Data access is no longer just an IT problem — it’s a business acceleration issue. In this episode of DEMO, Keith Shaw sits down with Chris Brown, Field CTO at Immuta, to explore how their platform is transforming the way enterprises handle data governance, policy enforcement, and secure access at scale.Brown demonstrates Immuta’s Data Marketplace, a powerful tool that allows organizations to automate approval workflows, enforce fine-grained access policies, and simplify data sharing across teams — all while maintaining compliance with standards like HIPAA and managing access for both human and non-human users (think AI agents).Chris walks through a real-world demo showing how Immuta reduces weeks of manual requests and approvals down to a few clicks, empowering data stewards to automate governance without relying on engineers. From masking sensitive information to defining subscription policies in plain English, Immuta is giving enterprises the tools to unlock the full value of their data — securely and efficiently.If you're dealing with growing demands for data access and struggling to balance speed with security, this one’s worth a watch.? Learn more and explore the demo at
Register Now
Keith Shaw: Hi everybody, welcome to DEMO, the show where companies come in and show us their latest products and platforms. Today, I'm joined by Chris Brown—he is a Field CTO at Immuta. Welcome to the show, Chris. Chris Brown: Great, thanks for having me.
Keith: So, tell us a little bit about Immuta, and then what you're going to show us today on the show. Chris: Immuta is a data provisioning and access application.
What’s interesting about Immuta is that it actually started in the public sector—out of the intelligence community—where our founders were trying to securely share data between different organizations, and within organizations, very quickly.
What we discovered is that highly regulated industries such as finance, healthcare, pharma, and others have the exact same need. Over the past 10 years, we’ve really expanded into the commercial space while maintaining a strong public sector footprint.
Keith: Who within the enterprise would benefit most from this? Is it really everyone who needs access to data, or just people in the data analytics department?
Chris: Actually, it's anyone who needs access to data—and we’re seeing more and more people wanting to use data in unique ways. We're seeing things like text-to-SQL, where a data consumer no longer needs to know SQL to create a report.
They can just type what they want, and it comes back to them. But the main focus is really on data governors, data stewards, and even product owners. These individuals are constantly receiving requests from consumers who want access to data.
They’re becoming button-clicking monkeys, overwhelmed by the volume—especially with the rise of agentic AI. Now, even non-human resources need governed access to that data.
Keith: Is the problem that, in the old days, you’d ask for access and get all the data, but now users might only need specific parts?
Chris: It’s actually both. The core issue is the explosion of requests. People are using systems built for application access—not data access—and those are two different things. With the number of human and non-human consumers, data governors just can't manually approve every request.
They need a tool like Immuta to automate the process. What we’ll see today is our marketplace feature. If a data governor keeps approving the same pattern over and over, Immuta can identify it and suggest a policy to automate it—so the governor no longer needs to manually intervene.
Keith: So if a company didn't have Immuta, the data governor would just be sitting there, clicking “yes” all day?
Chris: Exactly—and using a long-winded process. We see people using tools like ServiceNow or SailPoint, where you have to submit a request, wait for approval, and then wait for a technical resource to provision access on the data platform.
This process can take two to two-and-a-half months, and that delay is unacceptable given the speed at which companies and government agencies operate today. Keith: Sounds great.
Let’s see a demo. Chris: Outstanding.
Chris: In this demo, I’m a researcher studying diabetics and pre-diabetic individuals. I’ve created a dashboard in Databricks—but this could just as easily be in Tableau, Power BI, or connected to Snowflake, Redshift, etc. You’ll see I’ve created a dashboard with charts and patient data.
As the lead researcher, I want to share it with colleagues. But when one of them tries to access the same dashboard, nothing appears. The error message says they’re missing access to the underlying tables. That’s where the Immuta Data Marketplace comes in.
Within the marketplace, users can see available data products—what they’ve been approved for, denied from, or had revoked. This is a demo system, so there's not a lot of data, but you can search by keyword and even find matches in descriptions. I’m looking for diabetes data.
I see a description, the subject matter expert, and the datasets included. There’s also a Data Use Agreement—in this case, a simple one requiring compliance with HIPAA standards. Now the user can request access.
They can request it for themselves or on behalf of someone else, add a reason (like “doing medical research”), and specify the tables needed. Some requests might be denied due to immutable policy restrictions. They can review the data use agreement again before submitting the request.
Once submitted, the request is marked as pending, and the data product owner is notified.
Chris: Now, let me show you how the data product owner publishes a data product. It’s simple: they choose a domain (like "medical"), select data sources (Databricks, Snowflake, even S3), give it a name and description, identify the SME (in this case, me), and define the approval process.
They can also attach a new or existing data use agreement and publish the data product, which will then appear on the marketplace. Back to our demo user—their request is now visible to the data product owner.
I can see who made the request, the reason, data sources involved, and the associated data use agreement. I’ll approve the request and confirm. Now, when the user refreshes their dashboard in Databricks, the data appears.
But it’s different from what I see—we’re missing some states, names are redacted, social security numbers are masked, and addresses are removed.
Chris: That’s the Immuta governance layer in action. In the governance section, I can look at our medical domain, see associated data sources, and check who has permission to manage policies and audit activity. Because we’re seeing repetitive approval patterns, we can automate those via subscription policies.
Data stewards can now declare and enforce policies—without relying on data engineers or DBAs. These are written in plain English with dropdowns for configuration. For example, I have policies for filtering specific data and masking sensitive fields. Anyone—technical or non-technical—can read and understand what the policy does.
You choose what to mask (e.g., names or PII tags), how to mask it (hashing, regex, etc.), and what exceptions apply. In this case, access requires up-to-date training—specifically HIPAA certification. This dramatically reduces the manual workload for data stewards.
Keith: A lot of great features here. I’m sure there are many more. Where can companies go to learn more? Is there a free trial or a demo period?
Chris: You can go to immuta.com, where we have a click-through demo that lets you explore more capabilities and features. Keith: Sounds great.
Chris Brown from Immuta, thanks again. Chris: Thanks a lot, appreciate it. Keith: That’s all the time we have for today’s episode. Be sure to like the video, subscribe to the channel, and leave your thoughts in the comments. Join us every week for new episodes of DEMO.
I’m Keith Shaw—thanks for watching! ? ?
Sponsored Links