Recommended Data Product Promotion and Policy Management in Immuta

This documentation provides strategic guidance and best practices for leveraging Immuta's capabilities to their fullest potential. Please note that this content is for informational purposes only and may include forward-looking statements. Always consult with your Immuta representative for specific implementation details and personalized advice.

Promoting data products in Immuta is essential for ensuring proper governance, access control, and compliance across your organization. This guide outlines the key steps for data stewards to follow, providing a clear path for promoting data products while leveraging Immuta’s powerful policy management capabilities.

The steps below walk you through the process from data product creation to ongoing policy management. Each stage is designed to ensure that sensitive data is protected, access is appropriately governed, and the overall process is streamlined.

Refer to the flowchart below for a high-level overview of the process:

1. Create Data Product

The first step is to create the data product, ensuring that any sensitive data is restricted from the start. Immuta’s Create/Write Policies allow you to define these access restrictions early in the process, which is critical for data security and compliance.

Action: Implement Create/Write Policies as soon as the data product is created to restrict access and ensure sensitive data is secure from the outset.

Why this matters: Establishing policies early reduces the risk of unauthorized access and ensures compliance with internal governance rules and external regulations.

Refer to the Test and Deploy Policy or further guidance on setting up these policies

2. Onboard into Immuta

Once your data product is created, the next step is to onboard it into Immuta. This is where Immuta's governance features begin to take effect, allowing you to manage data access and control who interacts with the data.

If your organization uses a Data Catalog (like Alation or Collibra) that’s already integrated with Immuta, catalog the data product to streamline its discovery and ensure that governance policies are automatically enforced.

Action: Register your data product in the Data Catalog and Immuta platform to ensure it’s governed under your organization’s policies from day one.

Why this matters: Cataloging the data in Immuta ensures that your product is visible to the right teams and ready for governance controls.

3. Leverage Metadata Discovery

To improve governance precision, take advantage of Immuta’s Discover feature, which automatically tags and classifies data based on its metadata. The richer and more complete your metadata, the more accurate your governance policies will be.

Action: Use Immuta’s Discover tool to enhance the metadata of your data product, ensuring proper tagging and classification.

Why this matters: Proper metadata is critical for dynamic policy enforcement. The more accurate your metadata, the more effective your access controls will be.

For more information, consult Data Tagging Best Practices and Creating Industry-Specific Identification Frameworks.

4. Create and Test Policies

Now, determine who should have access to the data product and what level of access is appropriate. This step is driven by your organization’s governance model, whether centralized, decentralized, or federated. Immuta’s platform allows you to build flexible policies that use data tags and user attributes for dynamic access control.

Action: Build and test policies that align with your governance model. Use Immuta’s tools to create access rules based on user roles and data tags.

Why this matters: Well-constructed policies ensure that data access is both secure and scalable. Testing policies before deployment ensures they work as intended without disrupting production.

Refer to the Governance Models for more detailed examples​.

5. Deploy Policies

Once policies are created and thoroughly tested, it’s time to deploy them. Immuta allows you to test policies within your environment using logical separation, ensuring that your production workloads aren’t impacted during the testing phase.

Action: Deploy policies to production once testing is complete, ensuring all access rules are enforced correctly.

Why this matters: Testing within a controlled environment reduces the risk of deploying faulty policies that might disrupt operations or violate governance standards.

See the Test and Deploy Policy for additional guidance.

6. Monitor and Refine Policies

Once the data product is live and policies are deployed, governance is an ongoing task. Immuta provides powerful monitoring and auditing tools that allow you to track policy performance and usage patterns. Regular audits will help you refine policies as business needs and compliance requirements evolve.

Action: Regularly monitor policy performance using Immuta’s auditing tools. Adjust and refine policies based on observed usage and compliance needs.

Why this matters: Continuous monitoring ensures that policies remain effective and that compliance is maintained even as data use grows and changes.

Conclusion

Promoting and managing data products with Immuta involves more than just making data available—it’s about ensuring that sensitive information is protected, access is controlled, and governance is upheld throughout the data product’s lifecycle. By following the steps outlined in this guide—creating data products with access policies, onboarding into Immuta, leveraging metadata, and refining policies over time—data stewards can confidently manage data products in a compliant, secure, and scalable manner.

Each step of the process, from creation to continuous monitoring, is essential for building a strong data governance framework. Immuta’s tools and integrations simplify this process, enabling you to protect data while maximizing its value across your organization.

PreviousWhy You Should Avoid Using Multiple Immuta Instances to Protect the Same DataNextA Deeper Look into the Maturity Scale

Last updated

Was this helpful?