Universal Data Authorization
Okera dynamically authorizes and audits every query to comply with data security and privacy regulations. Okera integrates seamlessly into your infrastructure – in the cloud, on-premise, and with cloud-native and legacy tools.
Universal Policy Management
Simplify and standardize powerful fine-grained access control policies. Write once, apply everywhere.
Dynamic Policy Authorization
Enforce sophisticated data security and privacy policies for every data access request at run-time. Filter, hide, mask, and tokenize sensitive data as queried.
Data Usage Intelligence
Accelerate compliance reporting and discover and remediate inappropriate data usage. Know who has access to sensitive data, and how and when they used it.
Provision and restrict access to data at the column, row, and cell level with conditional logic in order to comply with data security mandates and privacy regulation.
RBAC and ABAC
Simplify and generalize policies based on common user roles with Role-Based Access Control (RBAC). Define rich policies leveraging metadata, user attributes, and real-time context with Attribute-Based Access Control (ABAC) in order to scale policy enforcement over time.
Administrators configure the platform and set global data policy. Data registration and policy management can be delegated to the business domain stewards.
Universal Client & Programmatic Access
Okera provides native client libraries, a BI Gateway for JDBC/ODBC connectivity, and a REST API for programmatic enforcement requests
Push-Down Policy Enforcement
For high-performing systems, Okera intercepts the query, rewrites it (masking, tokenization, etc), then pushes the authorized query down to the underlying data source for the fastest possible query performance.
Scale Policy Enforcement
Isolate direct data access with Okera nScale™ so public cloud compute frameworks only work with authorized data. On-cluster co-location delivers speed and elastic scalability.
Authenticate every request in real time, integrated with enterprise authentication and Single Sign-On (SSO) solutions: oAuth, SAML (Okta, Ping), Microsoft Active Directory, and more.
Active Metadata Registry
Keep authorization policies up-to-date with real-time user and data attributes. Integrate with your identity access management system and enterprise data catalog, and/or use Okera’s ML-powered data discovery to automatically detect and tag sensitive data.
Automation and APIs
Leverage Python, Java, and REST APIs for custom integrations and enterprise workflow automation.