Spatiq Global Security™
Data Access Management

Products

  

Use Cases

This section describes use cases for the Spatiq Data Access Manager product. Each use case analyzes the benefits of using the Data Access Manager, the ROI and the competition. The use cases in the document are based on our experience with existing customers as well as the out take from numerous meetings with potential customers.

Use Case 1: Large BI implementation

The Case

A company or a department within a large corporation is undergoing a BI implementation. The goal is to expose and analyze information that was previously "buried" in transactional systems. Prior to the BI implementation access to the data was facilitated by reporting solutions that were embedded in the individual transactional system. The implementation of the BI dictates that the distribution of data, that was highly manual and centrally controlled, becomes more and more automatic and distributed. At this day and age every piece of information in the organization whether it is the corporate intellectual property or customer information is highly sensitive and mandate a very careful and accurate distribution.

The Challenge

  1. Defining the rules around row level security, who in the organization has access to which business entities.
  2. Creating a valid definition of the data level permission of the people in the organization.
  3. Providing and up to date and accurate audit picture of the current data access map.
  4. Enabling a quick turn around for changes in rule definition as well for provisioning of new users and roles.
  5. Securing the data in a way that has minimal impact on the development time and costs of the BI solution.


Spatiq's Solution

Using Spatiq's Data Manager includes the following components

  1. All the BI applications are defined in the Data Access Manager
  2. The Data Access Manager defines the meta data for the data structures that are used to segregate and secure the data.
  3. The Data Access Manager is setup to handle the access right approval process.
  4. At the end of the Data Access entitlement process the Data Access Manager has a map that defines what data each user is granted access to.
  5. The Data Access Manager that translates the Data Access Definition to a code that is than communicated with the BI solution API. The security definitions are embedded automatically into the BI solution for enforcement.
  6. The Data Access Manager provides Audit mechanisms to provide full transparency of the entitlement process and the end result. The Audit is bi directional, the Auditor can see what elements each individual can access and vice versa, who are the individual that can access each element.


Alternatives

The alternatives that are common in BI implementations.

  1. Allow access to the BI only to people with global access, relying on this group to distribute the data in the organization.
  2. Push the data to the users based on access tables.
  3. Dividing the user population to a number of groups and coding the data access rights into the BI implementation.

ROI

The ROI can be derived from multiple elements of the implementation.

  1. Free resources that previously were assigned to data distribution tasks.
  2. Reduce the effort associated with auditing.
  3. Reduce the turn around time and effort associated with the introduction of new rules or new business units.

Customer identification

  • Data warehousing customers
  • Banks and investment firms
  • Retail banking and investment firms

Use Case 2: Heterogeneous IT environments

The Case

A company that utilizes multiple transactional systems to conduct their business. The company can be using multiple systems to handle multiple products or to handle multiple facets of the business. Each of the underlying systems may be using a different underlying technology and is managed using different means.
The Data Access Aspects of the various applications and technologies have to be managed centrally and proper audit is required.


Spatiq's Solution

Using Spatiq's Data Manager includes the following components

  1. All the BI applications are defined in the Data Access Manager
  2. The Data Access Manager defines the meta data for the data structures that are used to segregate and secure the data.
  3. The Data Access Manager is setup to handle the access right approval process.
  4. At the end of the Data Access entitlement process the Data Access Manager has a map that defines what data each user is granted access to.
  5. The Data Access Manager that translates the Data Access Definition to a code that is than communicated with the BI solution API. The security definitions are embedded automatically into the BI solution for enforcement.
  6. The Data Access Manager provides Audit mechanisms to provide full transparency of the entitlement process and the end result. The Audit is bi directional, the Auditor can see what elements each individual can access and vice versa, who are the individual that can access each element.


Alternatives

  1. Using a directory solution to associate user with groups and roles. Using the built in data security elements in the application to define the actual entitlements for each group and role.
  2. Implementing an RBAC solution that can associate users with application roles. The data access rights for each application roles is coded into each of the individual applications.

ROI

The ROI can be derived from multiple elements of the implementation.

  1. Free resources that previously were assigned to managing the data access rules into the target application
  2. Allows auditing of data access rules.
  3. Reduce the turn around time and effort associated with the introduction of new rules or new business units.

Customer identification

Customers with a wide gamut of applications handling singular population. This is very typical to investment firms, customer service organizations, HR companies.

 

Use Case 3: Highly regulated companies

The Case

The company manages client data using a number of applications. The company has to comply with rules and regulations dictated by a regulator. Frequent audits are imposed on the company. Data access management is a highly critical element for the company's success. The company has a big turnaround of employees.

Spatiq's Solution

Using Spatiq's Data Manager combines the following components:

  1. All the various applications are defined in the Data Access Manager
  2. The Data Access Manager defines the meta data for the data structures that are used to segregate and secure the data. The data access definitions are kept in an technology neutral fashion.
  3. The Data Access Manager is setup to handle the access right approval process.
  4. At the end of the Data Access entitlement process, the Data Access Manager generates a map that defines to what data each user is granted access.
  5. Interfaces are setup for each of the individual target application to translate the data access definitions to a language or API that is utilized by the target application.
  6. Databases that are used by the transactional systems can be secured, ensuring that users who access the database through the target application will gain access to their permissible data set.


Alternatives

  1. Managing data access withing each of the corporate applications.
  2. Performing frequent data audits in each target application
  3. Support teams support the provisioning of new users and new business rules

ROI

The ROI can be derived from multiple elements of the implementation.

  1. Free resources that previously were assigned to managing the data access rules into the target application
  2. Allows auditing of data access rules.
  3. Reduce the turn around time and effort associated with the introduction of new rules or new business units.
  4. Decrease the data breach risk in the company,improve the company public image.

Customer identification

Highly regulated markets, such as financial firms, healthcare, medical trials.

 
Data Access Management
Technology
Use Cases
 

Offices

Copyright © 2010 SPATIQ, Inc. All right reserved.