Tags Reference Guide

Tags have several uses, mainly to drive policies, but they can be used for the following purposes:

  • Use tags for global subscription or data policies that will apply to all data sources in the organization. In doing this, company-wide data security restrictions can be controlled by the administrators and governors, while the users and data owners need only to worry about tagging the data correctly.

  • Generate Immuta reports from tags for anything from insider threat surveillance to data access monitoring.

  • Drive search results with tags in the Immuta UI.

Every user within Immuta can see tags, but they will all interact with them differently as their roles require. Governors create, manage, and delete tags or import tags from external catalogs. Data owners, data source experts, and governors apply these tags to or remove them from projects, data sources, and columns within the data sources. Data users view tags and tag metadata on data sources they have access to.

Managing tags best practice: Use the minimum number of tags possible to achieve the data privacy needed.

When navigating tags in the Immuta UI, there are several helpful features:

  • Side sheets: Clicking on a tag in the data dictionary, on the data overview page, or on a project page will open the tag side sheet with valuable information about the tag. This information depends on the kind of tag it is and where it is applied. The side sheet can include a link to the tag details page, a description of the tag, the context of the tag (i.e., where the tag was created and added from), the columns the tag is applied to, and actions that can be done to the tag (e.g., disabling or deleting the tag from its object).

  • Tooltips: When you hover over a tag, a tooltip will appear. It contains information about the tag, including where it was created (e.g., Immuta or an external catalog), whether the tag was applied by sensitive data discovery, and the full name of the tag.

  • Simplified names: When fully articulated, tags are presented as Parent . Child . Grandchild with " . " between each level. However, tags will usually appear as the lowest name level (i.e. Discovered . Entity . Person Name will appear as Person Name) and the full name can be seen in the tooltip.

Sensitive data discovery

Use sensitive data discovery

Sensitive data discovery can improve your ability to secure your data by automatically tagging sensitive entities, enabling the scalable implementation of global policies. Immuta highly recommends the use of this feature in tandem with verification of tags on all data sources.

Sensitive data discovery (SDD) helps to ensure sensitive data is properly managed and governed, providing fast identification for entities in columns such as credit card numbers, names, locations, social security numbers, bitcoin wallets, US phone numbers, financial data, and more.

Renaming a tag used in an existing policy

When you rename a tag that is used in an existing policy, the policy itself will not automatically update to reflect the new tag name. The policy continues to reference the old tag name.

To ensure the policy is tied to the correct tag, manually edit the policy and update it with the new tag name. This is an important step to ensure that your policy continues to function as expected after a tag rename. This manual update is necessary for all policies tied to the renamed tag.

Tags applied to data sources will update automatically with the new tag name.

Last updated

Copyright © 2014-2024 Immuta Inc. All rights reserved.