Webinar: Join Immuta, HP, & NightDragon to learn why managing access is critical for the future of data use.

Sign Up
Product Overview

Immuta Data
Access Platform

Immuta's Data Access Platform delivers data access and security at scale. Immuta discovers, secures, and monitors an organization's data to ensure that users have access to the right data at the right time – as long as they have the rights.

Self-guided Demo
 

What customers say

If we didn’t have Immuta, then Billie’s expansion as a business wouldn’t be possible. I’m not sure how we could do it without Immuta.

Igor Chtivelband Co-Founder and VP of Data

We're looking at ways that we can enable more sensitive use cases by using Immuta, which is a self-service data access and privacy control layer on top of that data lake.

Rohan Dhupelia Data Platform Manager

Databricks opens up many opportunities for self-service data analytics, data science, and enterprise reporting. Paired with Immuta, we can make all our data available to all types of business analysts, data scientists and data engineers.

Ajay Sahu Director of Enterprise Data Management

We look forward to helping bring Immuta’s cloud data access control capabilities to more joint customers as they’re building their future data and analytics stack on the lakehouse platform.

Ali Ghodsi CEO and Co-Founder

With Immuta, we’ve been able to streamline data science and engineering teamwork, dynamically adapt in real time, and accelerate productivity.

Halim Abbas Chief AI Officer

Immuta’s automated, integrated approach to data access control brings fine-grained data security to Snowflake customers who deal with large amounts of sensitive data.

Tariek Dwiek Director of Technology Alliances

By incorporating Immuta’s data security and privacy capabilities, we have enhanced the overall strength and security of the platform.

Walid Mehanna Head of Data & Analytics

Immuta is the go-to technology to implement our vision of an internal ‘Data & Analytics Marketplace’, enabling full transparency on the relevant data assets with secure and compliant data access.

David Abrahams Data Leader

Databricks gives us scale and speed, Immuta gives us trust and privacy.

Slava Frid CTO

Know what sensitive data you have

Immuta automatically scans cloud data sources, detects sensitive data, and generates standard tagging across multiple compute platforms, reducing risk and improving data utility.

Write policies and enforce them

Collaborate as a team to build PBAC, ABAC, and RBAC data policies that dictate fine-grained data security (row, column, cell) and employ advanced data masking techniques for the utmost privacy.

Prove compliance

Our data access platform allows you to easily track who can access what data, policy changes, and user queries for audit purposes, as well as help determine risk profile for sensitive data and associated policies.

ABAC Explainer

How Attribute-Based Access Control Works

Data teams are moving from RBAC to ABAC to make building and applying data policies simpler and more scalable. Instead of roles, ABAC uses tags - or metadata - to make run-time decisions on what data a user can see. But, ABAC is more than just tagging.

ABAC 101
Feature Highlights

Built for how data teams work with data policies

Our data access platform empowers data teams to manage data policies more efficiently. That means making really hard things possible and simpler things automated.

Feature Highlights

Built for how data teams work with data policies

Our platform empowers data teams to manage data policies more efficiently. That means making really hard things possible and simpler things automated.

Feature Highlights

Built for how data teams work with data policies

Our platform empowers data teams to manage data policies more efficiently. That means making really hard things possible and simpler things automated.

Feature Highlights

Built for how data teams work with data policies

Our platform empowers data teams to manage data policies more efficiently. That means making really hard things possible and simpler things automated.

Scan & classify

Connect to Immuta in minutes and begin scanning your data, applying standard tags, and using over 65+ pre-built classifiers. You can also leverage metadata from Data Catalogs that Immuta integrates with such as Collibra or Alation.

Write policies

Easily author and implement policies in plain language – or using policy-as-code – for both transparency and flexibility. Immuta is designed to work with and streamline your existing tools and processes.

Mask data

Enforce policies at query runtime using techniques like hashing etc., without writing code or copying data.

Audit

Automatically log all actions and quickly run reports to prove compliant data use and investigate incidents.

Why Immuta

100x Faster Data Access
100x Faster Data Access

Streamline data access flows and approvals, going from months to seconds.

75x Fewer Data Policies
75x Fewer Data Policies

Reduce the number of policies required with Attribute-Based Access Control.

Improved Data Security & Compliance
Improved Data Security & Compliance

Prove compliant data use with company rules and external regulations.

Frequently Asked Questions

Why is there a need for data access control?

The ability to store large amounts of information together is a substantial competitive advantage. However, this data can vary in terms of type, source, and security level. With organizations accelerating movement to the cloud and adopting multiple cloud data platforms, it’s imperative to maintain control over who can access what data and for what purpose. Without data access control to dictate that, organizations run the risk of data leaks, breaches, and otherwise unauthorized access that can be costly from a monetary standpoint — in the form of penalties for violating data use rules and regulations — as well as from a privacy standpoint, as data subjects’ personal information and proprietary business data may be exposed. Before the onset of cloud data use, when data types could be stored in separate locations with access dictated according to those locations, coarse-grained access controls worked sufficiently. But, as data is increasingly co-located in the cloud and use cases expand, fine-grained data access control is essential to enable data use without running into security or compliance issues.

What is fine-grained access control?

Fine-grained access control is a method of managing data access that uses specific policies to restrict access at the row-, column-, and cell-level, ensuring that sensitive information is thoroughly protected when large amounts of data are stored together. With fine-grained access control, each data point has a unique access control policy, making protection measures more precise and allowing data with varying regulatory requirements to be securely stored and used together.

What are the four types of access control?

The four main types of access control are discretionary, mandatory, role-based, and attribute-based. With discretionary access control (DAC), users create rules to determine who has access to the data through access control lists (ACLs) and capabilities tables. Mandatory access control (MAC), often regarded as the strictest type, takes a hierarchical approach to data access in which a systems admin regulates data access based on varying security clearance levels, and is widely used in the government and military. Role-based access control (RBAC) depends on a systems admin to grant access permissions based on a user’s role within the organization. Unlike RBAC, attribute-based access control (ABAC), enables data access based on attributes of the user, object, action, and environment, creating a dynamic system that vastly reduces the number of policies needed to enforce access control and avoids the need to create new roles for all changes to a data environment.

What’s the difference between RBAC, ABAC, and PBAC?

Role-based access control (RBAC) grants data access to users based on their role or function within the organization. This type of access control works for small organizations with few data sets and data users, but as roles, users, and rules change, data teams are forced to create new roles to accommodate organizational evolutions. As a result, a system may contain hundreds or thousands of roles that are difficult to manage and scale as organizations grow, which can lead to increased risk of data leaks and breaches.

Attribute-based access control (ABAC) is an approach to data security that permits or restricts data access based on assigned user, object, action, and environmental attributes. In contrast to RBAC, ABAC has multiple dimensions on which to apply access controls. This makes attribute-based access control a highly dynamic model because policies, users, and objects can be provisioned independently, and policies make access control decisions when the data is requested.

Purpose-based access control (PBAC) applies regulation-based restrictions to sensitive personal data, as detected by automated sensitive data discovery tagging. When combined with data masking tools, this reinforces confidence that the right people are accessing the right data at the right time, and for appropriate purposes. For regulatory compliance and data audit trails, this level of control is particularly powerful and critical for ensuring data is adequately protected and reportable to legal and compliance teams.

What is the strictest access control model?

Mandatory Access Control (MAC) is considered the strictest access control model. Primarily used by the government and military, this form of access control takes a hierarchical approach to regulating data access. Security labels, denoting both classification and category, are placed on the available resources by system admins and cannot be changed by any other users. The same labels are attributed to the system’s users, so only those with the proper security credentials are able to access certain resources within the system.

Have 29 minutes?

Let us show you how Immuta can transform the way you govern and share your sensitive data.