Written by
Sam Carroll, Solutions Architect, Immuta

As organizations increasingly adopt LLMs in order to unlock greater savings and productivity, the Snowflake AI Data Cloud is on the leading edge of AI’s evolution. Snowflake Cortex empowers organizations to seamlessly leverage their data with LLMs, ensuring that usage is ethical, responsible, and secure. But to fully reap the benefits, these organizations must also adapt their data security controls to meet the complexity and scale of these new LLM systems.

Immuta’s partnership with Snowflake allows you to quickly deploy LLM applications while ensuring that users access only the data to which they are authorized. In this blog, we’ll take an inside look at how it’s done.

About Snowflake Cortex and Immuta

Snowflake’s integrated approach to AI and ML means that all of your existing data can now be effectively used to drive innovation at an unprecedented scale. Snowflake Cortex specifically enables you to build out advanced LLM and ML capabilities. To effectively create and use internal data to provide context-driven LLM responses, Snowflake also provides Retrieval-Augmented Generation (RAG) tables that offer a simple way to vectorize data living within the platform. But, to determine how data should be used, you must implement contextual security policies.

The Immuta Data Security Platform provides a comprehensive way to build policy based on the context of who is accessing the data and why. Immuta’s sensitive data discovery provides tagging and classification, which enable you to quickly find the type of data contained in sources that power context-driven LLM interactions.

How Immuta Protects Sensitive Data in Snowflake Cortex

To effectively determine if someone is allowed to access data, you also need the ability to create fine-grained access controls on RAG tables in Snowflake. Once Immuta is connected, it uses models to help determine the context of data living in these tables. After it has been classified, Immuta enables you to easily define policies that allow individual users to use this data in an LLM prompt by evaluating what they can and should be able to access.

Immuta’s tight integration with native Snowflake controls means that users can build applications on Snowflake while ensuring that the appropriate row- and column-level policies are in place to protect data needed for LLM prompts. Meanwhile, Snowflake RAG tables allow users to interact with their internal Snowflake data via Cortex. Immuta data access control policies are built to be context-aware so that each individual user’s authorizations are evaluated against the data being passed to the LLM model. This capability that business users and data governors can enable LLM usage on a broad scale, without requiring specialized data engineering skill sets or causing bottlenecks due to data management complexity.

*Immuta’s plain-language policy builder allows organizations to build scalable, understandable, and auditable policies on RAG tables.

After the data has been made available to the users, it is imperative that their usage is auditable and easily monitored. Immuta’s data monitoring features allow users to quickly gain insights into who uses data for Cortex-powered LLM applications by profiling and monitoring query activity in Snowflake. Since Immuta can monitor and audit all queries, you’re able to begin building robust alerting capabilities to notify you when people are accessing sensitive data, not using data sets, or trying to access new features that they don’t have authorization to see.

*Immuta provides audit insights into how users are accessing and using RAG data with Cortex.

The introduction of Snowflake Cortex and RAG features will drive effective, enterprise-scale LLM adoption. In order to effectively harness the power of LLMs, it is critical to develop a context-aware security framework. Immuta provides a foundation for enabling LLM use cases in Snowflake by finding sensitive data, enforcing context-aware fine-grained policies, and delivering robust auditing for compliance and long term success.

To learn more, watch the demo below and read about Immuta’s support for Snowflake Horizon features.