Codified: Governance for the Modern Data Estate

The Emerging Gap Between Data and Governance

Data is a company’s greatest asset. It can also be its greatest risk. Every year, enterprises face devastating financial, reputational, operational, and legal consequences as a direct result of data leakage. Security teams invest a meaningful amount of time, capital, and human resources to ensure that proprietary data stays proprietary. One of the primary way enterprises protect their data is through data governance – the creation and enforcement of policies that determine who can access what data and when. Sounds simple, right?

Consider the following example: A customer support representative needs to access customer data to provide support. Unfortunately, giving all support reps permanent access to customer data is risky. Ideally, you want reps to access data for only a specific customer, and only when a corresponding support ticket is active, and perhaps only for certain types of customer data, and perhaps only for a subset of your reps, and perhaps there are certain regulatory rules that need to be obeyed given the customer’s location. Then you realize this customer data sits in four different data warehouses. On top of that, you need a mechanism to automatically turn this access off when the support ticket is resolved. The amount of complexity associated can be enormous…and this is just for a single policy.

Today, enterprises use a variety of home-grown and tool-assisted solutions to provide data governance. Unfortunately, these solutions can’t keep up and enterprises are forced to take shortcuts, often exposing their data in the process. In parallel, the modern data estate is evolving, and data governance is becoming increasingly hard due to the following macro trends:

• Growing number of data stores: It’s not just data that is growing, the places where data is stored are growing too. For the modern enterprise, data exists across multiple databases, data warehouses, and a long tail of applications. An optimal data estate is often one that is expansive, but data governance, by definition, needs to be unified.
• Growing adoption of AI: AI, specifically GenAI and LLM’s, introduce a new medium through which data is supplied, queried, and retrieved. The architecture of these AI models and tools makes it incredibly difficult for enterprises to set and track policies and permissions. And this is just the tip of the iceberg. Agents will eventually be able to access data and take action, and security teams will need a way to govern this emerging wave of tools.
• Growing regulation: Regulation, for better or worse, is here to stay and will increase over time. Top-down data privacy and protection regulations are further accelerating the importance of granular governance within the enterprise.

While data governance is not a new problem, the pain points around modern data governance are new and increasingly frustrating. A next generation platform is needed to address the needs of the modern enterprise.

Enter Codified

Codified is a modern data governance platform that enables customers to have simple, contextual, and real-time authorization to data across their heterogeneous data estate while improving their security posture. There are five key pillars to the Codified platform:

• Natural language policies: The gap between envisioning and implementing data policy is significant, irrespective of enterprise scale or the type of data involved. Codified enables the creation of policies in natural language, making them accessible for both machine execution and human comprehension.
• Comprehensive, expansive conditionality: Codified connects to multiple systems, including data and identity, building a knowledge graph that allows rich and comprehensive expressions of all conditionality. Codified evaluates authorization outside of the data store, allowing users to create policies that are not limited by the data store.
• Real-time workflows: Users and applications can request access to data through Codified, where each request is evaluated against every policy and processed in real-time. Additionally, these workflows can incorporate steps that necessitate human approvals or inputs, blending automated efficiency with necessary human oversight.
• Just-in-time access: Codified ensures that data is only accessible if both the policy allows it and the user is requesting it, turning off persistent access and improving security posture.

Our investment in Codified reflects not only our conviction in the product, but also a deep conviction in founder and CEO Yatharth Gupta. Throughout his uniquely well-rounded career, Yatharth has hired and led teams across engineering, partnerships & sales, and product, primarily at data-first organizations. Most recently, Yatharth led product at SingleStore and previously spent over a decade at Microsoft, where he built and executed the product partnership between Azure and what was, at the time, a small and relatively unknown company called Databricks. Simply put, we can’t think of a more qualified individual to realize the Codified vision.

In addition to an incredible team of initial hires, Yatharth has surrounded Codified with an exceptional roster of advisors and angel investors, including Ali Ghodsi (founder and CEO of Databricks), Arnab Bose (Chief Product Officer, Workforce Identity Cloud at Okta), Bob Muglia (ex-CEO of Snowflake), JG Chirapurath (CMO of SAP) and Shireesh Thota (VP, Databases at Microsoft).

Vine is thrilled to partner with Yatharth and the entire Codified team.