Skip to content

Chapter 2 - Writing Global Policies for Compliance

Prerequisites

Introduction

Once Immuta is configured, tags are imported, and users’ groups and attributes are set, you are ready to write Global Policies to protect data. When used with Sensitive Data Discovery and Discovered tags, these policies are enforced on data sources as they are created.

For example, if an organization's compliance requirements state that access to personal information is restricted to users within the corresponding country or geographic region, they could write a Global Policy in Immuta that enforces that requirement before users have begun connecting data:

Global Data Policy Example

Immuta Best Practices: Writing Global Policies

Best Practices: Writing Global Policies

The best practices outlined below will also appear in callouts within relevant tutorials.

  1. Use Schema Monitoring to assess changes to data sources.
  2. Activate the New Column Added templated Global Policy to protect potentially sensitive data before Data Owners can review new columns that have been added.
  3. Write Global Policies using Discovered tags and attributes before connecting data.
  4. Use Global Policies instead of Local Policies to manage data access.
  5. It is important to remember that, in most cases, the goal is to share as much data as possible while still being compliant with privacy regulations. Immuta recommends a scale of wide subscription policies and specific data policies to give as much access as possible.
  6. Use the minimum amount of policies possible to achieve the data privacy needed.

Chapter 2 Use Case Scenario

Use Case

Use cases are presented throughout this chapter in a call-out to illustrate specific policies. The solutions presented can be adjusted to meet your needs.

Chapter Contents

Concept Guides

These guides contextualize a topic.

How-To Guides

These guides illustrate how to solve a specific problem or achieve a specific goal.

Advanced How-To Guides: