BlueTalon enables businesses to unlock the value of data analytics while ensuring regulatory compliance and minimizing the risk of a data breach.
Businesses rely on BlueTalon to eliminate security blind spots, gain visibility and control access at the data layer.
UNPARALLELED FINE-GRAINED, ACCESS CONTROL
- File, folder, table, column, row, cell, sub-field, masking
- Context aware: leverage user role, location, and business parameters like license restrictions etc.
- Dynamic controls: applied in realtime to all requests
- Business-oriented: does not require database knowledge intuitive GUI
- Transparent to applications
- No application rewrite
- No changes to physical or logical data models at the data layer
- Highly performant: no impact on user experience or response time SLAs
Policies defined in BlueTalon can utilize user, data, session, and business parameters. The parameters are retrieved dynamically at runtime from Directory Services and any other data sources configured to be used for policy attributes.
BlueTalon Enforcement Points transparently intercept data requests from end users and applications and pass the requests to the Policy Engine for access decision.
The Policy Engine provides allow, deny, filter, and mask decisions back to the Enforcement Points based on the policies defined. In parallel, data access and policy administrative events are captured in real-time by the BlueTalon Audit Engine.
The BlueTalon Audit Console provides a central point to visualize and audit who is using what data. End users consume data using the application of their choice; their experience is unchanged without altering their user experience. BlueTalon ensures that they only get policy compliant data.
Environments and platforms supported
- Authentication: Windows AD, OpenLDAP, Kerberos
- Relational-based databases: Oracle, Greenplum, Teradata* and PostgreSQL
- Hadoop: Cloudera, Hortonworks
- Hadoop SQL: Hive, Impala, Spark, HAWQ
- Public clouds: Microsoft Azure HDInsight, Amazon EMR, AWS RDS Oracle, AWS RDS PostgreSQL, AWS Redshift
- NoSQL Databases: Cassandra
- New platforms are continually added to the above list.
* Attribute Domain support only
Positive Business Outcomes
BETTER SECURITY: BlueTalon's finer grain data access control enables policy based on any combination of user role or data attribute to deliver row/column level filtering and dynamic masking.
FASTER TIME TO DATA: BlueTalon enables user faster access to more data in Cloudera based on access control policy that precisely provides data that users are authorized to receive.
LOWER TOTAL COST: BlueTalon 'virtual views' are generated on demand based on attribute and role based access control policy and virtually eliminate costly manual coding and maintenance of access control logic in traditional views.
- Finest granularity of data access control @ row & column level
- "Virtual view" generation on demand eliminates cost manual coding of access control
- Next generation attribute-based policy logic enables scaling of access control for complex, hierarchical organizations
- Dynamic Masking including ability to customize masks
- Support for 'Opt In/Opt Out' and Right to be Forgotten for GDPR
- Interoperation with Tokenization. / Encryption from Protegrity or Voltage
Lower Business Risk
BlueTalon is a leading provider of data-centric security for next-gen data platforms. BlueTalon keeps enterprises in control of their data by allowing them to give users access to the data they need, not a byte more.
- Dynamic Data Masking
- Row and Column Level Data Filtering
- Attribute-based access control
- High Availability
- Unified access control policy across multiple data domains
Metrics and Proof Points
- Multiple wins in prominent financial services firms, including a G10 central bank, requiring centralized policy and access management. For one bank, BlueTalon enabled 'time to data' to be reduced by 80%
- For a finance data lake project for large industrial firm 30 BlueTalon policies enabled replacement of over 300 manually coded views -- and with projected savings over $2 million in the next 5 years.
- GDPR driven wins with customers requiring management of consent ( opt in opt out), data masking, and fine grain access control