Immuta ensures secure, controlled access to sensitive data, excelling in data governance, regulatory compliance, and privacy. Key features include dynamic policy enforcement, fine-grained access control, and seamless integration with diverse data sources. Users report improved operational efficiency and enhanced teamwork.
The primary use case predominantly revolves around data governance. Our customers manage data across various data centers, especially within Europe, where GDPR and other privacy regulations necessitate strict data control. Immuta enables us to enforce these policies, restricting user access to data from different regions and implementing data masking for sensitive information. Furthermore, we utilize role-based security to control access at a granular level. For instance, specific users may only view items with a price exceeding five hundred. In essence, our primary focus is on data governance.
Immuta offers two main components: subscription policies and data policies. Data policies align with use cases involving role-level security, ensuring that users access data according to their roles. Subscription policies, on the other hand, enable users to subscribe to specific data subsets based on their region. For example, someone in France wouldn't be able to access data from a California team, and vice versa. Immuta enforces these policies at the database level, providing users with a sense of abstraction. You see a certain set of data, which you perceive as a complete picture, but you're actually limited to specific portions, akin to viewing just one sheet in an Excel file while being unaware of the contents of the other sheets. Immuta ensures users always see the data they need, abstracting the complexities associated with region-specific data access.
Another valuable feature of Immuta is automatic data tagging and PII discovery. Instead of manually tagging data, Immuta’s auto-discovery capability identifies sensitive information, such as country labels, gender information, and other personal data. It self-tags this data, allowing you to enforce appropriate policies. For example, if someone doesn't want to disclose their gender or age, Immuta’s self-discovery helps ensure this sensitive information is handled with care. Immuta alerts you about the detected data that should be handled cautiously.
Immuta has room for improvement in several areas due to its relatively new platform. One critical aspect is the integration with databases, which is still in its early stages. Currently, Immuta can read data from the database but doesn't send the processed metadata back to the database. This disrupts the data chain, as the database must generate its own metadata to simulate what's done in Immuta. While Immuta is working on addressing this issue, the development is expected to be available next year.
Another complexity arises from setting up users directly in Immuta. Immuta creates its own data syncing patterns for users from an organizational directory, like an active directory, and these patterns don't align with the database's patterns. As a result, database administrators or data governance consultants have to manually delete users from both Immuta and the database, which is an overhead task. If Immuta could automate this process by reading user information from the database, it would greatly simplify user management. This area needs improvement as well.
I have been using Immuta for five months.
In terms of stability, Immuta has been quite reliable, provided that it remains up and running. They regularly release system upgrade patches, and they are proactive in communicating these updates to all stakeholders. These patches have not caused any significant stability issues so far. Therefore, I would rate Immuta positively in terms of stability.
In our case, we have a small setup with around 25 people, so I might not be the best person to evaluate scalability. Our data volume is minimal, and the system has been working well without any issues so far.
There have been instances where the demos were overly technical and not presented in a business-oriented way. It's important to remember that the tool is used by business users, and the presentations should cater to a non-technical audience. Many attendees at data governance conferences are not well-versed in technical jargon, so it's essential to present information in a way that's accessible to everyone.
Neutral
The implementation process with Immuta was quite challenging, primarily due to issues related to database handling and the syncing of user groups. Initially, the setup involved creating a service account, which was complicated because it required authorizing based on the directory. This authorization process was questionable at times. However, over time, the setup has become more efficient and is working smoothly.
Regarding usage patterns, syncing patterns, and metadata automation, everything is currently handled within the Immuta platform, and no additional automation tools have been deployed. Immuta takes care of data governance comprehensively.
The implementation process took approximately four or five days, and involved five or six people.
We conducted a successful proof of concept with Immuta, and one of the key factors contributing to our choice was its compatibility with our database. This compatibility was a significant advantage for us.
It's important to prepare a checklist and not rush into decisions. Create a checklist that outlines your specific requirements and prioritize them. Consider factors like data classification, sensitivity, and the potential impact on your business. Understand the consequences of exposing sensitive data and evaluate whether Inmuda aligns with your needs. Doing your homework and assessing your requirements thoroughly is essential before choosing Inmuda.
I would rate it a seven out of ten.
