A new Account_Usage view with records of tables and columns directly and indirectly accessed by each query. Who does it impact? ● Data owner, Data engineer, Data Stewards ● Security Admin, Compliance or Privacy Officer, CDO
© 2021 Snowflake Inc. All Rights Reserved PUBLIC GA PRIVATE CONDITIONAL MASKING POLICIES Conditional Unmasking Jordan (Role: Sales) Alex (Role: Finance) name dept zip_code phone John Smith Sales 79007 123-555-1234 Jane Doe Sales 77001 333-555-1236 Mary Taylor Finance 77020 ***-***-1111 Ann Marshall Finance 77042 ***-***-1234 Michael Gaines Finance 79003 ***-***-1357 name dept zip_code phone John Smith Sales 79007 ***-***-1234 Jane Doe Sales 77001 ***-***-1236 Mary Taylor Finance 77020 222-333-1111 Ann Marshall Finance 77042 555-555-1234 Michael Gaines Finance 79003 666-666-1357 INGEST RAW DATA 19 19 DEV Conditionally Mask Based on Value in Other Column(s) Why is it important? ● Unique to Snowflake vs other Cloud DWs ● Demonstrates Snowflake investments to address fine- grained data access control needs ● Provides fine-grained access controls without creating silos or increasing management overhead What is it? ● Mask protected field-level data based on value in another column(s) Who does it impact? ● Data owner, Data engineer, Data Stewards ● Security Admin, Compliance or Privacy Officer, CDO How does it work? ● Enhances MASKING POLICY to take condition column(s) as input for masking decision.
© 2021 Snowflake Inc. All Rights Reserved

Recommended

Snowflake: The Good, the Bad, and the Ugly
Snowflake: The Good, the Bad, and the UglySnowflake: The Good, the Bad, and the Ugly
Snowflake: The Good, the Bad, and the UglyTyler Wishnoff
 
Melbourne: Certus Data 2.0 Vault Meetup with Snowflake - Data Vault In The Cl...
Melbourne: Certus Data 2.0 Vault Meetup with Snowflake - Data Vault In The Cl...Melbourne: Certus Data 2.0 Vault Meetup with Snowflake - Data Vault In The Cl...
Melbourne: Certus Data 2.0 Vault Meetup with Snowflake - Data Vault In The Cl...Certus Solutions
 
How to Take Advantage of an Enterprise Data Warehouse in the Cloud
How to Take Advantage of an Enterprise Data Warehouse in the CloudHow to Take Advantage of an Enterprise Data Warehouse in the Cloud
How to Take Advantage of an Enterprise Data Warehouse in the CloudDenodo
 
Snowflake for Data Engineering
Snowflake for Data EngineeringSnowflake for Data Engineering
Snowflake for Data EngineeringHarald Erb
 
Intro to Data Vault 2.0 on Snowflake
Intro to Data Vault 2.0 on SnowflakeIntro to Data Vault 2.0 on Snowflake
Intro to Data Vault 2.0 on SnowflakeKent Graziano
 
Data Mesh for Dinner
Data Mesh for DinnerData Mesh for Dinner
Data Mesh for DinnerKent Graziano
 
Snowflake Datawarehouse Architecturing
Snowflake Datawarehouse ArchitecturingSnowflake Datawarehouse Architecturing
Snowflake Datawarehouse ArchitecturingIshan Bhawantha Hewanayake
 
Data Sharing with Snowflake
Data Sharing with SnowflakeData Sharing with Snowflake
Data Sharing with SnowflakeSnowflake Computing
 

Recommended

Snowflake: The Good, the Bad, and the Ugly
Snowflake: The Good, the Bad, and the UglySnowflake: The Good, the Bad, and the Ugly
Snowflake: The Good, the Bad, and the UglyTyler Wishnoff
 
Melbourne: Certus Data 2.0 Vault Meetup with Snowflake - Data Vault In The Cl...
Melbourne: Certus Data 2.0 Vault Meetup with Snowflake - Data Vault In The Cl...Melbourne: Certus Data 2.0 Vault Meetup with Snowflake - Data Vault In The Cl...
Melbourne: Certus Data 2.0 Vault Meetup with Snowflake - Data Vault In The Cl...Certus Solutions
 
How to Take Advantage of an Enterprise Data Warehouse in the Cloud
How to Take Advantage of an Enterprise Data Warehouse in the CloudHow to Take Advantage of an Enterprise Data Warehouse in the Cloud
How to Take Advantage of an Enterprise Data Warehouse in the CloudDenodo
 
Snowflake for Data Engineering
Snowflake for Data EngineeringSnowflake for Data Engineering
Snowflake for Data EngineeringHarald Erb
 
Intro to Data Vault 2.0 on Snowflake
Intro to Data Vault 2.0 on SnowflakeIntro to Data Vault 2.0 on Snowflake
Intro to Data Vault 2.0 on SnowflakeKent Graziano
 
Data Mesh for Dinner
Data Mesh for DinnerData Mesh for Dinner
Data Mesh for DinnerKent Graziano
 
Snowflake Datawarehouse Architecturing
Snowflake Datawarehouse ArchitecturingSnowflake Datawarehouse Architecturing
Snowflake Datawarehouse ArchitecturingIshan Bhawantha Hewanayake
 
Data Sharing with Snowflake
Data Sharing with SnowflakeData Sharing with Snowflake
Data Sharing with SnowflakeSnowflake Computing
 
Snowflake Architecture.pptx
Snowflake Architecture.pptxSnowflake Architecture.pptx
Snowflake Architecture.pptxchennakesava44
 
Master the Multi-Clustered Data Warehouse - Snowflake
Master the Multi-Clustered Data Warehouse - SnowflakeMaster the Multi-Clustered Data Warehouse - Snowflake
Master the Multi-Clustered Data Warehouse - SnowflakeMatillion
 
Snowflake Data Science and AI/ML at Scale
Snowflake Data Science and AI/ML at ScaleSnowflake Data Science and AI/ML at Scale
Snowflake Data Science and AI/ML at ScaleAdam Doyle
 
The Marriage of the Data Lake and the Data Warehouse and Why You Need Both
The Marriage of the Data Lake and the Data Warehouse and Why You Need BothThe Marriage of the Data Lake and the Data Warehouse and Why You Need Both
The Marriage of the Data Lake and the Data Warehouse and Why You Need BothAdaryl "Bob" Wakefield, MBA
 
Elastic Data Warehousing
Elastic Data WarehousingElastic Data Warehousing
Elastic Data WarehousingSnowflake Computing
 
Actionable Insights with AI - Snowflake for Data Science
Actionable Insights with AI - Snowflake for Data ScienceActionable Insights with AI - Snowflake for Data Science
Actionable Insights with AI - Snowflake for Data ScienceHarald Erb
 
Data Lakehouse, Data Mesh, and Data Fabric (r1)
Data Lakehouse, Data Mesh, and Data Fabric (r1)Data Lakehouse, Data Mesh, and Data Fabric (r1)
Data Lakehouse, Data Mesh, and Data Fabric (r1)James Serra
 
Snowflake Overview
Snowflake OverviewSnowflake Overview
Snowflake OverviewSnowflake Computing
 
Introducing the Snowflake Computing Cloud Data Warehouse
Introducing the Snowflake Computing Cloud Data WarehouseIntroducing the Snowflake Computing Cloud Data Warehouse
Introducing the Snowflake Computing Cloud Data WarehouseSnowflake Computing
 
How a Semantic Layer Makes Data Mesh Work at Scale
How a Semantic Layer Makes Data Mesh Work at ScaleHow a Semantic Layer Makes Data Mesh Work at Scale
How a Semantic Layer Makes Data Mesh Work at ScaleDATAVERSITY
 
Data Mesh
Data MeshData Mesh
Data MeshPiethein Strengholt
 
Introduction to snowflake
Introduction to snowflakeIntroduction to snowflake
Introduction to snowflakeSunil Gurav
 
Demystifying Data Warehousing as a Service - DFW
Demystifying Data Warehousing as a Service - DFWDemystifying Data Warehousing as a Service - DFW
Demystifying Data Warehousing as a Service - DFWKent Graziano
 
Delivering Data Democratization in the Cloud with Snowflake
Delivering Data Democratization in the Cloud with SnowflakeDelivering Data Democratization in the Cloud with Snowflake
Delivering Data Democratization in the Cloud with SnowflakeKent Graziano
 
How to Strengthen Enterprise Data Governance with Data Quality
How to Strengthen Enterprise Data Governance with Data QualityHow to Strengthen Enterprise Data Governance with Data Quality
How to Strengthen Enterprise Data Governance with Data QualityDATAVERSITY
 
Data Warehousing Trends, Best Practices, and Future Outlook
Data Warehousing Trends, Best Practices, and Future OutlookData Warehousing Trends, Best Practices, and Future Outlook
Data Warehousing Trends, Best Practices, and Future OutlookJames Serra
 
Building the Data Lake with Azure Data Factory and Data Lake Analytics
Building the Data Lake with Azure Data Factory and Data Lake AnalyticsBuilding the Data Lake with Azure Data Factory and Data Lake Analytics
Building the Data Lake with Azure Data Factory and Data Lake AnalyticsKhalid Salama
 
Zero to Snowflake Presentation
Zero to Snowflake Presentation Zero to Snowflake Presentation
Zero to Snowflake Presentation Brett VanderPlaats
 
Time to Talk about Data Mesh
Time to Talk about Data MeshTime to Talk about Data Mesh
Time to Talk about Data MeshLibbySchulze
 
Enterprise Architecture vs. Data Architecture
Enterprise Architecture vs. Data ArchitectureEnterprise Architecture vs. Data Architecture
Enterprise Architecture vs. Data ArchitectureDATAVERSITY
 
Data Privacy Patterns in databricks for data engineering professional certifi...
Data Privacy Patterns in databricks for data engineering professional certifi...Data Privacy Patterns in databricks for data engineering professional certifi...
Data Privacy Patterns in databricks for data engineering professional certifi...TusharAgarwal49094
 
Organizational compliance and security SQL 2012-2019 by George Walters
Organizational compliance and security SQL 2012-2019 by George WaltersOrganizational compliance and security SQL 2012-2019 by George Walters
Organizational compliance and security SQL 2012-2019 by George WaltersGeorge Walters
 

More Related Content

What's hot

Snowflake Architecture.pptx
Snowflake Architecture.pptxSnowflake Architecture.pptx
Snowflake Architecture.pptxchennakesava44
 
Master the Multi-Clustered Data Warehouse - Snowflake
Master the Multi-Clustered Data Warehouse - SnowflakeMaster the Multi-Clustered Data Warehouse - Snowflake
Master the Multi-Clustered Data Warehouse - SnowflakeMatillion
 
Snowflake Data Science and AI/ML at Scale
Snowflake Data Science and AI/ML at ScaleSnowflake Data Science and AI/ML at Scale
Snowflake Data Science and AI/ML at ScaleAdam Doyle
 
The Marriage of the Data Lake and the Data Warehouse and Why You Need Both
The Marriage of the Data Lake and the Data Warehouse and Why You Need BothThe Marriage of the Data Lake and the Data Warehouse and Why You Need Both
The Marriage of the Data Lake and the Data Warehouse and Why You Need BothAdaryl "Bob" Wakefield, MBA
 
Actionable Insights with AI - Snowflake for Data Science
Actionable Insights with AI - Snowflake for Data ScienceActionable Insights with AI - Snowflake for Data Science
Actionable Insights with AI - Snowflake for Data ScienceHarald Erb
 
Data Lakehouse, Data Mesh, and Data Fabric (r1)
Data Lakehouse, Data Mesh, and Data Fabric (r1)Data Lakehouse, Data Mesh, and Data Fabric (r1)
Data Lakehouse, Data Mesh, and Data Fabric (r1)James Serra
 
Introducing the Snowflake Computing Cloud Data Warehouse
Introducing the Snowflake Computing Cloud Data WarehouseIntroducing the Snowflake Computing Cloud Data Warehouse
Introducing the Snowflake Computing Cloud Data WarehouseSnowflake Computing
 
How a Semantic Layer Makes Data Mesh Work at Scale
How a Semantic Layer Makes Data Mesh Work at ScaleHow a Semantic Layer Makes Data Mesh Work at Scale
How a Semantic Layer Makes Data Mesh Work at ScaleDATAVERSITY
 
Introduction to snowflake
Introduction to snowflakeIntroduction to snowflake
Introduction to snowflakeSunil Gurav
 
Demystifying Data Warehousing as a Service - DFW
Demystifying Data Warehousing as a Service - DFWDemystifying Data Warehousing as a Service - DFW
Demystifying Data Warehousing as a Service - DFWKent Graziano
 
Delivering Data Democratization in the Cloud with Snowflake
Delivering Data Democratization in the Cloud with SnowflakeDelivering Data Democratization in the Cloud with Snowflake
Delivering Data Democratization in the Cloud with SnowflakeKent Graziano
 
How to Strengthen Enterprise Data Governance with Data Quality
How to Strengthen Enterprise Data Governance with Data QualityHow to Strengthen Enterprise Data Governance with Data Quality
How to Strengthen Enterprise Data Governance with Data QualityDATAVERSITY
 
Data Warehousing Trends, Best Practices, and Future Outlook
Data Warehousing Trends, Best Practices, and Future OutlookData Warehousing Trends, Best Practices, and Future Outlook
Data Warehousing Trends, Best Practices, and Future OutlookJames Serra
 
Building the Data Lake with Azure Data Factory and Data Lake Analytics
Building the Data Lake with Azure Data Factory and Data Lake AnalyticsBuilding the Data Lake with Azure Data Factory and Data Lake Analytics
Building the Data Lake with Azure Data Factory and Data Lake AnalyticsKhalid Salama
 
Zero to Snowflake Presentation
Zero to Snowflake Presentation Zero to Snowflake Presentation
Zero to Snowflake Presentation Brett VanderPlaats
 
Time to Talk about Data Mesh
Time to Talk about Data MeshTime to Talk about Data Mesh
Time to Talk about Data MeshLibbySchulze
 
Enterprise Architecture vs. Data Architecture
Enterprise Architecture vs. Data ArchitectureEnterprise Architecture vs. Data Architecture
Enterprise Architecture vs. Data ArchitectureDATAVERSITY
 

What's hot (20)

Snowflake Architecture.pptx
Snowflake Architecture.pptxSnowflake Architecture.pptx
Snowflake Architecture.pptx
 
Master the Multi-Clustered Data Warehouse - Snowflake
Master the Multi-Clustered Data Warehouse - SnowflakeMaster the Multi-Clustered Data Warehouse - Snowflake
Master the Multi-Clustered Data Warehouse - Snowflake
 
Snowflake Data Science and AI/ML at Scale
Snowflake Data Science and AI/ML at ScaleSnowflake Data Science and AI/ML at Scale
Snowflake Data Science and AI/ML at Scale
 
The Marriage of the Data Lake and the Data Warehouse and Why You Need Both
The Marriage of the Data Lake and the Data Warehouse and Why You Need BothThe Marriage of the Data Lake and the Data Warehouse and Why You Need Both
The Marriage of the Data Lake and the Data Warehouse and Why You Need Both
 
Elastic Data Warehousing
Elastic Data WarehousingElastic Data Warehousing
Elastic Data Warehousing
 
Actionable Insights with AI - Snowflake for Data Science
Actionable Insights with AI - Snowflake for Data ScienceActionable Insights with AI - Snowflake for Data Science
Actionable Insights with AI - Snowflake for Data Science
 
Data Lakehouse, Data Mesh, and Data Fabric (r1)
Data Lakehouse, Data Mesh, and Data Fabric (r1)Data Lakehouse, Data Mesh, and Data Fabric (r1)
Data Lakehouse, Data Mesh, and Data Fabric (r1)
 
Snowflake Overview
Snowflake OverviewSnowflake Overview
Snowflake Overview
 
Introducing the Snowflake Computing Cloud Data Warehouse
Introducing the Snowflake Computing Cloud Data WarehouseIntroducing the Snowflake Computing Cloud Data Warehouse
Introducing the Snowflake Computing Cloud Data Warehouse
 
How a Semantic Layer Makes Data Mesh Work at Scale
How a Semantic Layer Makes Data Mesh Work at ScaleHow a Semantic Layer Makes Data Mesh Work at Scale
How a Semantic Layer Makes Data Mesh Work at Scale
 
Data Mesh
Data MeshData Mesh
Data Mesh
 
Introduction to snowflake
Introduction to snowflakeIntroduction to snowflake
Introduction to snowflake
 
Demystifying Data Warehousing as a Service - DFW
Demystifying Data Warehousing as a Service - DFWDemystifying Data Warehousing as a Service - DFW
Demystifying Data Warehousing as a Service - DFW
 
Delivering Data Democratization in the Cloud with Snowflake
Delivering Data Democratization in the Cloud with SnowflakeDelivering Data Democratization in the Cloud with Snowflake
Delivering Data Democratization in the Cloud with Snowflake
 
How to Strengthen Enterprise Data Governance with Data Quality
How to Strengthen Enterprise Data Governance with Data QualityHow to Strengthen Enterprise Data Governance with Data Quality
How to Strengthen Enterprise Data Governance with Data Quality
 
Data Warehousing Trends, Best Practices, and Future Outlook
Data Warehousing Trends, Best Practices, and Future OutlookData Warehousing Trends, Best Practices, and Future Outlook
Data Warehousing Trends, Best Practices, and Future Outlook
 
Building the Data Lake with Azure Data Factory and Data Lake Analytics
Building the Data Lake with Azure Data Factory and Data Lake AnalyticsBuilding the Data Lake with Azure Data Factory and Data Lake Analytics
Building the Data Lake with Azure Data Factory and Data Lake Analytics
 
Zero to Snowflake Presentation
Zero to Snowflake Presentation Zero to Snowflake Presentation
Zero to Snowflake Presentation
 
Time to Talk about Data Mesh
Time to Talk about Data MeshTime to Talk about Data Mesh
Time to Talk about Data Mesh
 
Enterprise Architecture vs. Data Architecture
Enterprise Architecture vs. Data ArchitectureEnterprise Architecture vs. Data Architecture
Enterprise Architecture vs. Data Architecture
 

Similar to Snowflake Data Governance

Data Privacy Patterns in databricks for data engineering professional certifi...
Data Privacy Patterns in databricks for data engineering professional certifi...Data Privacy Patterns in databricks for data engineering professional certifi...
Data Privacy Patterns in databricks for data engineering professional certifi...TusharAgarwal49094
 
Organizational compliance and security SQL 2012-2019 by George Walters
Organizational compliance and security SQL 2012-2019 by George WaltersOrganizational compliance and security SQL 2012-2019 by George Walters
Organizational compliance and security SQL 2012-2019 by George WaltersGeorge Walters
 
GDPR Webinar January 2018
GDPR Webinar January 2018GDPR Webinar January 2018
GDPR Webinar January 2018EDB
 
5 Ways to Make Your Postgres GDPR-Ready
5 Ways to Make Your Postgres GDPR-Ready5 Ways to Make Your Postgres GDPR-Ready
5 Ways to Make Your Postgres GDPR-ReadyEDB
 
Isaca how innovation can bridge the gap between privacy and regulations
Isaca how innovation can bridge the gap between privacy and regulationsIsaca how innovation can bridge the gap between privacy and regulations
Isaca how innovation can bridge the gap between privacy and regulationsUlf Mattsson
 
Data-Ed Webinar: Data Modeling Fundamentals
Data-Ed Webinar: Data Modeling FundamentalsData-Ed Webinar: Data Modeling Fundamentals
Data-Ed Webinar: Data Modeling FundamentalsDATAVERSITY
 
How to Get More from Google Data Studio with SEMrush
How to Get More from Google Data Studio with SEMrushHow to Get More from Google Data Studio with SEMrush
How to Get More from Google Data Studio with SEMrushSearch Engine Journal
 
Security Quick Tour
Security Quick TourSecurity Quick Tour
Security Quick TourActive Base
 
Bridging the gap between privacy and big data Ulf Mattsson - Protegrity Sep 10
Bridging the gap between privacy and big data Ulf Mattsson - Protegrity Sep 10Bridging the gap between privacy and big data Ulf Mattsson - Protegrity Sep 10
Bridging the gap between privacy and big data Ulf Mattsson - Protegrity Sep 10Ulf Mattsson
 
Oracle Key Vault Data Subsetting and Masking
Oracle Key Vault Data Subsetting and MaskingOracle Key Vault Data Subsetting and Masking
Oracle Key Vault Data Subsetting and MaskingDLT Solutions
 
Keeping Private Data Private
Keeping Private Data PrivateKeeping Private Data Private
Keeping Private Data PrivateDobler Consulting
 
Ethyca CodeDriven - Data Privacy Compliance for Engineers & Data Teams
Ethyca CodeDriven - Data Privacy Compliance for Engineers & Data TeamsEthyca CodeDriven - Data Privacy Compliance for Engineers & Data Teams
Ethyca CodeDriven - Data Privacy Compliance for Engineers & Data TeamsCillian Kieran
 
How to Maximize Data Governance in Snowflake Test Environment
How to Maximize Data Governance in Snowflake Test EnvironmentHow to Maximize Data Governance in Snowflake Test Environment
How to Maximize Data Governance in Snowflake Test EnvironmentJade Global
 
Delivering fast, powerful and scalable analytics #OPEN18
Delivering fast, powerful and scalable analytics #OPEN18Delivering fast, powerful and scalable analytics #OPEN18
Delivering fast, powerful and scalable analytics #OPEN18Kangaroot
 
Graph Database 101- What, Why and How?.pdf
Graph Database 101- What, Why and How?.pdfGraph Database 101- What, Why and How?.pdf
Graph Database 101- What, Why and How?.pdfNeo4j
 
Essential Reference and Master Data Management
Essential Reference and Master Data ManagementEssential Reference and Master Data Management
Essential Reference and Master Data ManagementDATAVERSITY
 
Mike lawell executionplansformeremortals_2015
Mike lawell executionplansformeremortals_2015Mike lawell executionplansformeremortals_2015
Mike lawell executionplansformeremortals_2015mlawell
 
Beware of the Risk Behind Big Data
Beware of the Risk Behind Big DataBeware of the Risk Behind Big Data
Beware of the Risk Behind Big DataEMC
 

Similar to Snowflake Data Governance (20)

Data Privacy Patterns in databricks for data engineering professional certifi...
Data Privacy Patterns in databricks for data engineering professional certifi...Data Privacy Patterns in databricks for data engineering professional certifi...
Data Privacy Patterns in databricks for data engineering professional certifi...
 
Organizational compliance and security SQL 2012-2019 by George Walters
Organizational compliance and security SQL 2012-2019 by George WaltersOrganizational compliance and security SQL 2012-2019 by George Walters
Organizational compliance and security SQL 2012-2019 by George Walters
 
GDPR Webinar January 2018
GDPR Webinar January 2018GDPR Webinar January 2018
GDPR Webinar January 2018
 
5 Ways to Make Your Postgres GDPR-Ready
5 Ways to Make Your Postgres GDPR-Ready5 Ways to Make Your Postgres GDPR-Ready
5 Ways to Make Your Postgres GDPR-Ready
 
Isaca how innovation can bridge the gap between privacy and regulations
Isaca how innovation can bridge the gap between privacy and regulationsIsaca how innovation can bridge the gap between privacy and regulations
Isaca how innovation can bridge the gap between privacy and regulations
 
Data-Ed Webinar: Data Modeling Fundamentals
Data-Ed Webinar: Data Modeling FundamentalsData-Ed Webinar: Data Modeling Fundamentals
Data-Ed Webinar: Data Modeling Fundamentals
 
How to Get More from Google Data Studio with SEMrush
How to Get More from Google Data Studio with SEMrushHow to Get More from Google Data Studio with SEMrush
How to Get More from Google Data Studio with SEMrush
 
Security Quick Tour
Security Quick TourSecurity Quick Tour
Security Quick Tour
 
Bridging the gap between privacy and big data Ulf Mattsson - Protegrity Sep 10
Bridging the gap between privacy and big data Ulf Mattsson - Protegrity Sep 10Bridging the gap between privacy and big data Ulf Mattsson - Protegrity Sep 10
Bridging the gap between privacy and big data Ulf Mattsson - Protegrity Sep 10
 
Database modeling and security
Database modeling and securityDatabase modeling and security
Database modeling and security
 
Oracle Key Vault Data Subsetting and Masking
Oracle Key Vault Data Subsetting and MaskingOracle Key Vault Data Subsetting and Masking
Oracle Key Vault Data Subsetting and Masking
 
Keeping Private Data Private
Keeping Private Data PrivateKeeping Private Data Private
Keeping Private Data Private
 
Ethyca CodeDriven - Data Privacy Compliance for Engineers & Data Teams
Ethyca CodeDriven - Data Privacy Compliance for Engineers & Data TeamsEthyca CodeDriven - Data Privacy Compliance for Engineers & Data Teams
Ethyca CodeDriven - Data Privacy Compliance for Engineers & Data Teams
 
How to Maximize Data Governance in Snowflake Test Environment
How to Maximize Data Governance in Snowflake Test EnvironmentHow to Maximize Data Governance in Snowflake Test Environment
How to Maximize Data Governance in Snowflake Test Environment
 
Delivering fast, powerful and scalable analytics #OPEN18
Delivering fast, powerful and scalable analytics #OPEN18Delivering fast, powerful and scalable analytics #OPEN18
Delivering fast, powerful and scalable analytics #OPEN18
 
Graph Database 101- What, Why and How?.pdf
Graph Database 101- What, Why and How?.pdfGraph Database 101- What, Why and How?.pdf
Graph Database 101- What, Why and How?.pdf
 
Essential Reference and Master Data Management
Essential Reference and Master Data ManagementEssential Reference and Master Data Management
Essential Reference and Master Data Management
 
SEAGATE
SEAGATESEAGATE
SEAGATE
 
Mike lawell executionplansformeremortals_2015
Mike lawell executionplansformeremortals_2015Mike lawell executionplansformeremortals_2015
Mike lawell executionplansformeremortals_2015
 
Beware of the Risk Behind Big Data
Beware of the Risk Behind Big DataBeware of the Risk Behind Big Data
Beware of the Risk Behind Big Data
 

Recently uploaded

20240419 - Measurecamp Amsterdam - SAM.pdf
20240419 - Measurecamp Amsterdam - SAM.pdf20240419 - Measurecamp Amsterdam - SAM.pdf
20240419 - Measurecamp Amsterdam - SAM.pdfHuman37
 
Indian Call Girls in Abu Dhabi O5286O24O8 Call Girls in Abu Dhabi By Independ...
Indian Call Girls in Abu Dhabi O5286O24O8 Call Girls in Abu Dhabi By Independ...Indian Call Girls in Abu Dhabi O5286O24O8 Call Girls in Abu Dhabi By Independ...
Indian Call Girls in Abu Dhabi O5286O24O8 Call Girls in Abu Dhabi By Independ...dajasot375
 
{Pooja: 9892124323 } Call Girl in Mumbai | Jas Kaur Rate 4500 Free Hotel Del...
{Pooja: 9892124323 } Call Girl in Mumbai | Jas Kaur Rate 4500 Free Hotel Del...{Pooja: 9892124323 } Call Girl in Mumbai | Jas Kaur Rate 4500 Free Hotel Del...
{Pooja: 9892124323 } Call Girl in Mumbai | Jas Kaur Rate 4500 Free Hotel Del...Pooja Nehwal
 
04242024_CCC TUG_Joins and Relationships
04242024_CCC TUG_Joins and Relationships04242024_CCC TUG_Joins and Relationships
04242024_CCC TUG_Joins and Relationshipsccctableauusergroup
 
Schema on read is obsolete. Welcome metaprogramming..pdf
Schema on read is obsolete. Welcome metaprogramming..pdfSchema on read is obsolete. Welcome metaprogramming..pdf
Schema on read is obsolete. Welcome metaprogramming..pdfLars Albertsson
 
VIP Call Girls Service Miyapur Hyderabad Call +91-8250192130
VIP Call Girls Service Miyapur Hyderabad Call +91-8250192130VIP Call Girls Service Miyapur Hyderabad Call +91-8250192130
VIP Call Girls Service Miyapur Hyderabad Call +91-8250192130Suhani Kapoor
 
PKS-TGC-1084-630 - Stage 1 Proposal.pptx
PKS-TGC-1084-630 - Stage 1 Proposal.pptxPKS-TGC-1084-630 - Stage 1 Proposal.pptx
PKS-TGC-1084-630 - Stage 1 Proposal.pptxPramod Kumar Srivastava
 
1:1定制(UQ毕业证)昆士兰大学毕业证成绩单修改留信学历认证原版一模一样
1:1定制(UQ毕业证)昆士兰大学毕业证成绩单修改留信学历认证原版一模一样1:1定制(UQ毕业证)昆士兰大学毕业证成绩单修改留信学历认证原版一模一样
1:1定制(UQ毕业证)昆士兰大学毕业证成绩单修改留信学历认证原版一模一样vhwb25kk
 
Amazon TQM (2) Amazon TQM (2)Amazon TQM (2).pptx
Amazon TQM (2) Amazon TQM (2)Amazon TQM (2).pptxAmazon TQM (2) Amazon TQM (2)Amazon TQM (2).pptx
Amazon TQM (2) Amazon TQM (2)Amazon TQM (2).pptxAbdelrhman abooda
 
Call Girls In Dwarka 9654467111 Escorts Service
Call Girls In Dwarka 9654467111 Escorts ServiceCall Girls In Dwarka 9654467111 Escorts Service
Call Girls In Dwarka 9654467111 Escorts ServiceSapana Sha
 
Consent & Privacy Signals on Google *Pixels* - MeasureCamp Amsterdam 2024
Consent & Privacy Signals on Google *Pixels* - MeasureCamp Amsterdam 2024Consent & Privacy Signals on Google *Pixels* - MeasureCamp Amsterdam 2024
Consent & Privacy Signals on Google *Pixels* - MeasureCamp Amsterdam 2024thyngster
 
Dubai Call Girls Wifey O52&786472 Call Girls Dubai
Dubai Call Girls Wifey O52&786472 Call Girls DubaiDubai Call Girls Wifey O52&786472 Call Girls Dubai
Dubai Call Girls Wifey O52&786472 Call Girls Dubaihf8803863
 
(PARI) Call Girls Wanowrie ( 7001035870 ) HI-Fi Pune Escorts Service
(PARI) Call Girls Wanowrie ( 7001035870 ) HI-Fi Pune Escorts Service(PARI) Call Girls Wanowrie ( 7001035870 ) HI-Fi Pune Escorts Service
(PARI) Call Girls Wanowrie ( 7001035870 ) HI-Fi Pune Escorts Serviceranjana rawat
 
From idea to production in a day – Leveraging Azure ML and Streamlit to build...
From idea to production in a day – Leveraging Azure ML and Streamlit to build...From idea to production in a day – Leveraging Azure ML and Streamlit to build...
From idea to production in a day – Leveraging Azure ML and Streamlit to build...Florian Roscheck
 
RadioAdProWritingCinderellabyButleri.pdf
RadioAdProWritingCinderellabyButleri.pdfRadioAdProWritingCinderellabyButleri.pdf
RadioAdProWritingCinderellabyButleri.pdfgstagge
 
VIP High Profile Call Girls Amravati Aarushi 8250192130 Independent Escort Se...
VIP High Profile Call Girls Amravati Aarushi 8250192130 Independent Escort Se...VIP High Profile Call Girls Amravati Aarushi 8250192130 Independent Escort Se...
VIP High Profile Call Girls Amravati Aarushi 8250192130 Independent Escort Se...Suhani Kapoor
 
GA4 Without Cookies [Measure Camp AMS]
GA4 Without Cookies [Measure Camp AMS]GA4 Without Cookies [Measure Camp AMS]
GA4 Without Cookies [Measure Camp AMS]📊 Markus Baersch
 
Brighton SEO | April 2024 | Data Storytelling
Brighton SEO | April 2024 | Data StorytellingBrighton SEO | April 2024 | Data Storytelling
Brighton SEO | April 2024 | Data StorytellingNeil Barnes
 

Recently uploaded (20)

20240419 - Measurecamp Amsterdam - SAM.pdf
20240419 - Measurecamp Amsterdam - SAM.pdf20240419 - Measurecamp Amsterdam - SAM.pdf
20240419 - Measurecamp Amsterdam - SAM.pdf
 
Deep Generative Learning for All - The Gen AI Hype (Spring 2024)
Deep Generative Learning for All - The Gen AI Hype (Spring 2024)Deep Generative Learning for All - The Gen AI Hype (Spring 2024)
Deep Generative Learning for All - The Gen AI Hype (Spring 2024)
 
Call Girls in Saket 99530🔝 56974 Escort Service
Call Girls in Saket 99530🔝 56974 Escort ServiceCall Girls in Saket 99530🔝 56974 Escort Service
Call Girls in Saket 99530🔝 56974 Escort Service
 
Indian Call Girls in Abu Dhabi O5286O24O8 Call Girls in Abu Dhabi By Independ...
Indian Call Girls in Abu Dhabi O5286O24O8 Call Girls in Abu Dhabi By Independ...Indian Call Girls in Abu Dhabi O5286O24O8 Call Girls in Abu Dhabi By Independ...
Indian Call Girls in Abu Dhabi O5286O24O8 Call Girls in Abu Dhabi By Independ...
 
{Pooja: 9892124323 } Call Girl in Mumbai | Jas Kaur Rate 4500 Free Hotel Del...
{Pooja: 9892124323 } Call Girl in Mumbai | Jas Kaur Rate 4500 Free Hotel Del...{Pooja: 9892124323 } Call Girl in Mumbai | Jas Kaur Rate 4500 Free Hotel Del...
{Pooja: 9892124323 } Call Girl in Mumbai | Jas Kaur Rate 4500 Free Hotel Del...
 
04242024_CCC TUG_Joins and Relationships
04242024_CCC TUG_Joins and Relationships04242024_CCC TUG_Joins and Relationships
04242024_CCC TUG_Joins and Relationships
 
Schema on read is obsolete. Welcome metaprogramming..pdf
Schema on read is obsolete. Welcome metaprogramming..pdfSchema on read is obsolete. Welcome metaprogramming..pdf
Schema on read is obsolete. Welcome metaprogramming..pdf
 
VIP Call Girls Service Miyapur Hyderabad Call +91-8250192130
VIP Call Girls Service Miyapur Hyderabad Call +91-8250192130VIP Call Girls Service Miyapur Hyderabad Call +91-8250192130
VIP Call Girls Service Miyapur Hyderabad Call +91-8250192130
 
PKS-TGC-1084-630 - Stage 1 Proposal.pptx
PKS-TGC-1084-630 - Stage 1 Proposal.pptxPKS-TGC-1084-630 - Stage 1 Proposal.pptx
PKS-TGC-1084-630 - Stage 1 Proposal.pptx
 
1:1定制(UQ毕业证)昆士兰大学毕业证成绩单修改留信学历认证原版一模一样
1:1定制(UQ毕业证)昆士兰大学毕业证成绩单修改留信学历认证原版一模一样1:1定制(UQ毕业证)昆士兰大学毕业证成绩单修改留信学历认证原版一模一样
1:1定制(UQ毕业证)昆士兰大学毕业证成绩单修改留信学历认证原版一模一样
 
Amazon TQM (2) Amazon TQM (2)Amazon TQM (2).pptx
Amazon TQM (2) Amazon TQM (2)Amazon TQM (2).pptxAmazon TQM (2) Amazon TQM (2)Amazon TQM (2).pptx
Amazon TQM (2) Amazon TQM (2)Amazon TQM (2).pptx
 
Call Girls In Dwarka 9654467111 Escorts Service
Call Girls In Dwarka 9654467111 Escorts ServiceCall Girls In Dwarka 9654467111 Escorts Service
Call Girls In Dwarka 9654467111 Escorts Service
 
Consent & Privacy Signals on Google *Pixels* - MeasureCamp Amsterdam 2024
Consent & Privacy Signals on Google *Pixels* - MeasureCamp Amsterdam 2024Consent & Privacy Signals on Google *Pixels* - MeasureCamp Amsterdam 2024
Consent & Privacy Signals on Google *Pixels* - MeasureCamp Amsterdam 2024
 
Dubai Call Girls Wifey O52&786472 Call Girls Dubai
Dubai Call Girls Wifey O52&786472 Call Girls DubaiDubai Call Girls Wifey O52&786472 Call Girls Dubai
Dubai Call Girls Wifey O52&786472 Call Girls Dubai
 
(PARI) Call Girls Wanowrie ( 7001035870 ) HI-Fi Pune Escorts Service
(PARI) Call Girls Wanowrie ( 7001035870 ) HI-Fi Pune Escorts Service(PARI) Call Girls Wanowrie ( 7001035870 ) HI-Fi Pune Escorts Service
(PARI) Call Girls Wanowrie ( 7001035870 ) HI-Fi Pune Escorts Service
 
From idea to production in a day – Leveraging Azure ML and Streamlit to build...
From idea to production in a day – Leveraging Azure ML and Streamlit to build...From idea to production in a day – Leveraging Azure ML and Streamlit to build...
From idea to production in a day – Leveraging Azure ML and Streamlit to build...
 
RadioAdProWritingCinderellabyButleri.pdf
RadioAdProWritingCinderellabyButleri.pdfRadioAdProWritingCinderellabyButleri.pdf
RadioAdProWritingCinderellabyButleri.pdf
 
VIP High Profile Call Girls Amravati Aarushi 8250192130 Independent Escort Se...
VIP High Profile Call Girls Amravati Aarushi 8250192130 Independent Escort Se...VIP High Profile Call Girls Amravati Aarushi 8250192130 Independent Escort Se...
VIP High Profile Call Girls Amravati Aarushi 8250192130 Independent Escort Se...
 
GA4 Without Cookies [Measure Camp AMS]
GA4 Without Cookies [Measure Camp AMS]GA4 Without Cookies [Measure Camp AMS]
GA4 Without Cookies [Measure Camp AMS]
 
Brighton SEO | April 2024 | Data Storytelling
Brighton SEO | April 2024 | Data StorytellingBrighton SEO | April 2024 | Data Storytelling
Brighton SEO | April 2024 | Data Storytelling
 

Snowflake Data Governance

  • 1. © 2021 Snowflake Inc. All Rights Reserved SNOWFLAKE GOVERNANCE Natalie Nick - Novartis US Sales Engineer Tino Bourboulas - Novartis EMEA Sales Engineer
  • 2. © 2021 Snowflake Inc. All Rights Reserved DATA GOVERNANCE CHALLENGES 2 Data Is Everywhere Must be able to eliminate silos inside and outside your organization Managing Data Is Unnecessarily Complex Knowing what your data is — and how it is being used — is hard Security and Governance Are Inherently Rigid Requires managing risk and changing regulations, while getting the most from your data
  • 3. © 2020 Snowflake Inc. All Rights Reserved SNOWFLAKE PLATFORM 3 DATA SOURCES OLTP DATABASES ENTERPRISE APPLICATIONS THIRD-PARTY WEB/LOG DATA IoT DATA CONSUMERS DATA MONETIZATION OPERATIONAL REPORTING AD HOC ANALYSIS REAL-TIME ANALYTICS
  • 4. © 2021 Snowflake Inc. All Rights Reserved SNOWFLAKE GOVERNANCE 4 Know Your Data Protect Your Data Understand, classify, and track data and its usage Secure sensitive data with policy-based access controls Securely collaborate and share data across teams Unlock Your Data
  • 5. © 2021 Snowflake Inc. All Rights Reserved NEW / UPDATED GOVERNANCE CAPABILITIES Access History Object Tagging Classification Know Your Data – what it is, where it is Protect Your Data Know Your Data – who accessed it Conditional Masking Row Access Policies Anonymization 5 5
  • 6. © 2021 Snowflake Inc. All Rights Reserved KNOW YOUR DATA Automatic Data Classification Why is it important? ● Risk management, compliance, and data security ● Personal data is easier to discover, protect, track and audit ● Prepares data for anonymization What is it? ● Process of analyzing data and tagging it according to its semantic and privacy categories Who does it impact? ● Data owner, Data engineer ● Security Admin, Compliance or Privacy Officer, CDO How does it work? ● System defined function invoked on a table returns the semantic and privacy categories of each column ● Data owner reviews the results, revises if necessary and then applies the tags ● Admin finds columns, applies policies and tracks usage Data owner runs Classification on specific table(s) Alex (Data Owner) name gender age zip_code phone John Smith male 39 79007 123-555-1234 Jane Doe female 50 77001 333-555-1236 Mary Taylor female 46 77020 222-333-1111 Ann Marshall female 48 77042 555-555-1234 Michael Gaines male 75 79003 666-666-1357 Admin finds columns with personal data based on classification Morgan ( Admin) PUBLIC GA PRIVATE DEV 6
  • 7. © 2021 Snowflake Inc. All Rights Reserved PROTECT YOUR DATA Anonymization 7 Data Owner creates anonymized view Alex (Data Owner) Customer Table name gender age zip_code phone John Smith male 39 79007 123-555-1234 Jane Doe female 50 77001 333-555-1236 Mary Taylor female 46 77020 222-333-1111 Michael Gaines male 37 79003 666-666-1357 Taylor (Data Analyst) name gender age zip_code phone **** male [36-40] 790** ***-***-**** **** female [46-50] 770** ***-***-**** **** female [46-50] 770** ***-***-**** **** male [36-40] 790** ***-***-**** Anonymized View Data Analyst queries anonymized view Admin defines policies Morgan (Admin) PUBLIC GA PRIVATE DEV Why is it important? ● Risk management and compliance ● Retains analytical value ● Unique vs competitors (native anonymity) What is it? ● An irreversible process of de-identifying data according to k- Anonymity (industry standard) Who does it impact? ● Data Owner, Data Engineer ● Security Admin, Compliance or Privacy Officer, CDO ● Data Analyst, Data Scientist How does it work? ● Create an anonymized view that has the k-Anonymity property ● Remove directly identifying information ● Generalize or suppress indirectly or quasi identifying information into groups of at least size k
  • 8. © 2021 Snowflake Inc. All Rights Reserved Data owner assigns with tag value OBJECT TAGGING ID SSN Phone 101 ********* 248-222-3333 102 ********* 800-778-9904 103 ********* 415-887-8888 Admin creates custom tags Alex (Data Owner) Admin audits tagged objects Morgan (Admin) Morgan (Admin) Confidentiality Track Sensitive Data and Compute Objects PII_Type Department Confidentiality Sensitive PII_Type Phone Department Sales PUBLIC GA PRIVATE 8 8 DEV Why is it important? ● Track sensitive information to satisfy regulatory compliance (GDPR/CCPA, SOX) audit and protection. ● Track resource usage for cost attribution by cost center, department, client etc. What is it? ● Easy-to-manage, scalable way to associate metadata with objects. ● Customers can custom create a tag (new Snowflake object) and assign to any supported object such as column, table, or warehouse in their account. Who does it impact? ● Data owner, Data engineer, Data Stewards ● Security Admin, Compliance or Privacy Officer, CDO How does it work? ● Track sensitive data and resources across an account in three simple steps: Create Tags, Assign to Objects, Audit. ● Privileges for centralized and decentralized tag assignment.
  • 9. © 2021 Snowflake Inc. All Rights Reserved OBJECT TAGGING Key Capabilities Currently Available: ● Create tags ● Assign tags to objects (warehouse, role, user, database, schema, table, view, column) ● Display tags and relationships with objects using account usage views and functions (e.g. “display all columns associated with tag_x”, “display all tags associated with table_y”) ● Display tag lineage: a. If a tag is assigned to a database, all objects within that database will adopt the tag. b. Users can use a function (e.g. “get_tag_by_lineage”) to display all of the tags for an object that were assigned via lineage ● Today, customers leverage Stored Procedures to scan tags and apply policies based on the tag value Future Roadmap: ● Associate a policy with a tag: Users will be able to associate a policy with a tag, which will automatically enforce policies for other objects based on shared tags. For example - if tag “pii” is associated with policy “pii_string”, and the tag is applied to a table “customer_data”, then the table will automatically inherit the “pii_string” policy (which will dynamically mask the string columns). ● Use tags in conditional logic of policy: Instead of just using the user’s current role, look for the tag on the role (using function “get current tag on role”) - and if tag is approved for data, will grant/deny access.
  • 10. © 2021 Snowflake Inc. All Rights Reserved DEMO OBJECT TAGGING
  • 11. © 2021 Snowflake Inc. All Rights Reserved ROW ACCESS POLICIES Dynamically Filter Unauthorized Rows (Policy Admin) Role Allowed Region EU_RL Europe NA_RL North America Policy Look up Customer Spend Region ACME $820,000 North America Koko $2,100,00 North America AGM $5,757,00 Europe Kira $228,000 Asia Table: Sales Table: Entitlement Customer Spend Region AGM $5,757,000 Europe Customer Spend Region ACME $820,000 North America Koko $2,100,00 North America Jordan (Role: EU_RL) Alex (Role: NA_RL) Apply PUBLIC GA PRIVATE 11 11 DEV Why is it important? ● Saves cost and time by reducing management overhead associated with alternatives. ● Improves security posture by centralizing access policy. ● Unlocks data by eliminating data silos while complying with compliance requirements. What is it? ● Easy-to-manage row-level security that dynamically filters rows in a table based on querying user’s authorization. Who does it impact? ● Data Engineers, Security Admin, Compliance or Privacy Officer, CDO How does it work? ● Enforce row level security with four easy steps: Create a policy, Assign to Tables/Views, Enforce row filtering, Audit assignments. ● Privileges for centralized and decentralized policy assignment.
  • 12. © 2020 Snowflake Inc. All Rights Reserved COLUMN LEVEL SECURITY 12 Dynamic Data Masking External Tokenization AND Alex (Unauthorized) Morgan (Authorized) ID Phone SSN 101 ***-***-5534 ********* 102 ***-***-3564 ********* 103 ***-***-9787 ********* ID Phone SSN 101 408-123-5534 ********* 102 510-335-3564 ********* 103 214-553-9787 ********* Masking Policies INGEST RAW DATA Alex (Unauthorized) Morgan (Authorized) ID Phone SSN 101 882-345-8344 213-44-5563 102 980-234-8934 369-77-0088 103 512-345-6443 802-44-9984 ID Phone SSN 101 408-123-5534 369-22-7781 102 510-335-3564 787-12-3345 103 214-553-9787 312-88-3421 Masking Policies INGEST TOKENIZED DATA External Functions API Gateway De- Tokenization API Customer VPC / VNet PUBLIC GA PRIVATE
  • 13. © 2020 Snowflake Computing Inc. All Rights Reserved Ingestion And Consumption Policies ID Phone SSN 101 408-123-5534 387-78-3456 102 510-334-3564 226-44-8908 103 214-553-9787 359-9987-0098 ID Phone SSN 101 ***-**-5534 ******** 102 ***-**-3564 ******** 103 ***-**-9787 ******** Alice (unauthorized) Bob (authorized) Ingest raw data Dynamically mask protected (PII, PHI) column data at query time • No change to the stored data • Mask or partial mask using constant value, hash, and custom functions • Unmask for authorized users only Policy based control • Table/View owners and privileged users (such as accountadmin) unauthorized by default • Centralized policy mgt Ease of Management • Apply single policy to multiple columns • Prevent secure view explosion
  • 14. © 2020 Snowflake Computing Inc. All Rights Reserved Dynamic Data Masking Policies DB 1 Table 1 Column 1 DB 1 View 1 Column 1 DB n Table n Column n <policy condition> <masking function> Masking Policy Resource(s) Policy Admin Apply CASE WHEN invoker_role() IN (‘pii_role’) THEN val WHEN invoker_role() IN (‘support’) THEN regexp_replace(val,'.+@','*****@') ELSE ‘********’ END; Masking Policy Example Unmask Partial mask Mask Masking Policy • Policy contains condition(s) and masking function to apply under those conditions • Policy is applied to one or more table, view, or external table columns in an account • Nested policy execution for views - policy on table executed before policy on view(s) Supports • All data types • Data sharing • Streams • Clone carries over policy associations
  • 15. © 2019 Snowflake Computing Inc. All Rights Reserved CREATE MASKING POLICY <name> AS (val <data_type>) returns <data_type> -> (SQL expression on val); Example: CREATE MASKING POLICY email_mask AS (val string) returns string -> CASE WHEN current_role() IN ('ANALYST') THEN val ELSE '***MASKED***' END; Create Masking Policy
  • 16. © 2021 Snowflake Inc. All Rights Reserved ALTER {TABLE | VIEW} <name> MODIFY COLUMN <col_name> [UN]SET MASKING POLICY <name>; Example: ALTER TABLE customer MODIFY COLUMN email SET MASKING POLICY email_mask; ALTER VIEW customer_v MODIFY COLUMN email SET MASKING POLICY email_mask; Note: policies can also be applied to external tables. Apply Masking Policy To Column(s)
  • 17. © 2021 Snowflake Inc. All Rights Reserved DEMO COLUMN AND ROW-LEVEL POLICIES
  • 18. © 2021 Snowflake Inc. All Rights Reserved Select * from Info; ID Phone Unique_ID 101 248-222-3333 333-78-9999 102 800-778-9904 779-66-8908 103 415-887-8888 111-00-8888 View: INFO (Directly Accessed) Table: SENSITIVE ID SSN 101 333-78-9999 102 779-66-8908 103 111-00-8888 Table: CONTACT ID Mobile 101 248-222-3333 102 800-778-9904 103 415-887-8888 Log Access History User Tables Columns Taylor Info, Sensitive, Contact ID, Phone, Unique_ID, SSN, Mobile Morgan Sensitive ID, SSN Select * from Sensitive; PUBLIC GA PRIVATE Taylor (Privileged User) Morgan (Admin) ACCESS HISTORY Satisfy Regulatory Compliance, Understand Usage with Column-level Access Visibility 18 18 DEV Why is it important? ● Satisfy Compliance Audits for SOX, PII, and other sensitive data access with audit reports. ● Optimize storage with visibility of unused tables and columns. ● Lowers cost by eliminating need to parse query statements. ● Unique column-level viz vs. Cloud competitors What is it? ● A new Account_Usage view with records of tables and columns directly and indirectly accessed by each query. Who does it impact? ● Data owner, Data engineer, Data Stewards ● Security Admin, Compliance or Privacy Officer, CDO
  • 19. © 2021 Snowflake Inc. All Rights Reserved PUBLIC GA PRIVATE CONDITIONAL MASKING POLICIES Conditional Unmasking Jordan (Role: Sales) Alex (Role: Finance) name dept zip_code phone John Smith Sales 79007 123-555-1234 Jane Doe Sales 77001 333-555-1236 Mary Taylor Finance 77020 ***-***-1111 Ann Marshall Finance 77042 ***-***-1234 Michael Gaines Finance 79003 ***-***-1357 name dept zip_code phone John Smith Sales 79007 ***-***-1234 Jane Doe Sales 77001 ***-***-1236 Mary Taylor Finance 77020 222-333-1111 Ann Marshall Finance 77042 555-555-1234 Michael Gaines Finance 79003 666-666-1357 INGEST RAW DATA 19 19 DEV Conditionally Mask Based on Value in Other Column(s) Why is it important? ● Unique to Snowflake vs other Cloud DWs ● Demonstrates Snowflake investments to address fine- grained data access control needs ● Provides fine-grained access controls without creating silos or increasing management overhead What is it? ● Mask protected field-level data based on value in another column(s) Who does it impact? ● Data owner, Data engineer, Data Stewards ● Security Admin, Compliance or Privacy Officer, CDO How does it work? ● Enhances MASKING POLICY to take condition column(s) as input for masking decision.
  • 20. © 2021 Snowflake Inc. All Rights Reserved