Tags in Immuta
Tags have several uses, mainly to drive policies, but they can be used for the following purposes:
- Use tags for global subscription or data policies that will apply to all data sources in the organization. In doing this, company-wide data security restrictions can be controlled by the administrators and governors, while the users and data owners need only to worry about tagging the data correctly.
- Generate Immuta reports from tags for anything from insider threat surveillance to data access monitoring.
- Drive search results with tags in the Immuta UI.
Every user within Immuta can see tags, but they will all interact with them differently as their roles require. Governors create, manage, and delete tags or import tags from external catalogs. Data owners, data source experts, and governors apply these tags to or remove them from projects, data sources, and columns within the data sources. Data users view tags and tag metadata on data sources they have access to.
Best practice: Managing tags
Use the minimum number of tags possible to achieve the data privacy needed.
Navigating tags
When navigating tags in the Immuta UI, there are several helpful features:
-
Side sheets: Clicking on a tag in the data dictionary, on the data overview page, or on a project page will open the tag side sheet with valuable information about the tag. This information depends on the kind of tag it is and where it is applied. The side sheet can include a link to the tag details page, a description of the tag, the context of the tag (i.e., where the tag was created and added from), the columns the tag is applied to, and actions that can be done to the tag (e.g., disabling or deleting the tag from its object).
-
Tooltips: When you hover over a tag, a tooltip will appear. It contains information about the tag, including where it was created (e.g., Immuta or an external catalog), whether the tag was applied by sensitive data discovery, and the full name of the tag.
-
Simplified names: When fully articulated, tags are presented as
Parent . Child . Grandchild
with " . " between each level. However, tags will usually appear as the lowest name level (i.e.Discovered . Entity . Person Name
will appear asPerson Name
) and the full name can be seen in the tooltip.
Sensitive data discovery
Best practice: Use sensitive data discovery
Sensitive data discovery can improve your ability to secure your data by automatically tagging sensitive entities, enabling the scalable implementation of global policies. Immuta highly recommends the use of this feature in tandem with verification of tags on all data sources.
Sensitive data discovery (SDD) helps to ensure sensitive data is properly managed and governed, providing fast identification for entities in columns such as credit card numbers, names, locations, social security numbers, bitcoin wallets, US phone numbers, financial data, and more.