Data access control and governance are central tenets of a strong cloud data strategy. As demand for data grows, so do the number of platforms touting cutting edge access control management capabilities. The data governance landscape is rapidly evolving and data access control – a subset of the overall market – is its own new and unique category with a focused group of vendors.
GigaOm’s Radar Report for Data Governance Solutions assessed nine data governance vendors on a series of key criteria and evaluation metrics. The report named Immuta as one of the overall leaders. And, of the three vendors focused on data access control, Immuta was named the clear leader and most innovative.
The results reinforce the findings of an earlier independent GigaOm report, which found that Immuta’s attribute-based access control approach reduces policy burden by 75x when compared to Apache Ranger’s role-based access control model.
The Case for Automated Data Access Control
Why pay attention to data access control and governance solutions now? GigaOm Analyst Andrew J. Brust points to two converging trends: the shift to data-driven decision-making and the legal imperative to protect data.
A report by S&P Global’s 451 Research and Immuta found that 65% of respondents said data has become more important in their roles over the past two years, and 71% believed that it will become more critical to their organization’s decision-making in the next two years. At the same time, 84% of respondents anticipated that data privacy and security requirements will restrict data access as the number and scope of data rules and regulations continue to grow.
The need to balance these two conflicting trends has created the case for automated data access control and governance. But as Brust points out in the report, “many products describing themselves as ‘data governance’ solutions do not necessarily provide the core functionalities described here. At the same time, other platforms that do provide robust data governance features are not marketed as such.”
For data teams choosing between a range of vendors, it’s important to identify the must-haves and the want-to-haves.
Key Criteria for Data Access Control
With such a broad spectrum of capabilities available, how should organizations parse out what constitutes a must-have? GigaOm identified five key criteria on which to assess each platform:
- Single-view control panel
- Audit/logging capabilities
- Data lineage capabilities
- Self-service approach
- Automated data classification
In addition to these capabilities, GigaOm evaluated the platforms based on enablement and usability metrics – elasticity, connectivity, collaboration, maturity, and ease of use. Putting the vendors on an objective, level playing field allows organizations to identify which capabilities and features are most important to their teams and data strategies, avoiding a one-size-fits-all approach to access control decisions.
Yet, as modern data stacks and the data landscape become increasingly complex, certain features will be essential for scalability and long-term success. For instance, a single-view control panel will reduce complexity and redundancy for data engineering and operations teams who work across various platforms, and self-service methods will alleviate the burden on them to manually respond to access requests as the number of data users grows.
[Tip] Learn more about the evolution of data access control in RBAC vs. ABAC: Future-Proofing Access Control.
Leading Data Access Control Innovation
What does it take to be a leader in data access control innovation? Taking the aforementioned key criteria and evaluation metrics into account, GigaOm found that Immuta’s automated data access control capabilities rose to the top, earning recognition as a “fast mover” and a leader in the data governance innovation space.
Immuta outperformed competitors by earning high marks for:
- A single-view control panel that centralizes access control policies across platforms, making it easier for DataOps teams to manage policies regardless of their data stack.
- An easy-to-use UI and policy-as-code policy builder. Immuta’s policy-as-code builder allows users to represent and source control policy state in declarative files and push changes through continuous delivery workflows, while the easy-to-use UI allows non technical users to understand, validate, and even author policy.
- Project workspaces that enable secure data sharing and collaboration using purpose-based access controls, eliminating the need to copy data.
- Dynamic, attribute-based access control, which enforces policies at query time so the right people can access the right data at the right time, optimizing scalability and speed to data.
This isn’t the first time GigaOm’s analysts and researchers have recognized the power of Immuta’s attribute-based access control (ABAC) – an earlier report put Ranger’s (+Atlas) OT-RBAC model head-to-head with Immuta’s ABAC approach, and found that Ranger required 75x more policy changes than Immuta to satisfy the same security requirements. Even when coupled with Apache Atlas for data discovery and tagging, Ranger still required 61x more policy changes than Immuta.
When it came to advanced access control capabilities, Ranger was unable to satisfy any of the data security requirements, while Immuta was able to meet each requirement with just a single policy change.
According to GigaOm’s estimate, the downstream costs of using Ranger’s approach could equate to upwards of $300,000 in lost time and opportunity — a gap that will widen as users, data sets, data platforms, or any number of variables increase.
In short, the key to achieving cloud scale is moving to dynamic ABAC. Investing in solutions that offer dynamic, attribute-based access control enables data teams to harness the full value of their data with minimal overhead.
Immuta was built for the future of cloud data use – a future in which organizations are adopting multiple cloud data platforms, increasing their numbers of data users, relying on data for decision-making, and being held responsible for protecting that data. Static, traditional approaches to data access control and governance will hinder data teams’ ability to scale and maximize data’s value.
As organizations innovate with data, they need an equally innovative approach. GigaOm’s Radar Report for Data Governance Solution shows why Immuta is an industry innovator that’s built to help companies achieve their data goals while minimizing time and risk. To read the full analysis, get your copy of the report here.
Want to see what the buzz is about? Start your free trial of Immuta to experience it for yourself.