Why Do You Need a Self-Service Access Request?
When users need to get access to some data they are not authorized to see, database administrators have to do a lot of work. They need to add users to the right group, give them certain privileges and permissions, and collect information about requests and permissions granted. If this process is not automated it can take a long time from the manual request to manual changes of security rules and adding a new user. After the work is done or if something went wrong, database administrators should also check each user and revoke the user’s access to data to minimize possible security and compliance issues.
Such cases distract database administrators from their main work. One of the main problems of an access request is that most of all, businesses have different data storage. And database administrators receive requests from different places for different destinations with different types of access. It is time-consuming, affects workflow, and can cause vulnerabilities and threats in case of a mistake.
In this context, it is better to use the system of a single self-service access request. Here we explain how this functionality works in DataSunrise and its benefits.
How a Self-Service Access Request Works
Self-Service Access Request by DataSunrise enables database administrators to provide a right to read/write access to database tables. Requests can be sent from the SQL client. With this option, the administrator simply approves or rejects the request. After that, users have a limited period of time to do their work. Moreover, the database administrator can revoke access at any time. Here we describe how the Access Request works in DataSunrise. You can find a step-by-step guide on how to utilize Self-Service Access Request in our User Guide.
The work process of the access request is simple for both users and database administrators. If you work with SQL clients such as DBeaver, you need to do the following steps. First of all, a user should try to execute a SQL query to a needed database table. If a blocking rule is configured on DataSunrise for tables requested by a user, the request returns an error. The error text contains the URL to request access to the table. After that, a user needs to go to the URL and fill in the data to request access.
After confirming the request by clicking the Create Request button, the DataSunrise user with access rights to confirm the request is notified of the new request. This user can approve or deny the request. If the request is approved, DataSunrise creates an Allow rule to access the requested table. The client’s SQL user is notified of their request and if the request is confirmed a user can access the table until the rule lifetime expires.
Benefits of Self-Service Access Request with DataSunrise
With Self-Service, your database administrators will have a lot of benefits during their work. It reduces the time that they spent on checking, approving, collecting, and removing access compared with previous work. What’s more, now they can get all requests in one place for each platform and database your business uses. Self-Service Access Request enables database administrators to skip some steps of the process because it is automated.
Here we specify a few more advantages of DataSunrise’s Self-Service Access Request.
- Better experience for users and administrator
Self-Service Access by DataSunrise enables database administrators to receive and collect requests at a single location. If previously you had requests from different sources such as email, tickets, or even phone calls, now they come from one place. It is needed for security purposes, first of all. With Self-Service Access, all requests are collected in a dictionary. You can easily track details about requests, confirmed permissions, requested objects, user names, and emails of these users. Moreover, there is no difference between requesting access and approving or denying it for different databases and storage.
- Increased visibility with Activity Monitoring
With DataSunrise you can easily track users’ actions with Audit Rules. If you grant a user access to a database, you can also create an Audit Rule that enables you to track user activity. Due to Activity Monitoring, you can get detailed reports, which means that database administrators see the actions of every user and get alerts in case of suspicious activity to revoke access in time.
- Comprehensive security and full compliance
Even though you can grant access to users on demand, you still need to stay in compliance with different national and international data protection acts and regulations. With DataSunrise you will be able to do it. With the Compliance Manager, you know where your sensitive data resides. Using it you can decide whether to grant access to a user or not. Moreover, together with Activity Monitoring, you get all the reports needed for compliance auditors.
With the Self-Service Access Request by DataSunrise, you can manage users and their actions in a database. Provide access to data upon request with ease and do not worry about your data security with DataSunrise.