Starburst Strengthens Data Governance Capabilities
Starburst recently announced a number of new features for its data products. The feature sets were devised to underscore data governance, access controls, and regulatory compliance while sharing data with different users, departments, and locations.
Although these capabilities are applicable to domestic users and datasets, they’re helpful for exchanging data products across international borders. This functionality plays a critical role in upholding aspects of data sovereignty and regulatory compliance regarding data’s location, or mandates pertaining to specific geographic regions.
Data products coincide with the data mesh architecture and are one of the outputs of this paradigm. The introduction of the new governance features in Starburst’s data products is calculated to make the data mesh concept more practical for users working on global datasets.
According to Vishal Singh, Starburst Head of Data Products, “Data products take the compliance challenges and consistency of governance, where you can create the dataset without even exposing the data, which other users in other geographies have not seen or are not allowed to see.”
Although Starburst integrates with many top governance solutions, its recent governance additions buttress its own capabilities in this area of data management. “Data products can not only work with [existing governance] tools customers already have but also with the tools that Starburst is providing in-house,” Singh explained.
Some of the new features directly reinforce access controls. There are specific mechanisms that support cell-level filtering and data masking that are currently in private preview. These capabilities restrict access based on data governance policies so that specific groups can only see certain aspects of datasets. Additionally, there is support for exception-based governance policies, which limit what data products or datasets certain users can see and information about them. Other features minimize the different steps required to manage data policies at enterprise scale.
According to Singh, one of the characteristics of data products is everyone has access to metadata about the data, even if he or she can’t access the data itself. With exception-based governance policies, “You can say that this group of users can never see the metadata, or data, at any time, even though somebody wants to override,” Singh revealed. “What a deny policy does is instead of allowing people to see the data, you can deny people to never ever see the data.”
Other functionality has obvious implications for using data products and their datasets across international regions while still adhering to regulations and data sovereignty demands. Users can now clone these data assets and employ them for their own purposes without the data physically moving across locations. Conversely, a United States user may want to add a new dataset to a data product from a domain-based in Europe.
Since he or she is not the domain owner “what that user can do is clone that data product from a different domain into their domain and see the linkage of how the data product was cloned,” Singh commented. “The governance of that is cloned with that and they can actually change the data product with the needs of their domain users, and actually respond to the users in their department without trouble from the European region.”
The addition of these data governance features to Starburst improves its core value proposition of enabling users to query data where it lives—while upholding regulatory compliance and data privacy. These governance capabilities naturally underpin Starburst’s capacity to provide data access to users regardless of their tooling, cloud ecosystem, or physical locality. The recent announcement signifies that access is now possible without compromising regulatory compliance while using the tooling that’s native to Starburst.
Singh referenced a use case in which an international life sciences company has been employing Starburst’s new governance functions to support clinical trials and drug discovery. Even though American users may need to access data from a data product in AWS, for example, while their European domain owners have it in Azure, they can now do so. Moreover, they can do so without encroaching upon data sovereignty issues or any regulatory or governance ones, too. “We abstract the location and the storage and the cloud of it, and you can see a single view of the data in context of the business goals you’re driving, without having to figure out the actual geography of the data itself,” Singh noted.