Skip to content

You are viewing documentation for Immuta version 2021.5.

For the latest version, view our documentation for Immuta SaaS or the latest self-hosted version.

Prologue - Immuta Architecture, UI, and Deployment Methods

Audience: All Immuta users

Content Summary: This chapter introduces all users to Immuta, broadly describing Immuta's benefits, deployment options, access patterns, UI, and user roles.

Immuta Overview

The Immuta platform solves two of the largest issues facing data-driven organizations: access and governance. In large organizations, it can be difficult, if not impossible, for data scientists to access all the data they need. Once they do get access, it’s often difficult to make sure they use the data in ways that are compliant with regulations.

The Immuta platform solves both problems by providing a single, unified access point for data across an organization and ensuring that all restrictions placed on data are dynamically enforced through the platform. This unification creates efficient digital data exchanges and provides complete visibility of policy enforcement and monitoring.

Immuta Element Description
Data Sources A data source is how users virtually expose data (that lives in a remote data storage technology) across their enterprise to other users. When you expose a data source you are not copying the data; you are using metadata to tell Immuta how to expose it. Once exposed and subscribed to, the data will be accessed in a consistent manner across analytics and visualization tools, allowing reproducibility and sharing. For more information and tutorials about data sources, see Chapter 4.
Policies Policies are fine-grained security controls applied to data sources by Data Owners or Data Governors, who determine the logic behind what is hidden from whom. Immuta offers two policy types: Subscription Policies, which determine who can access a data source, and Data Policies, which determine what data the user sees once they get access to a data source. Through these policies, data is hidden, masked, redacted, and anonymized in the control plane based on the attributes of the users accessing the data and the purpose under which they are acting. For more information and tutorials about policies, see Global Policies in Immuta or the Local Policy Overview.
Projects Projects allow users to logically group work by linking data sources and can be created to efficiently organize work or to provide special access to data to specific users. The same security restrictions regarding data sources are applied to projects; project members still need to be subscribed to data sources in order to access data, and only users with appropriate attributes and credentials will be able to see the data if it contains any row-level or masking security. However, Project Owners can enable Project Equalization, which improves collaboration by ensuring that the data in the project looks identical to all members, regardless of their level of access to data. When enabled, this feature automatically equalizes all permissions so that no project member has more access to data than the member with the least access. For more detailed discussion and tutorials about projects, see Chapter 5.
Audit Logs and Immuta Reports All activity in Immuta is audited, and Data Owners and users with the AUDIT permission can access audit logs that detail who subscribes to each data source, why they subscribe, when they access data, and which files they access. These logs can be used for a number of intentions, including insider threat surveillance and data access monitoring for billing purposes. Audit logs can also be shipped to your enterprise auditing capability, if desired. Similarly, Governors can build Immuta Reports to analyze how data is being used and accessed across Immuta using the Immuta Report Builder. Reports can be based on users, groups, projects, data sources, tags, purposes, policies, and connections within Immuta. For more information and tutorials about audit logs and Immuta Reports, see the Viewing Audit Logs tutorial and the Immuta Reports guide, respectively.

Native Access Patterns

Immuta provides several access patterns through which all data access is native:

Section Contents

Before you install Immuta, review the content in the sections below.