Immuta strengthens Snowflake integration to evolve complex data access control policies
Immuta announced new capabilities that strengthen its integration with Snowflake, the data cloud company, streamlining and enhancing the data governance experience for joint customers. With its latest release, Immuta is more deeply integrated with Snowflake, providing a scalable, automated way to author and evolve complex data access control policies.
Immuta introduced its integration with Snowflake in May of 2020, allowing joint customers to automate and simplify Snowflake data policy management, efficiently scaling cloud data and analytics initiatives to an ever-growing number of internal and external data consumers.
The enhanced integration made available today provides data teams the ability to deploy Snowflake’s row access and column masking policies, as well as leverage object tagging, while benefiting from Immuta’s universal cloud policy authoring and highly scalable and evolvable attribute-based access controls.
Enhanced Snowflake integration features
Policy scalability: Immuta’s automated policies are built in a way that dynamically injects user attributes at policy invocation, avoiding the need to build policies for each user scenario. Taking a data locality example, policy authors can build a single Immuta Row Access policy that supports all user country combinations, rather than a Row Access policy for each user country combination. Immuta policy definitions also leverage Snowflake’s object tagging feature to push policies to all relevant tables/columns.
Plain English policies: Immuta’s automated policies are represented in plain English, rather than SQL roles and code, making it easy to prove to data governance teams that data policies are implemented properly and securely across Snowflake.
Policy auditing and versioning: Immuta’s policy management – which tracks all policy changes, version control, and user query history – allows Snowflake data teams to easily prove compliant data use and investigate incidents.
Open architecture: Since Immuta simply automates Snowflake governance capabilities through an abstraction layer, those policies will continue working even without Immuta.
“Immuta’s automated, integrated approach to data access control brings fine-grained data security to Snowflake customers who deal with large amounts of sensitive data,” said Tariek Dwiek, Director of Technology Alliances, Snowflake. “Snowflake is helping customers mobilize their data and Immuta can help our customers ensure confidence that their most sensitive data is protected.”
Earlier this year, Immuta became the first data access control solution in Snowflake’s Partner Connect portal, and achieved Snowflake Premier Partner Status, validating Immuta’s innovative integration with Snowflake’s platform.
“Since launching our partnership in early 2020, Immuta and Snowflake have helped data-driven organizations confidently mobilize and share large amounts of sensitive information,” said Steve Touw, CTO, Immuta. “With our enhanced Snowflake integration, we are greatly streamlining the data governance experience for joint customers. Rather than focusing most of their time on managing access control, data platform owners can focus on delivering data to consumers, enabling them to speed up and de-risk their ability to evolve data policies.”
Joint customer Slava Frid, CTO and Platform Architect at WorldQuant Predictive, commented on the benefits of this collaboration: “We’re excited to see this continuing investment into the integration of Snowflake and Immuta. Together, they’ve helped us create a modern cloud data stack and increase our data usage in a safe and secure way.”
Additional Innovations and enhancements in Immuta’s latest release
Impersonation – Data teams can now use Immuta to impersonate users on top of SaaS data warehouses such as Snowflake, Amazon Redshift, and Azure Synapse. Impersonation enables organizations to enforce access control policies for each end-user from business intelligence (BI) dashboards such as Tableau that use service accounts that otherwise bypass policies for users with different access levels. Using this capability, Immuta uniquely enables data teams to publish sensitive data to BI tools without any disruptive changes or risk of a data leak.
Customized Sensitive Data Discovery (SDD) – Immuta automates the discovery and classification of sensitive data attributes across cloud data platforms. Immuta includes 60+ standard data classifiers for attributes such as social security number, email, and country. With Immuta’s latest release, customers will now be able to create their own domain-specific and custom classifiers, enabling dynamic and completely automated discovery of sensitive data to drive policy enforcement.
Approve to promote – With Immuta’s new Approve to Promote feature, organizations with audit and validation requirements for policy creation can now require a certain number of users to validate authored data.