Immuta, a provider of data privacy and access control services, today announced that it has closed a $100 million Series E funding round at a $1 billion valuation, bringing the total funding for the company to $267 million. NightDragon led the funding with participation from Snowflake Ventures as well as existing investors Dell Technologies Capital, DFJ Growth, IAG, Intel Capital, March Capital, StepStone, Ten Eleven Ventures and Wipro Ventures.
The new funds will be used to support product development and R&D efforts, CEO Matthew Carroll said, as well as to grow Immuta’s sales, marketing, customer success and support teams and enable acquisitions.” keys” in the data monitoring space. “The pandemic has accelerated the move to the cloud and it has increased the need for data security in the cloud,” he told TechCrunch in an email interview. “We don’t see it slowing down.”
Immuta was co-founded in 2015 by Steven Touw and Carroll, who began their careers as a US Army intelligence officer in Baghdad. Prior to founding Immuta, Carroll spent several years with the CSC consulting group after the acquisition of his former employer, 42six Solutions, where Touw also worked.
Carroll led data fusion and analysis programs and advised the US government on data management and analysis issues at CSC. “I quickly understood the power of data and how managing large amounts of critical information can better streamline operations of all kinds,” he added. “With proper data access controls, organizations can truly maximize the utility of their data.”
Carroll presents Immuta as an “enterprise-wide” alternative to manual processes for creating and implementing data policies. He says many IT teams are using tools that rely on role-based access control technologies from the 90s, which aren’t well suited to emerging privacy regulations like GDPR and CCPA. Adding to the challenge, says Carroll, these tools can introduce “data localization” challenges in situations where data needs to be migrated from on-premises data stores to the cloud. For example, a company may operate in a certain set of countries globally, but have data stored in a data center in Germany.
For Carroll, the surveys show that organizations face a series of problems when it comes to establishing data policies. Specialists of a recent The TechRepublic survey cited corporate culture, lack of knowledge, financial cost, and poor integration with existing tools as some of the top barriers. The public sector is grappling with these same issues, as revealed by research from the Center for Digital Government (CDG), a national research and advisory institute. CDG reported in May that frameworks for addressing digital privacy at the state and local government level are only in “nascent stages.”
“The question is understanding which rules apply and how to apply them – it can get complex very quickly,” Carroll said. “All of this is happening as organizations try to accelerate access to data. The most common challenge we hear is that organizations are trying to innovate, trying to drive their business forward, but there’s a disconnect between IT and the business and they’re forced to make that decision between being compliant or provide quick access to data.
Immuta customers – which range from private sector organizations like S&P Global and Mercedes-Benz Group to the US military – have access to a dashboard designed to automate certain aspects of data policy federation. It provides tools for the discovery, classification and marking of sensitive information to comply with contractual obligations and regulations. Beyond that, Immuta can audit data usage and collect information to show users what data was accessed, when, by whom, and for what purpose.
The platform integrates with data centers, on-premises servers, and hybrid cloud services including Databricks and Snowflake. (Immuta recently launched a software-as-a-service deployment, Immuta SaaS.) Any user accessing services where Immuta is integrated benefits from using Immuta to control data access, according to Carroll.
“Immuta takes a different approach to a handful of newer alternatives where we’ve written code that natively integrates into the compute layer, meaning the consumer sees no performance impact when applying data access control policies to queries,” Carroll said. “Immuta functions as the data security and privacy layer in customer environments… [it] improves compliance and mitigates risk, [which] means teams can securely share more data and easily prove compliant data usage with full visibility into all data access.
Data governance is a hot industry, with only one analytics company to predict that it will be worth $6 billion by 2026. Immuta’s competitors include TrustArc, which helps companies implement privacy and compliance programs. Others are PrivateOneTrust and BigID.
Luckily for Immuta, venture capital sees great opportunities in data privacy. Venture capital spending in the broader security segment jumped to nearly $30 billion in 2021, more than double the previous year’s total, according at Momentum Cyber.
“We’re very well funded,” Carroll said, hesitant when asked about Immuta’s total number of customers and annual recurring revenue. “[We] see the recent reality check through technology as a great opportunity to solidify our market position and grow with new acquisitions.
Stefan William, Vice President of Enterprise at Snowflake Ventures, added in an emailed statement, “Data security is only growing in importance and we strongly believe in Immuta as a partner and investor. With improved data security, Snowflake customers can further accelerate their use of cloud data, and that’s a win for everyone.
Immuta, based in Boston, Mass., says it currently has more than 250 employees, and plans to double its workforce over the next 18 months.