Stop User Impersonation
Shrink wrap access permissions and fix over-provisioning.
No fake in the lake!
I’ll have my data call your data
Watch quick Demo Video
Overview
According to the 1Q23 Morgan Stanley CIO Survey, we expect 43% of the organization’s data to reside centrally in the cloud by the end of 2024. This represents a massive shift and more than double the current estimated level of 19%. Generative AI is expected to accelerate this trend further.
With more data comes more responsibility, not just morally but also legally. Regulatory policies like GDPR, HIPAA, PCI, NIST, DORA, and numerous other compliance/auditing requirements
drive the need for Data Governance, a set of rules and procedures that govern the ownership and accessibility of data. A lack of proper Data Governance can not only result in lawsuits, regulatory and other fines, increased cyber insurance rates, business, and reputational damage, but even jail time. In other words, Data Governance is a critical must-have for any business dealing with data.
Theom is an AI-driven, data-centric data governance and security platform to ensure that ONLY the right people have access to the right data at the right time, minimizing the risks of data breaches and ensuring compliance with data protection and security regulations. Theom is uniquely embedded in data lakes and warehouses, reflecting the reality that there is no perfect perimeter protection. This also allows Theom to see every individual data access and query in the clear vs. encrypted for non-embedded approaches allowing for better security and breach protection. All data is kept in place – no data or metadata transfer (and no egress costs). Lastly, Theom does not bottleneck around a proxy, avoiding performance degradation, and governs clean rooms for data exchanges.
Data and Access Observability
“Look mom, no agents and no proxy!” – Theom discovers all the data inside data lakes and warehouses, cloud object stores, and databases. Theom’s discovery process is highly accurate
because its is embedded with the data in datastores like Snowflake or Databricks (?), allowing Theom to see every query in the clear vs. relying on the interpretation of encrypted data. The platform provides a detailed topology of all the data and a consolidated view of how it is accessed by human and machine users.
Theom evaluates every attempt to access data against existing (static) rules and (dynamic) baselines derived from machine learning.
The platform allows organizations to define fine-grained access permissions for each user, group, or role – down to individual cells or columns. Additionally, machine learning models continuously observe access activities in great detail to learn what “normal” access looks like. Both violations of access permissions and deviations from these AI baseline access patterns – frequently indicative of insider or phishing attacks - trigger automatic alerts and other user-defined actions (all the way to shut down a user instantly).
Theom also automatically detects where data sources are overprovisioned and recommend corrective actions. Data sources are labeled as “overprovisioned” if they allow access to users that should not have access - be it that access permission has not been updated or should have never been authorized.
Discovery and Classification
“Not all data is created equally” - Theom's data classification and discovery features help organizations identify and categorize sensitive data, ensuring proper access controls are in place. This process involves discovering and indexing data stored across various repositories on cloud environments and applying pre-defined classification rules to label and secure sensitive data automatically. It also involves establishing a monetary value of the data to assess the associated risk exposure properly. This will provide a prioritized map of vulnerabilities and suggests remediation to reduce potential exposures.
Theom also automatically detects where data sources are overprovisioned and recommend corrective actions. Data sources are labeled as “overprovisioned” if they allow access to users that should not have access - be it that access permission has not been updated or should have never been authorized.
Detect and Stop Data Breaches
“See something, do something” – Theom's monitoring capabilities provide organizations with a clear view of all data access events. Once there is any abnormal activity, Theom takes action on potential data breach attacks using SIEM/SOAR integrations in a fully automated or hybrid approach. In line with customer preferences and incident severity, Theom can also take fully automated actions, like shutting users down immediately via API calls into an IAM system. Theom provides full audit trails of any such actions and alerts and can also send them to ticketing systems like ServiceNow. Lastly, Theom correlates access behavior with many other data points enabling it to spot attempts to exfiltrate data already at the recon or staging phase. This allows Theom to alert and take preventative action before an attempt to breach has even been launched. Theom is the only product that can detect attacks on cloud data lakes and warehouses and map them to the MITRE &ATTACK framework.
Secure Data Sharing
Secure Data Sharing: Theom enables the secure sharing of data on Snowflake and Databricks by allowing enterprises to share data with external parties in a controlled and safe manner. Unlike older, proxy-based technologies that cannot enforce Data Governance beyond the initial proxy control point, Theom can fully extend its Data Governance into clean rooms. Theom Data Governance will be consistently applied to intra- and inter-company data access. This ability becomes increasingly important as inter-company data exchange becomes more prevalent.
Compliance and Reporting
“The proof is in the product” - organizations can generate comprehensive reports to demonstrate their compliance with various data protection regulations built on NIST, HIPAA, Hitrust, and CIS. Theom's reporting tools make it easy to track and manage access requests, identify potential violations, document remediations and maintain a transparent and auditable record of data access activities. Furthermore, the entire rules framework underlying Theom’s decision-making can be documented for regulatory and compliance purposes. Reports are also customizable to fit individual needs.
