Top Investment Firm Unlocks Advanced Analytics While Protecting Access

Key takeaways

Upgraded data masking permissions from binary to nuanced for more granular control.

Removed access authorization burdens from data engineering teams, increasing productivity and efficiency.

Seamlessly integrated new security features with existing data platforms, including Snowflake and Databricks.


Serving more than 7 million individuals around the world, this top investment firm has spent over a century helping its clients manage a diverse array of long-term, high-quality financial investments. The firm employs 19,000 attentive and dedicated financial advisors across 15,000 locations.

To best serve its clients, the organization needs to be able to access and analyze the most up-to-date financial and portfolio information at the speed of business. At the same time, they must ensure the complete, compliant protection of customers’ data in order to protect their identities, assets, and financial well-being.


In the fast-paced world of data and analytics, the investment firm found itself facing significant data security and data access control challenges. The organization adopted modern data and analytics platforms, including Snowflake and Databricks, but experienced limitations applying comprehensive data masking and access control, especially for personally identifiable information (PII) and other sensitive data.

A major concern stemmed from the binary nature of the firm’s existing data access permissions. Its system gave users either full access to unmask PII, or no access to do so at all. This one-size-fits-all approach was not aligned with the company’s diverse data sets, nor with the varying requirements of different user groups. For instance, employees querying data for internal IT requests would have the same level of access to investor information as a financial advisor, who would actually need that information to serve their clients. This discrepancy led to operational inefficiencies and raised serious concerns about data security.

With a need to better protect sensitive data, the firm embarked on a quest to find a suitable data security solution. Its existing systems, while offering some level of access control, didn’t provide the granularity required to meet its security objectives. The team sought a solution that could not only bolster data protection, but also seamlessly integrate with existing data platforms.


The decision to seek a data security solution was driven by several key criteria:

  • Integration: The solution needed to seamlessly integrate with the company’s primary data ecosystems, which included platforms like Snowflake and Databricks. A solution that disrupted existing workflows and required complex data routing was not acceptable.
  • User-Friendly Interface: A user-friendly interface was a must-have. It needed to be easy for non-technical teams, such as data stewards and data privacy officers, to understand and utilize.
  • Global Policies: The firm was looking for a solution that allowed users to create global masking and access policies. This would simplify data security and access control by allowing uniform policies to be applied across their data structures.
  • Documentation and Support: Robust documentation and support resources were crucial. They needed a solution provider that would facilitate implementation and provide ongoing support for their data security needs.

While exploring the market, the firm considered a range of different vendors. In the end, the Immuta Data Security Platform stood out as the optimal choice for their needs. Its native integrations, user-friendly interface, strong documentation, and proven ability to meet the organization’s criteria made it the right solution to address their data security challenges.


The collaboration with Immuta has yielded tangible results, transforming the firm’s data security and access control capabilities. Some of the key outcomes and results include:

  • Improved Data Masking: Implementing Immuta has streamlined the firm’s data masking process. For one, the capacity to mask or unmask data is no longer a binary choice. Global dynamic data masking and access policies apply masking based on individual user attributes, and have played a vital role in enforcing consistent data security measures across the organization. Data engineers no longer bear the burden of authoring PII masking rules, which simplifies overall data security processes and workflows.
  • Enhanced User Experience: A unified approach to access control and data masking policies has translated into a significantly improved user experience. Data stewards and users now enjoy a streamlined and efficient process, eliminating the need for separate access requests for different data sets.
  • Comprehensive Documentation: Immuta’s documentation resources have proven invaluable. The availability of detailed and up-to-date documentation has eased the implementation and post-implementation phases, making it easier for the organization to harness Immuta’s full potential.
  • SaaS Integration: Immuta’s strategic partnerships with Snowflake and Databricks have resulted in first-class integrations with no performance impacts. This minimizes data routing complexities and the risk of service outages. The seamless integration ensures that SaaS data security and access control are not only robust, but also dependable.

The firm is not only reaping the immediate benefits of improved data security and access control, but is also geared towards additional future advancements. The team anticipates further expansion of capabilities and integrations, especially into platforms like SQL Server and Oracle. The collaboration with Immuta has not only met their immediate data security needs, but has positioned them for long-term success in an evolving data landscape.

Ultimately, this firm’s journey towards enhanced data security with Immuta showcases the importance of finding the right solution to address critical data challenges. With a clear vision of their requirements, the firm was able to prioritize data security needs and make strategic decisions to improve it, allowing them to unlock the full potential of their data analytics.