6 Critical Points for Scaling Secure Universal Data Authorization

To better understand customers, achieve competitive advantage, and improve operational efficiency organizations of all sizes really need data platform that can handle the complexity of managing and using the data.

Making data universally accessible from the wide range of disparate storage systems (data lakes, data warehouses, relational databases, etc.) combined with increasingly complex data governance and compliance requirements due to emerging privacy legislation such as GDPR, CCPA, etc. is one of the biggest challenges today.

Add to this also the disconnect between data stakeholder groups: the technical data platform and data architecture teams; centralized data security and compliance; data scientists and analysts sitting in the lines of business chartered with generating insights; and data owners and stewards responsible for building new data products.

According to Nong Li, co-founder and CEO at Okera, the Universal Data Authorization company, without proper data access and an authorization framework to help automate processes, the complexity of managing customer data and personally identifiable information (PII) will significantly affect productivity and limit the amount of available data that can be used.

Data consumers need to be able to find the right dataset, understand its context, trust its quality, and access it in the tool of their choice — all while the data security and governance teams must be trusted to apply the correct data authorization and governance policies.

To speed up the data analysis process on data platforms, a robust structure is required that not only meets the needs of all stakeholders, but also provides the ability to scale as systems expand.

Developing a universal data authorization framework should include the following six key points:

• attribute-based access control (ABAC) instead of role-based access control (RBAC)
• dynamic enforcement of access policies
• a unified metadata layer
• distributed stewardship
• easy centralized auditing with a consistent schema, a basic visibility mechanism, and a flexible, API-driven architecture
• future-proof adaptable integrations with an organization’s broader environment

Scaling secure, universal data authorization can be a tremendous enabler of agility within the organization, but by leveraging the six principles above, organizations can ensure that they’re staying ahead of the curve and designing the right underlying framework that will make all stakeholders successful.