Introduction to Immuta

Immuta is a US-based data security and governance vendor, founded in 2015, with its first version of software launched in 2017.  Since then, it built up an impressive roster of customers including Mercedes-Benz, Sony, Roche and Thomson Reuters, branching out from its public sector origins.  In 2022 the company raised $100 million on a valuation of $1 billion.

Immuta is a data security platform, focused on access control and dealing with policies around data security. The company has also added data discovery and data usage monitoring capabilities. They consciously restrict themselves to structured data, such as those stored in databases like Snowflake and Databricks. Many companies try to construct their own data access rules using the native features of the databases, but this becomes time consuming and even impractical if the number of sources and users become large, and more so if the business needs change frequently. Immuta sits at a policy level and generates the necessary native database commands to enforce those policies.

The process of implementation usually involves the stages “discover”, “secure” and “detect” (monitoring, risk flagging). They focus on what data is sensitive, profiling metadata in order to highlight data that may be sensitive, such as social security numbers. They have 70 pre-built classifiers to save time in defining what data is sensitive that is related to specific legislation or industries e.g. GDPR or CCPA data. One key difference between Immuta and some other tools is that Immuta works entirely with in-database processing. By working natively with the underlying data platform, there is no pass through of queries to another layer, thus avoiding potential performance bottlenecks or interruptions.

Additionally, Immuta uses an attribute-based access control (ABAC) model that simplifies how many data policies need to be managed. For example, they consider things such as who a particular user may be and which organisational group they are in or which project they are on. Using ABAC substantially reduces the number of policies required compared to traditional role-based approaches. The policy engine sits above the physical domain level so for example in situations where data is distributed, such as with a data mesh approach, the same policies can be applied to multiple physical databases e.g. some Snowflake and some Databricks instances, with no duplication of effort by the users. The product also has features to carry out data access monitoring, auditing, and detection of user and data access behaviour which enables organizations to take  remediation actions using new or updated policies.

Immuta has clearly made substantial market progress in its chosen security governance niche, and seems to offer substantial efficient benefits to customers over the most common alternative of hand-coding rules and policies using the native database control features. The larger, more complex and dynamic the use case, the greater the benefits are likely to accrue to using a platform like Immuta, whose customers are typically Fortune 2000 companies.