Separation of policy and compute
Flexibility – Multiple data sources and users means workflows might constantly need to change, thus requiring flexibility in policy creation and management.
Scalability – With more data and users comes more policies to manage. This can only be done effectively and securely at scale if the policy engine is independent of compute.
Complexity reduction – Managing thousands of policies across multiple platforms and users can be complex without a single point of control.
Native cloud integrations
Dynamically enforce policies to reduce the number of user roles required
Achieve high performance because processing is done 100% in the underlying platforms
Reduce risk by eliminating the need to move or copy data
Policy orchestration and enforcement
Fine-grained data security – Grant Uniform, Fine-Grained Authorization for Column-, Row-, and Cell-level Security
Dynamic data masking – Enforce queries at runtime without writing code or copying data
Attribute-based access controls (ABAC) – Map powerful ABAC and Purpose Based Access Controls (PBAC) models to primitive access controls that exist in the database