“Change is hardest at the beginning, messiest in the middle and best at the end” - Robin Sharma
Change is hard and it starts with knowing where you are. That’s why Raito is announcing a free version that lets you monitor data access & usage to help you assess your current state, and monitor change. Check it out!
A very interesting trend is unfolding. Where until recently, only big enterprises were concerned with data access management, we’re increasingly seeing mid-sized companies looking for ways to have fine-grained access controls to their analytical data. When I talked about data access management to people 5 years ago their eyes darted to the nearest exit, but now it’s the topic of books, blogs and podcasts.
A recent report by Battery Ventures shows that despite tightening budgets, expected investments in data security, and data governance remain unaffected. This growing interest in data access management comes after 10 years of unprecedented data democratization. Affordable cloud storage and compute offered by the cloud providers made data analytics and science available to mid-sized companies who previously couldn’t afford investing time and money in the hardware. It even created a new generation of cloud native, data-driven companies that use data as a competitive asset to compete with the incumbents. Data Teams in these companies were charged with turning data & analytics into a strategic asset supporting the very ambitious business goals to grab more market share. Whether it was through better products, services, or marketing, data & analytics had to support this. Data was the new oil at a certain point.
When these data teams embarked on the journey to set up the infrastructure and processes to turn data into their organization’s most valuable asset, they started with a small data team, few data consumers, limited amounts of data, and lots of vision. Data access management wasn’t the most pressing matter. The privacy and security risks were limited, and they were preoccupied with proving the value of data first. Therefore, a solution built around Infrastructure-as-Code like Terraform, or a ticketing system like JIRA had to do the job. I’m not saying anything new when I say that their hard work paid off. Data has changed their businesses forever, and has become a strategic asset in their organization’s business strategy. A big drawback of the initial resounding success is that these data teams now have to operate enormous data warehouses and data lakes with many data consumers accessing large troves of data from many different domains that can be accessed over the internet. Consequently, privacy and security concerns are not far behind. More specifically, poorly configured access controls have led to a slew of privacy and security risks.
“The excessive privileges are keeping me awake at night” - Head of Data at a 2.000 employee software company.
In the same way that OpenAI had to introduce a new security portal to facilitate wider adoption, data teams have also reached a critical juncture where their initial achievements compel them to enhance data access management. The data architects and/or senior data engineers have been appointed with the task of implementing a data access management system, have to overcome a crucial challenge. That is, data teams function in a dynamic environment, constantly deploying data products that serve as the foundation for analytical and data science workflows, which contribute to their organizations' competitive advantage. It is not feasible to pause these operations to introduce a new data access management system.
This brings me to the subject of change. Over the past 10 years we’ve seen too many companies fail on their data access management projects, due to an incorrect approach to change. They concentrated primarily on the desired future state and attempted to implement it all at once. As a result, lengthy and disruptive implementations occurred, often with a significant delay in delivering tangible value, leading to a lot of projects to strand. Our main take away from seeing these failed implementations is that change has to be introduced gradually!
As a data architect entrusted with rolling-out a new data access management framework, it is crucial to adopt an approach that minimizes disruption to ongoing data operations. Opting for the path of least friction is imperative. This entails starting from analysing and assessing the current state (as-is), prioritizing change, and gradually introducing those changes to transition towards the desired future state (to-be). Throughout this process, it is essential to continually monitor and report on the impact of these changes, and refine based on learnings. By demonstrating value early on and consistently showcasing its benefits, it becomes easier to expand the scope of the data access management roll-out and ultimately achieve the desired end state.
If you’re managing access through a combination of Active Directory (Okta), Terraform, and ServiceNow (JIRA) you know it will be extremely difficult to iteratively improve your data access management posture at scale.
That’s why our customers use Raito. Raito’s unique architecture not only lets you observe data access & usage, but also lets you update access controls across the components of your data stack. This way you can analyse and understand your current data access & usage posture, while also gradually introducing change without disrupting your team’s data work, and monitoring the impact of that change.
To help you get started, we made our data access & usage observability free. Take your first step towards a more mature data access management today by requesting your free instance today! No need to talk to a sales person!
Bart
