This is part of my series of posts on Cloud Field Day 3.
Delphix sells something called a Dynamic Data Platform that appears to involve putting 3D solid primitives into a translucent box, going by the animated graphic on the company’s website.
Everyone has a platform these days.
The main page of the website is more informative, and Delphix seems to be about providing access to company data quickly and securely. This is sometimes referred to as copy data management which is a terrible term that I am glad seems to be dying out.
Getting access to datasets is a major pain-in-the-proverbial, and most companies do some kind of terrible variant of copy-everything-all-over-the-place which ends up putting full copies of production data into not-very-secure development and testing environments, with hilarious* results. There are all kinds of products trying to do this better, such as IBM’s huge and unwieldy DataStage, and various backup vendors.
Backup products have copies of all the production data anyway, so the theory is: why not make use of the data you’ve made a copy of and make backup less a boring hygiene factor and more of a sexy BigData/AI/ML/business value thing? That’s the line pushed at various times by folks like Commvault, Cohesity, Actifio and the like.
Making backup more exciting sounds great, but the devil—as it so often is—is in the detail.
Know Thy Data
The Five Knows model of cyber-security [PDF], developed at Telstra by Mike Burgess and his crew at the time is a good way to think about the problem. Being able to provide secure access to data means knowing certain things about it: its value, who has access to it (and who should), where it is, who is protecting it, and how well it is protected.
The trouble is, this gets much much harder as the sheer volume of data grows. Couple this growth with the human inability to maintain discipline and focus for any length of time whatsoever and you rapidly end up with the five know nothings of cyber security.
The current binfire of perpetual doom that is the current information security landscape should convince you of that.
Meanwhile, we have a huge influx of newly minted “data scientists” who want to run statistical analysis over all this data to generate something they call “insights” which appear to be a rebranding of spurious correlations for the most part. However executives everywhere are very excited about the idea of computers making decisions for them so they can spend more time using shareholder money to play golf with their friends.
That makes for a large and potentially lucrative market for Delphix.
What I’m Looking For
Snark aside, this is a problem I have personal experience with from designing data warehouse environments for large banks. Data analysis is very useful when done well, and doing it well involves doing it securely so that people’s personal data (and proprietary information held by the company) doesn’t leak out all over the Internet.
Masking out credit card numbers and people’s phone numbers and making sure only authorised people are able to see certain kinds of data, and only in secured environments, is not a trivial exercise. With the advent of much needed improvements in privacy legislation like GDPR, companies are going to have to get better at managing people’s data securely and efficiently.
The major stumbling block so far is the human problem: humans have to decide which data should live where, which copies should be made (and how) and often make determinations about which data is sensitive under what conditions. Security and privacy are often quite context sensitive.
I’m keen to see how Delphix tackles this quite thorny problem. If there’s an absence of hand-wavy magical thinking, then Delphix will get added to my repertoire of recommended tools for PivotNine clients.
There is an on-premise violation on the company’s homepage, which makes me sad.