Immuta, the automated data governance company, announced native support for Snowflake, along with new privacy and security automation capabilities, that help organizations fully leverage cloud-based data analytics and data sharing — even on their most sensitive data sets.
Enhancements to the Immuta platform include k-anonymization, the latest addition to Immuta’s suite of Privacy-Enhancing Technologies (PETs), automated decryption of cloud-based data, and a new, native integration with Snowflake that lets joint customers easily analyze and share sensitive data.
Organizations are increasingly migrating analytics workloads to cloud environments for greater scalability, flexibility, cost savings and performance. Yet, 53% of U.S. and 60% of EU IT professionals are not confident that their organization currently meets privacy and data protection requirements in the cloud.
These concerns are forcing data governance teams to more tightly control who has access to what sensitive information, and for what purpose. The operational burden in manually enforcing rules and controls for compliance is inhibiting the success of cloud-based data analytics.
“Our latest release sets a new standard for managing security and privacy for cloud-based data analytics and data sharing,” said Steve Touw, CTO and co-founder, Immuta.
“We’re introducing a safer, more dynamic, more cost-effective approach to managing security and privacy for cloud analytics, so companies no longer have to choose between data utility and data privacy.
“Now, highly sensitive data can be ingested in encrypted form to the cloud, with Immuta automatically managing access control and automatically injecting the right privacy protections, such as our new k-anonymization technique.
“With native support for Snowflake and other leading cloud platforms, we’ve built an end-to-end, easy to implement solution for data-driven, cloud native organizations operating in regulated industries.”
Data governance teams are commonly forced to make a binary decision between providing data scientists and analysts access to a column of sensitive data, or not. K-anonymization allows organizations to play “in the gray area” by providing access and utility from a column, while removing re-identification risk.
Immuta is the first privacy platform to automate manual procedures by applying k-anonymization on the fly based on a simple policy, for any database across the organization.
Moving any data to the cloud can introduce new security risks — especially on the most sensitive data. In many cases, it is not within an organization’s risk tolerance to allow raw, sensitive values to land in cloud databases or storage (even with encryption in transit and at rest) due to their policies, breach concerns, concerns over insider threats, or the level of trust they have with the cloud or cloud service provider.
With Immuta’s new External Masking feature, customers can leverage encrypted/tokenized cloud data for analytics by dynamically decrypting, or de-tokenizing that data within analytics and BI tools in customer networks (off-cloud).
Immuta automates decryption on the fly using an organizations’ external algorithms and keys as defined by an Immuta policy — ensuring compliance with organizational security policies.
Immuta is now able to enforce all access controls and PETs natively in Snowflake. Customers can define policies within Immuta based on Snowflake tables and/or meta-data describing those tables, and have those policies enforced when users are interacting directly with Snowflake, either in the Snowflake workspace or live over JDBC/ODBC with no proxies or data copies.
Immuta’s full suite of innovative PETs are available to Snowflake customers to handle even the most complex privacy requirements.
“For any analysis on sensitive data, we must protect the privacy of individuals by ensuring the data is appropriately anonymized,” said Darren Fung, co-founder and CTO, Drop.
“Immuta provides an intuitive interface to author complex anonymization policies with robust anonymization techniques such as dynamic k-anonymization, which enables the balancing of data utility vs. risk with minimal system complexity.”