Yesterday Ben posted about where, exactly, the responsibility for security lays. Is it with the DBA? The network team? Is it with the person or team that could have prevented the latest breach? It’s a great question. Make sure you check out the post if you haven’t seen it yet. (Here’s a link)
As we continue this revolution into more and more complexity with our systems, I really do think that it’s a hive-knowledge type of thing for security. I also think that applies to other uses and tools and approaches to working with information in general. If you think about it, there are just too many ways you can gain inputs of information –
- IoT
- Apps on devices
- Web applications and sites
- “Native” applications
- Public and private data sets
- and on and on
and, if you add to that the numbers and types of tools you can use to process that information – from PowerBI to Excel to your favorite BI charting tool to AI-based capabilities and beyond, it’s very easy to see that it’s too broad to really be “owned” by a single person.
The old style DBA in me gets pretty twitchy on some this, I’ll be honest. The focus shifts from controlling information to protecting it. You have to make sure it’s going to the right places and the right people, all of that.
But the new data platform side of me gets all excited about the things people are doing and will be doing with the information. I mean, come on. For years (ahem, decades) I’ve talked about learning unexpected things from your data sets. We’ve talked about taking a step back, looking at information differently, even if you are using Excel or even T-SQL, looking for unexpected relationships. The reason that’s always been an important step for me, is because those are gems. When you stumble on new relationships and find new ways that information supports other information, you find gold and can, in many cases, take real action on that information.
Which brings me to the Borg, and to some of the comment I posted on Ben’s post. One of the things we do as data platform people is making sure our systems support what is needed – hopefully both today and looking forward by providing for access, proper management, performance and yes, security. But knowing all of the applications and details isn’t possible – so it’s important to have a culture of supported learning and co-driving the direction for your data stores. That all sounds good in theory, but it’s difficult to implement sometimes.
This is where you (we), data platform folks, come in. Getting involved and making sure people that you support know that they need to daydream, try tools, work with you on all of these, and you work with them on all of these – this is where the vision breakthroughs will come from. Getting in the way solves nothing. Facilitating and helping manage and even pushing forward is magic.
I believe you have to start with the relationships though. The people you support should be including you in the early thought processes, the discovery, the experimentation. You should also be actively bringing them ideas and thoughts and approaches. By combining all of this, and being actively involved, you’ll have some really great successes and surprises as you try to dig through this mountain of information that comes from IoT, from data lakes, from all sorts of places.
It’s very much like the hive, er, Borg-type, mentality of learning as a group, rather than an individual. It’s important to be involved, to help push, to present ideas and new approaches.
Then go back to your desk, take a deep breath, and figure out what it all means to the database platforms you support and what will be needed. If you don’t know, start digging and find out. Find out what it does for performance, for resource requirements, for security. You can use all of that to help drive tool choices, platform choices and so much more.
It’s so much more successful than playing data protector and standing back with your shield and body armor preventing access.