As organizations accelerate cloud adoption and build diverse data stacks to maximize the value of best-of-breed cloud platforms like Databricks and Snowflake, one often overlooked the challenge is managing access and privacy controls as systems scale.
For those that rely on traditional role-based access controls, manually replicating data copies, managing entitlements, and consistently enforcing policies across platforms is inefficient and resource-intensive for data teams that are often already spread thin. As more users, data sources, and tools are added, the problem intensifies—further exposing data to risk.
DBTA held a webinar with Sumit Sarkar, senior director of product marketing, Immuta who discussed scaling data policy management in the cloud.
Previously, data policies were lax and anyone from the organization could potentially see a variety of transactions from different data sources, Sarkar explained.
Now, there’s an explosion of data policies, data sources, and data users.
According to Gap in the Data Supply Chain S&P Global Market Intelligence Survey n=525, “84% of organizations said data privacy and security requirements will limit access to data at my organization (over the next 24 months).”
According to the 2022 State of Data Engineering Gradient Flow n=372, “Top challenges included Quality; Monitoring and Auditing; Masking and Anonymization; Data Access Control.”
There are 5 steps for data access management using a modern approach with automation. These steps include:
- Facilitating stakeholder alignment
- Assessing data protection requirements
- Designing the data access solution
- Deploying automated data policies
- Auditing and maintaining
The key requirements for cloud data is configuring a scalable access control model, making the data explainable, and distributing responsibility, Sarkar said.
With Immuta, organizations can create scalable data policy architecture. The platform allows users to discover and classify: connect to any data source, centralize metadata, and apply standard tagging.
Users can create and manage policies: author cross platform global policies, uniform row-,column, and cell-level protection, and make easy to understand policies for any role.
And businesses can enforce and audit: transparent enforcement at query time, streamline data request workflows, restrict and log access based on purpose/intent, and unify policy logs.
An archived on-demand replay of this webinar is available here.