IRI software makes it easy for data and information stewards to control the data that ETL architects, business users, governance teams, and report designers can access or affect. The ability to mask data during movement, manipulation, and reporting (for example), allow you to build data stewardship into your processes.
The platform-agnostic and server-independent nature of IRI software also means that you can use existing frameworks like Active Directory object assignments to apply role based access controls (RBAC) at various levels (data, metadata and executable files). In addition, access to masked data in products like IRI FileldShield can be controlled through differential access to job scripts and field encryption keys.
IRI metadata access and activity can be further role-managed through free Eclipse team plug-ins like Git, CVS, and Subversion, or the erwin EDGE (AnalytiX DS data governance) platform's IAM-controlled release manager for Voracity ETL, data quality, data masking, etc. projects. You can also control access to the IRI Workbench client itself, or workspaces for Voracity and/or constituent products like IRI FieldShield, at the O/S or VM level.
The IRI Chakra Max database activity monitoring and database audit and protection (DAM/DAP) software -- provide built-in RBACs within granular policy-setting modules for 20 popular on-premise and cloud databases. These server-stored policies apply to all monitored databases, and to included dynamic data masking functionality.
See these Data Governance FAQs to understand how IRI software currently supports RBAC.
Finally and in addition, in 2019, IRI will release job-, data source-, and field-level data governance (authentication and lineage) directly within the core SortCL program, from which products like Voracity, FieldShield, and NextForm also run. This will enforce RBAC at very granular levels or each job with different options defined for permission denied behavior determined in a secure policy file created in IRI Workbench.