Capabilities

Scalable, Attribute-Based 
Access Control

Immuta’s flexible Policy Builder, available as code yet readable in plain text by compliance teams, empowers data teams to create automated policies to govern cloud data use – scaling user adoption, eliminating approval bottlenecks, and providing trust with compliance and governance teams.

Request a Demo

Build Policies 
in Plain English

Immuta’s explainable policy builder lets users author policies in plain English, so all security and governance stakeholders can understand how analytics access control is managed and protected. Data engineers can also use Immuta’s Policy as Code capabilities to make policies extensible to other tools in the data stack. This approach improves collaboration and fits seamlessly into modern DataOps workflows.

100X More Scalable Than Any Alternative

Many data engineering and administration teams suffer from “role-explosion,” requiring them to manage hundreds or thousands of user roles to control access to data in specific tables or databases due to static or role-based policies. Immuta solves this problem with attribute-based access control. Unlike open source solutions such as Apache Ranger, this approach uses dynamic user subject attributes, such as geography, time and date, clearance level, and purpose, represented as policy variables, to make context-aware decisions at query time. This means that a single Immuta ABAC policy can replace over a hundred roles, saving time and reducing security risks.

Easily Limit Data Use to Specific Purposes

New and expanding government regulations such as CCPA and the GDPR prevent analytics teams from legally using sensitive data without clear and intended purposes. Immuta provides easy-to-use consent workflows for data teams to audit usage purposes and create attribute-based controls that enforce who can use what data and why. With streamlined workflows for consent, it’s easier to comply with legal guidelines and prove that compliance when necessary.

Secure Data Collaboration

Immuta features a patented, policy-based approach using data-level zones that manage read/write access across users with different permissions. By using data-level zones, Immuta automatically equalizes access rights for all users, making it easy and safe to publish derived data sets without leaking data to users with different permissions.

Attribute-Based Access Control

Frequently Asked Questions

  • What is data access control and why is it important?

    Data access control is used to manage access to a company’s data by allowing access to authorized database users and restricting access to unauthorized internal and external individuals. If used correctly, it offers a variety of business benefits, including increased efficiency of data analytics, data governance, data-rich application development, and compliance, and quicker results and value derived from sensitive data.

  • What is fine-grained access control?

    Fine-grained access control is a method of managing data access that uses specific and different policies to restrict access at the row-, column-, and cell-level, ensuring that sensitive information is thoroughly protected when large amounts of data are stored together. With fine-grained access control, each data point has a unique access control policy, making protection measures more precise and allowing data with varying regulatory requirements to be securely stored and used together.

  • What’s the difference between RBAC and ABAC?

    • RBAC permits or restricts data access based on the privileges associated with a user’s role within an organization. Privileges can only be changed or added if a new role is created.
    • ABAC is more dynamic. It permits or restricts data access based on a variety of independently provisioned and environmental characteristics, such as assigned user, action, and environmental attributes.

Ready to get started?

Request a Demo