Platform governance with a shared vision
We were joined by Mythili Krishnaraj, Global Delivery Lead – Pricing and Analytics Platform at AXA XL.
Mythili provided a really helpful view into the IT/technology perspective and shared the steps to platform governance at AXA XL.
At (24:14) Mythili shares some guidance on how their team manages 200 users:
With onboarding of users, they are put into different AD Groups. Some users might only use Workbench and are not publishing content to Connect so they are put in different AD Groups.
Something that was initially lacking for us is that we didn’t know who was successfully onboarding or when someone left and we needed to revoke access to reallocate the license.
The governance was thought about as what can we do in terms of each steps?
First, with the license:
1️⃣ How do you get them onboard?
2️⃣ How do you keep an audit trail of what they are doing?
3️⃣ How can we tell when they are leaving?
One other consideration was – what if someone is not able to use the license for 5-6 months? We started putting a timeline around it. If they don’t use the platform for 6 months, we get in touch with them and find out whether they need the license. Otherwise, we take it back.
The team has also started their own R training to support new users. We have helped them with a sort of Wiki to put together all of our R resources so that they know who to go to for a request, how to connect to a data source, etc. That sort of knowledge sharing was a requirement.
In terms of governance, we have also segregated the environments now: we have separate development and production. In development, we also have staging and non-prod.
When they are ready to publish a model, they come through a ticket. We go through it to see what they are deploying, which are the data sources, have they used any hard coded passwords, etc.
There is also a validation framework which we are using. Are they using licensed libraries? Are they using proper packages?
A few tips also shared at (17:06) for IT and data science teams to successfully work together:
Help the IT team understand the value of what you’re doing. Maybe your eventual output takes a week, a month, or even six months. It’s very important for them to be able to understand that value of what you’re going to bring in.
Explain to IT the flexibility that you need. Analytics and data science is all about the speed that comes with any platform.
It’s always a two-way street. Let them know that you’re here to support the governance, security and stability as well. Say, “I’m going to be really supportive of your guardrails but at the same time I’m expecting XYZ from your team.”
Collaboration is required. Each team knows how we work now and there are sometimes tradeoffs for both sides, but we are able to deal with that because we want to do what’s best for the business. This objective is the same both for technologists and the data science world.
Where the conflict comes in is when there is no shared vision. To get that shared vision, both teams need to talk.
This conversation also reminded me of the meetup with Gordon Shotwell at Socure on Creating Secure Systems for Growth: https://www.youtube.com/watch?v=UnLpB4IDpZU
Follow-up blog post on that meetup above as well, “How Data Scientists and Security Teams Can Effectively Work Together” https://www.rstudio.com/blog/how-data-scientists-and-security-teams-can-work-together/