Best Practices

Keeping Data Private with the Composable CDP

Sean Lynch April 05, 2024

Sean is co-founder and Chief Product Officer (CPO) at Census. He loves enabling data-driven organizations, so he's energized by introducing the world to Data Activation. San Francisco, California, United States

One of the benefits of composing your Customer Data Platform on your data warehouse is enforcing and maintaining strong controls over how, where, and to whom your data is exposed.

Rather that creating a separate data silo for marketing purposes, the Composable CDP approach enables companies to keep their data within their perimeter and control access. The apps in the composable ecosystem take advantage of the privacy controls that data warehouses provide and complement it with their own. As an owner or manager of the data stack, it’s critical to understand the tools available to you to keep data where it’s meant to be.

So here’s a rule of thumb to start:

Data Warehouse controls what data to share
Census controls who can see the data, and/or activate it

Data Warehouse: Security Controls

Though cloud data warehouses have risen to prominence only within the last decade, they’re built on the fundamentals of relational databases that span all of modern computing. And with that comes an extremely rich set of security controls.

As anyone has ever connected to a database knows, you’ll need a username and password. Modern data warehouses build on this history by offering a rich set of controls for granting permissions to users and roles on entire databases, schemas, or even individual tables. They take care of the complexity of verifying those security controls through queries of any level of complexity.

Census is built to take advantage of the data warehouse's robust security, privacy, and governance capabilities. You can set up a user and role that grants Census exactly the level of access to a data warehouse that is necessary and no more. The user and role can be updated to add or remove resources at any point, and Census responds as necessary.

You can combine separate warehouse users with Census Workspaces and Access Controls to limit the datasets available to individual teams. For example, you might want to give Sales Ops teams detailed access to pipeline and account information in your CRM, without the ability to overwrite marketing leads.

You can even provide more fine-grained controls, removing certain columns or taking advantage of row-level security capabilities. This allows you to dynamically apply a filter to data based on the user querying a table. This powerful capability can make multitenancy use cases like Census Embedded safe and secure.

Warehouses give you alternative authentication mechanisms, audit logs, and many more features to control and monitor what data. But there’s also one less obvious benefit to mention: Data Locality. You control where your data lives; which cloud, which region, and how it’s accessed. If you ever decide to change the components out of your marketing stack, you can simply cut off access. The data stays where you keep it.

Census: Data Access Controls

As mentioned above, you can use multiple warehouse connections across workspaces, and combine that with user access controls to limit who can take which actions on the datasets shared with Census.

However, activation can put data teams in a difficult place. Activation almost always requires PII. Though many advertising destinations will accept hashed user identifiers for their matching mechanisms, building contact records in CRMs or creating audiences for email campaigns is almost always going to require an email address.

Don’t stress! Census enables activation of PII without exposing that PII to users. In addition to access controls, your data team can mark the sensitive columns of datasets as PII. This will hide the values in any place data is previewed within the Census but users can set up syncs to handle sensitive data without issue. Not far enough? Admins can disable all data previews in Census completely to ensure that no data points are ever visible through the UI.

Between Workspaces, Access Controls, and PII Masking, Census takes advantage of the data your warehouse exposes and makes it easy to control who can see or use it.

Wrapping Up

The benefit of the Composable CDP approach is that you can make strong commitments about how and who is using your data, without sacrificing the agility to use it. I hope this illustrates all of the different tools that are at your disposal, and not just through Census.

As the responsibility to keep user data safe weighs heavier on the minds of data (and the legal folks behind them), it’s critical to know all the tools at your disposal and when to use them. At Census, our mission is to make your data trustworthy and actionable, but we can only deliver on that by also making sure our customers can do that safely and securely. If we can give your business operations a hand by enabling this with your data, reach out! We’d love to help.

Start a free 14-day trial today, or schedule a call with our team.

Customer Stories

Built With Census Embedded: Labelbox Becomes Data Warehouse-Native

Every business’s best source of truth is in their cloud data warehouse. If you’re a SaaS provider, your customer’s best data is in their cloud data warehouse, too.

Jeff Sloan April 08, 2024

Product News

Sync data 100x faster on Snowflake with Census Live Syncs

For years, working with high-quality data in real time was an elusive goal for data teams. Two hurdles blocked real-time data activation on Snowflake from becoming a reality: Lack of low-latency data flows and transformation pipelines The compute cost of running queries at high frequency in order to provide real-time insights Today, we’re solving both of those challenges by partnering with Snowflake to support our real-time Live Syncs, which can be 100 times faster and 100 times cheaper to operate than traditional Reverse ETL. You can create a Live Sync using any Snowflake table (including Dynamic Tables) as a source, and sync data to over 200 business tools within seconds. We’re proud to offer the fastest Reverse ETL platform on the planet, and the only one capable of real-time activation with Snowflake. 👉 Luke Ambrosetti discusses Live Sync architecture in-depth on Snowflake’s Medium blog here. Real-Time Composable CDP with Snowflake Developed alongside Snowflake’s product team, we’re excited to enable the fastest-ever data activation on Snowflake. Today marks a massive paradigm shift in how quickly companies can leverage their first-party data to stay ahead of their competition. In the past, businesses had to implement their real-time use cases outside their Data Cloud by building a separate fast path, through hosted custom infrastructure and event buses, or piles of if-this-then-that no-code hacks — all with painful limitations such as lack of scalability, data silos, and low adaptability. Census Live Syncs were born to tear down the latency barrier that previously prevented companies from centralizing these integrations with all of their others. Census Live Syncs and Snowflake now combine to offer real-time CDP capabilities without having to abandon the Data Cloud. This Composable CDP approach transforms the Data Cloud infrastructure that companies already have into an engine that drives business growth and revenue, delivering huge cost savings and data-driven decisions without complex engineering. Together we’re enabling marketing and business teams to interact with customers at the moment of intent, deliver the most personalized recommendations, and update AI models with the freshest insights. Doing the Math: 100x Faster and 100x Cheaper There are two primary ways to use Census Live Syncs — through Snowflake Dynamic Tables, or directly through Snowflake Streams. Near real time: Dynamic Tables have a target lag of minimum 1 minute (as of March 2024). Real time: Live Syncs can operate off a Snowflake Stream directly to achieve true real-time activation in single-digit seconds. Using a real-world example, one of our customers was looking for real-time activation to personalize in-app content immediately. They replaced their previous hourly process with Census Live Syncs, achieving an end-to-end latency of <1 minute. They observed that Live Syncs are 144 times cheaper and 150 times faster than their previous Reverse ETL process. It’s rare to offer customers multiple orders of magnitude of improvement as part of a product release, but we did the math. Continuous Syncs (traditional Reverse ETL) Census Live Syncs Improvement Cost 24 hours = 24 Snowflake credits. 24 * $2 * 30 = $1440/month ⅙ of a credit per day. ⅙ * $2 * 30 = $10/month 144x Speed Transformation hourly job + 15 minutes for ETL = 75 minutes on average 30 seconds on average 150x Cost The previous method of lowest latency Reverse ETL, called Continuous Syncs, required a Snowflake compute platform to be live 24/7 in order to continuously detect changes. This was expensive and also wasteful for datasets that don’t change often. Assuming that one Snowflake credit is on average $2, traditional Reverse ETL costs 24 credits * $2 * 30 days = $1440 per month. Using Snowflake’s Streams to detect changes offers a huge saving in credits to detect changes, just 1/6th of a single credit in equivalent cost, lowering the cost to $10 per month. Speed Real-time activation also requires ETL and transformation workflows to be low latency. In this example, our customer needed real-time activation of an event that occurs 10 times per day. First, we reduced their ETL processing time to 1 second with our HTTP Request source. On the activation side, Live Syncs activate data with subsecond latency. 1 second HTTP Live Sync + 1 minute Dynamic Table refresh + 1 second Census Snowflake Live Sync = 1 minute end-to-end latency. This process can be even faster when using Live Syncs with a Snowflake Stream. For this customer, using Census Live Syncs on Snowflake was 144x cheaper and 150x faster than their previous Reverse ETL process How Live Syncs work It’s easy to set up a real-time workflow with Snowflake as a source in three steps: