How to Give Everyone Access to Your Data and Still Keep it Safe

by Rob Richardson, Developer Advocate, Cyral

  @rob_rich | @cyralinc |

About Me

Rob Richardson

Rob Richardson is a software craftsman building web properties in ASP.NET and Node, React and Vue. He's a frequent speaker at conferences, user groups, and community events, and a diligent teacher and student of high quality software development. You can find this and other talks on and follow him on twitter at @rob_rich.

While in an audit,
how do I document I've given
the minimum required permissions?

Securing the Data

The Approval Process

Infrequent or Unusual Tasks

Just grant them access forever


They just can't get the job done


Use a shared service account

... and lose the audit trail


GitHub History
GitHub Conversation
GitHub Approvals

What if we could store our
data access policies
as code?

Policy as Code

Policies are standardized into records readable by both the people who manage them and the systems that enforce them.

The Goal


Data maps and Policies


GitOps for Policies


ChatOps for policies