Architecture Guide
Read the Immuta Architecture Guide to dive deeper into the technology underpinning Immuta.
Separation of Policy and Compute
Flexibility – Multiple data sources and users means workflows might constantly need to change, thus requiring flexibility in policy creation and management.
Scalability – With more data and users comes more policies to manage. This can only be done effectively and securely at scale if the policy engine is independent of compute.
Complexity Reduction – Managing thousands of policies across multiple platforms and users can be complex without a single point of control.
Native Cloud Integrations
Dynamically enforce policies to reduce the number of user roles required
Achieve high performance because processing is done 100% in the underlying platforms
Reduce risk by eliminating the need to move or copy data
Policy Orchestration and Enforcement
Fine-grained data security – Grant uniform, fine-grained authorization for column-, row-, and cell-level security
Dynamic data masking – Enforce queries at runtime without writing code or copying data
Attribute-based access controls (ABAC) – Map powerful attribute- and purpose-based models to primitive access controls that exist in the database
- Data security is automatically enforced at runtime
- Policies can be created, verified and managed by distributed non-technical team
- Eliminate data duplication
- Inherit attributes from identity management system
- Leverage metadata only (no data stored)
- Data access is logged automatically
- Reports answer who accessed what data and when, and how policies might have changed
What are key data governance components for an effective governance framework?
The key data governance components for any effective governance framework include an understanding of your organization’s data maturity level, alignment of all key stakeholders within the organization (engineers, architects, data owners, compliance officers, analysts, auditors, etc.), and a platform that streamlines governance methods across your data stack. By facilitating stakeholder alignment and streamlining governance practices, these data governance components make for a system that manages data productively.
What makes for an effective cloud governance model?
An effective cloud governance model will govern data access and use across an organization’s various cloud storage, compute, and analysis platforms. This means that data will be controlled in order to manage its security, integrity, and quality regardless of where it lives in a data ecosystem. Universal applicability, powerful security, and comprehensible policies make for a cloud governance model that can span any range of cloud data resources.
How should I start building an access control framework?
Any data access control framework starts with the creation of access policies. After determining which access control method they want to use, a data team can assign user roles, attributes, etc. to their data users in order to describe their relevant characteristics. Then, data policies can be written that determine access based on any number of these identifiers. Teams should ensure that their access control framework not only meets internal needs, but subscribes to all applicable data rules, laws, and regulations meant to protect sensitive data.
What are the benefits of centralized access control?
Centralized access control is beneficial for a few distinct reasons. This form of access control unifies all of your required access management into a single, centralized system that can be applied across platforms. The benefits of this centralization include the simplification of access management, ease of oversight and activity tracking, and the universal application of access rules set by system administrators. It also eliminates the hassle of using disparate access models, and maintains a single standard of improved security while minimizing risk.