Delivering on the Data Lake Promise
The fundamental promise of a data lake is that it will give business users better access to the data they need – securely, accurately and without the long lead times traditionally associated with transforming that data into a physical data model. That’s a big challenge, however, and many data lake projects fail.
To deliver this level of self-service access to data that enterprises require, a successful data lake needs to ensure that data delivered to users through the lake complies with the following key tenets:
- Incoming data must be thoroughly validated;
- A managed history must document the origin, evolution, and meaning of each data entity;
- The data needs to be richly profiled so users can easily see the content, completeness, quality, and potential applicability of each set of source data;
- The data must be fully secured.
If the power of producing (including onboarding and ingesting) data can be shifted to subject matter experts rather than “tool developers,” and you apply these four tenets, then the consumers will have an unmatched level of confidence when accessing the data.
Certainly, this is easier said than done, as evidenced by the many reported challenges of implementing a data lake. In truth, data quality issues have been around for decades and are neither new to nor specific to data lakes. Data lakes, however, make fixing data quality issues both more urgent and more challenging for a few reasons:
- Hadoop alone offers nascent capabilities for data onboarding and validation. These capabilities do not at present meet requirements of an enterprise scale data management environment.
- It is essential that all data is validated as it is ingested into the lake. Many organizations however struggle to define and implement a robust validation process.
- Many data lake projects rely on programmers, rather than subject matter experts to validate data.
- If you don’t secure the data in the lake, few people will be allowed to use it. So making sure the data lake is well secured and governed is essential to the success of the project.
We will look at each of these assertions in more depth.
It’s Not Rocket Science (But It’s Close)
Over the last two decades, data validations have typically been executed as a part of the extraction/transformation/load (ETL) process when populating a data warehouse or data mart. These validations were usually based on an understanding of what the data should mean and how it should be organized, and were implemented by ETL programmers. Data validation, through ETL processes, was a standard part of the data warehouse project.
With data lakes, however. data validation on ingest is not automatic, not standard practice, and often is overlooked. Also, critical statistical profiling of the data entering the lake seldom takes place. Most project teams either don’t have the time for statistical profiling or believe they know enough about the data to make profiling unnecessary.
It is this decision–to skip automatic data validation and profiling during the ingest process–that drives the failure of many data lake projects. Data in the lake is not validated and profiled, which results in what is basically a “black box” or questionable quality and usefulness. This is nearly always tied to delays in making data available and (ultimately) the delivery of bad data. This erodes consumer confidence to the point of non-use.
Data Validation and Profiling Are Essential
In practice however, validating all data entering the lake is hard. Each data source features unique technical challenges and a particular set of data issues, necessitating the development of specific data validation functions for each source. Given tight project timelines and the thousands of data sources that need to be loaded into the lake in a typical organization, typical SLAs require that the validation process be executed automatically and efficiently.
And there are a lot of data problems to solve during the ingest, validation, and profiling stage. Here are a few examples just to illustrate the scope of the effort:
- Complex data such as Cobol or XML files that contain nested or hierarchical structures need to be flattened or normalized. Similarly, multiple record types within a single file must be identified and ingested accurately for their specific format.
- Garbage data such as “control characters,” embedded newlines and embedded delimiters need to be found and fixed.
- Data in EBCDIC or Packed-Decimal format, needs to be converted into a UTF-8 standard compliant format.
- The COBOL copybooks or their equivalent need to be converted into an accurate and complete HCat schema.
- Headers and trailers for each file, which often contain validation data (record count, table schema, business data), needs to be verified during the load, and then stripped from the data set prior to querying and analysis.
- XLM data needs to be normalized and “Keyed.”
It is common to think: “Let’s just copy data into HDFS and we will have a data lake!” But by the time teams come to terms with the extent of data problems in the lake, it is often way too late to fix those issues without massive slips in the project timeline and delivery dates.
Finally, the process of ingesting data into the lake (or as we like to refer to it, producing data) has to be done within the context of a robust security model that allows the producers of the data to apply a corporate security model to the data. We will provide more details on this later.
Producing data for the data lake can be a complex process fraught with risks that can sink a project with delays, cost overruns and failure. Sure, the promise open source projects such as Nifi, Atlas and Kafka, to name a few, make it seem easy to onboard data, but remember: without addressing data validation and profiling upon ingest in an efficient way, the consumers will never be sure about what they have.
It May Not Matter If You Don’t Secure It
By definition a data lake involves putting enterprise data within arms’ reach of lots of consumers and giving those users self-service, on-demand access to that data. Given this context, the potential risk that people might have access to data they shouldn’t or that an enterprise data breach or inappropriate disclosure of personally identifiable information data might occur is significant. To be an enterprise ready from a security perspective, a self-service data lake needs to achieve three goals:
1. Leverage and comply with the organizations’ existing security policies
Compliance with existing enterprise security starts with honoring the organization’s authorization and authentication processes, via Active Directory and Kerberos or whatever process or enterprise has standardized on. It also means recognizing and enforcing all data access constraints dictating which data each particular user is authorized to read, update or share. This is particularly important as the data lake ingests and produces data from sources or publishes data out to other applications or users.
Enterprise readiness from a security perspective also requires that the data lake support data encryption and obfuscation, at a field level. The lake should not only seamlessly recognize and maintain encryption and obfuscation of data entering or leaving the lake but also enable users to add addition encryption or obfuscation to data in the lake as needed.
2. Continuously integrate emerging security measures available through the Hadoop communityas they mature
Users working with data in the lake should be constrained in what data they are allowed to access by file and directory level access constraints established at the HDFS level. When an organization is using other Hadoop-specific security measures like Ranger, Sentry or RecordService, the data lake also needs to integrate with those tools. Finally, the data lake needs to support impersonation to create failsafe transparency and auditability at the HDFS file level regarding exactly which users have had access to exactly what data in the lake over time.
3. Make is easy for administrators to implement security
The power of self-service access to data in the data lake era is obvious and will grow significantly as both producers and consumers leverage the capabilities outlined in this article. As this virtuous cycle expands and more users come to the data, the task of securing data in the lake grows as well.
To meet enterprise scale needs, the data lake needs to give administrators easy ways to recognize new users, assign them to user groups, and give them access to the right data. Reporting around users, data access patterns, performance, and data volumes should allow administrators to quickly and easily understand what’s happening in the lake and what steps should be taken to improve efficiency and maintain security. Users for their part should be prevented from causing security problems by automatically and effortlessly being subject to all of the security provisions in the environment whenever they are working in the data lake.
In part one of this series, we said that an enterprise data lake is more than just a set of data in Hadoop. It is an enterprise-scale data management platform – a marketplace that brings together data producers and data consumers in a dramatically new data-as-a-service model.
But to service this new role, the data lake needs to deliver truly enterprise-scale capabilities. As we have laid out here, this is certainly the case with respect to on-boarding data into the lake and the underlying security model.
In our third and last part of this series, I’ll talk about two more aspects of what it takes for a data lake to be truly enterprise ready: integration of the data lake with other applications and systems in the enterprise IT landscape, and data governance.
About the author: About the author: Bob Vecchione is the co-founder and chief technologist at big data analytics software provider Podium Data. Bob is recognized as an industry leader in the design, architecture and implementation of large-scale data systems. His more than two decades of experience includes working for Prime Computer, Thinking Machines, Strategic Technologies & Systems, Knowledge Stream Partners, as an independent data systems architect and now, Podium Data. He hold a degree in electrical engineering from University of Massachusetts at Lowell.
October 22, 2021
October 21, 2021
- Dremio Announces New Dart Initiative Release
- Hex Technologies Raises $16 Million Series A to Help Data Teams Do More
- 2021 GigaOm Radar Report for Data Warehouses Names Yellowbrick Data an Outperformer
- DataRobot Research Finds 86% of Organizations Prioritize AI and ML
- Terrafuse AI Launches New Platform to Visualize California Wildfire Risk
- New Relic Launches In-IDE Observability and Code Collaboration Experience
- KX Announces Launch of KX Academy On-Demand Training Portal
- KDD 2021 Celebrates Winning Teams of 25th Annual KDD Cup
- Global Survey Reveals 8 in 10 Companies Struggle to Unify Data Assets
October 20, 2021
- OctoML Announces Collaboration with Arm for ML Models
- VAST Data Introduces VASTOS Version 4
- DAS42 and AtScale Partner to Deliver Advanced Data Technology Solutions
- Iguazio MLOps Platform Now Supports Amazon FSx for NetApp ONTAP
- Credo AI Emerges from Stealth to Help Organizations Build Ethical AI
- Exxact Partners with SoftIron to Provide Ceph-Based Software Defined Storage Solutions
- TigerGraph, HPE, and Xilinx Announce Graph Analytics Solution for the Enterprise
October 19, 2021
- Quantum Announces Partnership with IBM for Next Generation of LTO Technology
- Scality Delivers Comprehensive Portfolio for Splunk SmartStore Deployments
- Splunk Announces Enhancements to its Enterprise Observability Portfolio
Most Read Features
- Google Cloud Gives Spanner a PostgreSQL Interface
- What Is Data Science? A Turing Award Winner Shares His View
- Big Data File Formats Demystified
- We’re In the Moneyball 3.0 Era. Here’s What It Means for Live Sports
- One on One with Google Cloud Product Director Irina Farooq
- What’s the Difference Between AI, ML, Deep Learning, and Active Learning?
- Who’s Winning In the $17B AIOps and Observability Market
- Composite AI: What Is It, and Why You Need It
- OpenTelemetry Gains Momentum as Observability Standard
- Five Real-World Applications for Sports Analytics
- More Features…
Most Read News In Brief
- Data and AI Salaries Continue Upward March, O’Reilly Says
- Bigeye Observes $45 Million in Funding
- Data Prep Still Dominates Data Scientists’ Time, Survey Finds
- Why Is SAS Going Public?
- Gartner Shuffles the Technology Deck with Latest ‘Hype Cycle’ Report
- LinkedIn Open Sources Tech Behind 10,000-Node Hadoop Cluster
- Feature Stores Emerging as Must-Have Tech for Machine Learning
- The Next Breakthrough in Long-Term Data Storage is….Gold?
- Sisu Nabs $62M to Grow Data Analytics Biz
- Here’s What Splunk Announced Today at .conf21
- More News In Brief…
Most Read This Just In
- Esri Releases ArcGIS GeoBIM, Bringing Spatial Context to AEC Operations
- Databricks Acquires Low-code/No-code Company to Expand its Lakehouse Platform
- PrivaceraCloud 4.0 Enables Governed Data Sharing Across the Open Cloud
- MicroAI to Bring AI Training to Renesas MCUs
- TIBCO Delivers a Comprehensive, Connected Platform for the Adaptable Digital Business
- BriefCam Introduces Video Analytics Enabled on Deep Learning Cameras from Axis Communications
- NetApp to Acquire CloudCheckr and Expand its Spot by NetApp CloudOps Platform
- Dremio Announces New Dart Initiative Release
- OneTrust Enhances First-Party Data Solution to Strengthen Holistic Consent and Preference Management Platform
- Datatron Awarded U.S. Patent for Methodology for Modeling Machine Learning and Analytics
- More This Just In…
Sponsored Partner Content
October 27 - October 28
November 29 - December 3
December 6 - December 10San Diego CA United States
February 7, 2022 - February 9, 2022Houston TX United States
June 26, 2022 - June 30, 2022Hollywood FL United States