Table Columns

The "Table Column Security" allows administrators to protect sensitive data within tables. They can:

• Restrict Access: Block unauthorized users from viewing specific columns.

• Apply Masking Policies: Provides security for sensitive data while granting authorized users access.

  

Based on the selected Data Source (Connection Name), the corresponding table columns are displayed along with the governance roles, users, and roles with metadata and data permissions on those table columns.

Table Column Security and Access

Table Column Security provides granular control over sensitive data within tables. Administrators (SGA and OE_ADMIN) can:

• View Crawled Table Columns: Access a list of all crawled table columns within a database. Inherited table-level permissions determine access for each column.

• Update Governance Roles: Modify governance roles for individual or multiple table columns.

Data Protection (SGA & OE_ADMIN only):

• Mask Columns: Protect sensitive data (e.g., PII, PHI) by obscuring it with user-defined masking policies. Masking Columns requires enabling Table-Column Security at the table level.

  • Policy Creation: Define a unique policy name, choose a masking scheme (e.g., mask all, show first 4 characters), and optionally specify authorized users/roles exempt from masking.

  • Policy Assignment: Associate the masking policy with specific table columns.

  • Restrict Columns: Completely restrict access to specific table columns, granting visibility only to authorized roles.

Masking with Business Glossary:

• Term-Based Masking: Mask columns using terms from the Business Glossary. Users with Meta-Write permission on a term (domain) can:

  • Define a masking policy for the term (draft state only).

  • Associate the term with specific table columns, enabling masking and Table-Column Security.