https://community.databricks.com/t5/data-governance/evaluating-view-based-access-control-vs-native-databricks/m-p/80290#M1974 <P>Thank you&nbsp;<a href="https://community.databricks.com/t5/user/viewprofilepage/user-id/9">@Retired_mod</a>&nbsp;for your contribution.</P><P>I want to learn more about real use cases when company decided to go with Databricks'&nbsp;<SPAN>Row-Level Security (RLS) and Column Masks. I just want to convince teams to consider the approach.<BR />To me the pros outweigh the cons, but i want to know what angle I might miss.</SPAN></P> Wed, 24 Jul 2024 09:17:49 GMT jackgurae 2024-07-24T09:17:49Z https://community.databricks.com/t5/data-governance/evaluating-view-based-access-control-vs-native-databricks/m-p/78908#M1956 <P>Hello Databricks Community,</P><P>I'm seeking advice and insights on best practices for managing data access and permissions in Databricks. Our company currently uses a view-based approach for access control, but I'm wondering if we should transition to Databricks' native security features like row-level security (RLS) and column masks.</P><P><STRONG>Our Current Approach</STRONG><BR />We create multiple view tables from upstream tables to manage permissions. For example:<BR />- `client_info` (upstream table)<BR />- `npii_client_info`<BR />- `pii_client_info`<BR />- `pii_client_info_teamA`</P><P><STRONG>Concerns</STRONG><BR />1. Data lineage complexity??<BR />2. Maintenance overhead (multiple data dictionaries)<BR />3. Potential inconsistencies across views<BR />4. Scalability as data and organization grow</P><P>1. What are the pros and cons of our view-based approach vs. using Databricks' RLS and column masks?<BR />2. Has anyone successfully transitioned from a view-based system to native Databricks security features? What challenges did you face?<BR />3. Are there specific use cases where view-based access control might be preferable?<BR />4. How does the performance compare between these two approaches, especially for large datasets?<BR />5. What impact does each approach have on data governance and compliance efforts?</P><P>I'd greatly appreciate any insights, experiences, or best practices you can share. Thank you in advance for your help!</P> Tue, 16 Jul 2024 05:47:26 GMT https://community.databricks.com/t5/data-governance/evaluating-view-based-access-control-vs-native-databricks/m-p/78908#M1956 jackgurae 2024-07-16T05:47:26Z https://community.databricks.com/t5/data-governance/evaluating-view-based-access-control-vs-native-databricks/m-p/80290#M1974 <P>Thank you&nbsp;<a href="https://community.databricks.com/t5/user/viewprofilepage/user-id/9">@Retired_mod</a>&nbsp;for your contribution.</P><P>I want to learn more about real use cases when company decided to go with Databricks'&nbsp;<SPAN>Row-Level Security (RLS) and Column Masks. I just want to convince teams to consider the approach.<BR />To me the pros outweigh the cons, but i want to know what angle I might miss.</SPAN></P> Wed, 24 Jul 2024 09:17:49 GMT https://community.databricks.com/t5/data-governance/evaluating-view-based-access-control-vs-native-databricks/m-p/80290#M1974 jackgurae 2024-07-24T09:17:49Z