As enterprises embrace the transformative power of artificial intelligence (AI) and machine learning (ML), they face the challenge of ensuring sensitive data and insights remain secure. Organizations need a streamlined way to control access to resources that power important AI and ML workflows, but often struggle to do so as their use becomes more ubiquitous and operations quickly scale.
We’re thrilled to announce a significant expansion of our integration with Databricks Unity Catalog that enables organizations to adopt AI and ML workflows easily and safely. With Immuta, data governance teams can now centrally control access to Unity Catalog models, functions, and volumes — opening new doors for AI innovation without sacrificing security.
This release expands Immuta’s coverage in Unity Catalog by supporting these object types, alongside existing governance capabilities for tables and views. These Unity Catalog objects offer key support for AI use cases across organizations, making AI even easier to adopt with Immuta’s central governance capabilities.
Overcoming barriers to AI adoption
Many organizations understand the potential benefits and value of incorporating AI into their workflows. The problem they face, however, is understanding how they can do so in a secure way that mitigates risk. Uncertainty and risk aversion can result in months of navigating red tape, when that time could be spent on achieving tangible results through new AI insights.
The Immuta Platform is built to solve that problem. With dynamic, automated data access governance capabilities, Immuta allows organizations to seamlessly incorporate scalable access controls for models, functions, and volumes within their existing data governance frameworks. With a single policy, users can dictate who can read and write to tables, views, and volumes, and who can execute models and functions.
Centralized, attribute-based control: Simplifying AI security
Consider an enterprise healthcare organization with large amounts of sensitive, unstructured patient data such as MRI and X-ray images. MRI and X-ray data help pinpoint patients’ medical conditions, and can be used in aggregate by AI models to improve diagnoses over time. However, the organization needs to ensure that the right policies are in place to ensure that, regardless of that data’s format or location, only authorized users are able to access it for authorized reasons, in alignment with HIPAA standards.
They can leverage Immuta with Databricks Unity Catalog in the following ways to ensure secure and compliant data access, while still incorporating AI to drive important insights:
Volumes
Volumes: Securing medical data
Sensitive MRI and X-ray images are securely stored within Databricks Unity Catalog volumes. Data stewards implement attribute-based access control policies through Immuta, specifying precisely who can read or write to these volumes, such as certified administrators.
The volumes that this organization uses to store these images are tagged as genomics data, indicating they are highly sensitive:
Functions
Functions: Data anonymization and preprocessing
Data teams at this organization have developed a series of user-defined functions (UDFs) to process complex data types and perform advanced calculations on the data. Having reusable UDFs is key to being able to efficiently progress through this workflow and get value from this complex data quickly.
Since these functions include proprietary logic, however, access must be limited to specific analysts. Historically, these functions’ high sensitivity levels would have prevented this organization from being able to move forward with AI-driven innovations. Immuta’s dynamic policies, however, make it easy to produce these types of new functions, without posing a security risk or needing to navigate through time-consuming approvals.
Models
Models: Secure diagnoses driven by AI
With centralized, scalable, and auditable access control, this organization can safely train and deploy models to help diagnose medical conditions from their stored imaging data. The insights driven by these models contain genomics data and are therefore highly sensitive, meaning only qualified personnel are authorized to run them. With Immuta’s dynamic, attribute-based policies, teams can efficiently implement access controls for these models. This allows them to move quickly through the rigorous training phases without the time-consuming access requests or waiting on lengthy compliance reviews. Immuta allows organizations to effectively move through a historically cumbersome process, while still ensuring that only authorized personnel, such as data scientists or genomics researchers, can train and deploy these models once ready.
This organization secures this data using an attribute-based Immuta policy. This policy limits genomics data access to users in the appropriate groups or positions within the organization, such as genomics researchers:
Users’ access will be updated to reflect the specifications of the policy as soon as the policy is activated.
Extending organizational value through the Immuta Data Marketplace
A business unit at this organization has deployed its model and begun to use it to aid in critical diagnoses — a key innovation that will greatly increase the value and quality of care they can provide to their patients. This team, however, wants to take its innovations a step further to help the rest of the organization uncover critical data insights. Since this model is now validated and supported by the business, teams in other business units can leverage the Immuta Data Marketplace to maximize its value.
Publish AI models as data products.
Upon finalizing the diagnostic model, the data product owner can publish it securely to the Immuta Data Marketplace, making it available for broader organizational use. The data product owner can bundle the model and any supporting Unity Catalog functions or volumes together as a single data product, so requestors get access through a single workflow, rather than separately requesting access to each individual object.
Streamline secure access requests.
Data scientists from other research teams can discover data products containing the volumes, models, and functions directly through the Immuta Marketplace, providing a reason for their access request and signing a data use agreement. The data product owner can then review and approve the requests quickly, knowing that the model will be used for compliant purposes and that there is an audit trail of all request and approval workflows.
Accelerate innovation across divisions.
Authorized data scientists gain secure access to leverage the model for their own research purposes. They are now able to use the existing model or version off of it, allowing them to innovate while maintaining strict governance controls.
By adopting a data-as-a-product mindset and publishing an ML model as a data product, a single business unit’s innovations can spread rapidly and securely across a large enterprise. Having a strong framework for data discoverability and requests/approvals is critical for organizations to effectively drive value from their data, while avoiding duplication or inconsistencies.
For this healthcare organization, security is now an enabler, not a bottleneck — fostering innovation, reducing risk, and ensuring regulatory compliance.
Watch an example in action here:
Innovating without compromise
Without a governance solution, incorporating AI with sensitive data is extremely difficult. Now more than ever, organizations are faced with the challenge of innovating with AI while still needing to balance that with security. Immuta has expanded into this territory of securing objects with strong AI use cases, going beyond simply governing who can query a table or view. Our goal is to meet organizations not where they are currently, but where they want to be.
Ready to see how centralized governance can accelerate your organization’s AI and ML journey securely? Connect with us today to learn more about how Immuta enables organizations to safely explore and adopt AI.
Get started.
Take a closer look at Immuta + Unity Catalog.