Getting Started with Self-Service Compliance Dashboards

This is a great time to launch a self-service initiative as a way to improve your security program without making costly new commitments. Especially with team members working remotely, freer access to data can improve efficiencies and speed up remediation of risks like cloud misconfigurations and visibility gaps. If you take advantage of this crazy time to squeeze more value from your security data, that’s a silver lining to this gloomy cloud.

What is Data Democratization?

Popular data science author Bernard Marr put it well when he wrote:

Unintentional Middlemen

Wait! How did you check how many BI licenses your team is using? If you had to Slack a buddy in IT or open a service desk ticket, you’ve turned your friend into an unintentional middleman. She didn’t sign up for that job.

Self-Service for Security Compliance

Security Governance, Risk and Compliance (GRC) is meant to ensure that the business sets standards not just for how it protects data and systems, but that these standards are being met. That’s a nice idea but in practice there’s a constant vigilance required to minimize the gaps between the desired and actual.

Getting the Data

If your company already uses Snowflake, most of the ingredients for self-service compliance are already in place. Your data org has already purchased a BI tool such as Tableau, Looker or Sigma. That just leaves getting the relevant datasets into Snowflake.

Lacework shares cloud configuration data within Snowflake
Like an app store for your data
Lacework’s Data Exchange Listing
Working with shared data in Snowflake

Start Building for Self-Service

Every company has a unique set of crown jewels to protect, customers to satisfy, and risks to tolerate. That’s one reason why you can’t expect a vendor to build this stuff for you. Still, there’s value in walking through a sample self-service dashboard to help you plan your own.

  • Are we reducing our cloud risk over time?
  • Are compliance violations fixed within our established SLAs?

I believe that better data is the key to better security. These are personal posts that don’t represent Snowflake.