We'd like to introduce you to Tranquil Data. We are the response to a simple idea: as companies transform they not only need new technology, they need technology that aligns teams across the business.
We're focused on helping companies get new value out of data by ensuring that as business transforms, data continues to be used in compliant fashion. So, we're also focused on giving end-users confidence that their data is being used as-intended, and therefore making it simple for owners and consumers of data to communicate effectively. When you get everyone on the same page, you create a common perspective that fosters collaboration and global community.
And at our heart, that's what Tranquil is all about. We're building core platform software, where the goals of that software are driven by a deep desire to remove uncertainty and give stakeholders who speak through compliance, data, code or infrastructure a common perspective. We firmly believe that this is both a technical and social challenge, and have deep conviction that it's core to nearly every system we build today, yet something that few in our industry understand how to speak to.
This isn't a new challenge, so why would we step back and think about it now? Simply put, as the power of data systems matures we are hitting a new bottleneck for both software evolution and business expansion: the underlying context for why data exists is being lost. Context is a concept fundamental to nearly all business. It is how we speak to intention (what we can do with data) and segmentation (how we can share it).
These are hard concepts from an engineering perspective. They are business and regulatory concepts that map to contracts and service agreements, but they don't easily translate to code and schema. They are something we try to encode in application logic, but have no way to test in a repeatable fashion. As a result, it’s almost impossible to get lawyers, engineers, and operators all speaking the same language, and to make them confident that they’re all solving for the same problem.
Put another way, industry is full of regulatory and certification language like GDPR, PCI-DSS, PSD2, ISO 27001 etc. Compliance and legal experts use that language to draft Master Service Agreements and End-User License Agreements, mapping general requirements into the business' specific offerings, and borrowing language about usage, isolation, mitigation or transparency. Developers and operators, in turn, are expected to build or validate systems against these agreements. In practice, this leads to many applications and processes implementing a best-effort support of the agreements that can neither be tested by the technical roles nor surfaced and validated by the business owners. When the agreements change, or new agreements are drafted for new lines of business, it's often unclear how to align the implementations.
Throughout their careers, our co-founders have worked directly with customers in enterprise focused on technology transformation around data. They have watched fist-hand the challenges communicating between business and technical roles, and have seen the same pattern play out too many times: the lack of proactive, policy-based services makes developers less effective, leaves compliance officers in the dark, and pushes operators to fill the gap through complex audit and provisioning processes. Our co-founders were classmates 20 years ago, and while remaining close friends they had always worked separately. Independently, they realized the importance of this space, and together decided to pool their experiences and tackle this challenge head-on.
So, how do we tackle this challenge? We believe there are two key pieces.
One piece is software that can be adopted "up-stream" as applications are first built or modified. Engineering teams can adopt our product early to validate their applications with no changes to their code. As our software becomes part of integrated tests, development teams get insight into application behavior and have regression tests against rules from business teams. This enables streamlined development, and as our software migrates from validation in test to enforcement in production, confidence moves "down-stream" and enables new uses around the same data, with clarity that each new user, script or application is adhering to business requirements.
The second piece is a platform view that makes it simple to translate from compliance language to enforceable policy. We are building software that is deployed as a logical service, but more importantly, driven by policies that separate application code from business rules. We're taking that further by building interactive, collaborative tools that directly invite compliance owners to define rules, so business owners can see where and how agreements are being validated or enforced. Technical roles are invited to the same process to fill-in the translation to data models, giving all stakeholders an end-to-end view of how regulatory language maps to running code. The result is a system that makes it easy to audit behavior and expose that behavior to end-users.
Deployed in a single container on a laptop or scaled-out as a service, our software does this by proactively building a meta-data model about your operational data, aggregated across users and databases. That model is the context about your data that's missing today. It speaks to lineage, connectivity, identity, and the facets of data that are relevant to business requirements. It provides an unambiguous view into how data is used and flows, and a baseline truth to use as your applications and platforms evolve. Today, it can give you a new and valuable perspective, and inform the process of validating or enforcing compliance. Tomorrow, it will help surface both patterns that represent bad actors and insight into new business opportunity.
Today we've pushed out a new website hosting this blog. Over the coming months you will see us posting and fleshing out the web site, with more details about the product, the use-cases it addresses, and the direction the company is taking. We'd love to have you follow-along through the links below, or jump in and become an early user. We're excited about what we've started and where it can take our industry, and can't wait to help you on your journey.