Immuta Spotlight: Sam Carroll on Solving Business Problems with Technical Solutions

After working at Immuta for some time, I found myself asking “What exactly is a Solutions Architect?” I was curious about what problems they face and how they design their respective solutions.

To get to the bottom of this question, I sat down with my colleague Sam Carroll, who has worked as a Solutions Architect at Immuta for two years. 

Sam is an experienced consultant with a history of working in the data and analytics industry. He uses his skills in programming, databases, business intelligence, analytics, and automation to help businesses implement Immuta most effectively. Sam holds a bachelor’s degree in Business Information Technology from Rogers State University in Oklahoma. 

Additionally, you can find Sam on our YouTube channel, where he posts explainer videos and marketplace demos, to help curious data professionals better understand the Immuta Data Security Platform.

As a Solutions Architect, Sam guides customers through their Immuta implementation process. During our conversation, we explored that very process, as well as the added benefits of implementing Immuta along with our newest product, Immuta Detect

Alec Gannon: Hey Sam! To begin, what is your role at Immuta and what does it entail?

Sam Carroll: Sure! I’m a Partner Solutions Architect at Immuta. So, I work with our ISVs, (independent software vendors) and global/regional solution integrators to enable them in an account to implement Immuta when it’s a good fit for us.

AG: It sounds like as a Solutions Architect, you’re at a place where business and technology intersect. Where does your role fit into that intersection?

SC: As part of solution architecture, we are the technical arm of the sales organization. Meaning, we get hands-on with customers and prospects to figure out their current security challenges. Much of that involves touching a lot of different cloud systems and knowing how those cloud systems work. So, I help customers realize value with Immuta and demonstrate how that fits into their modern data stack architecture.

AG: Got it. So, how do you determine Immuta’s fit into a prospective business while achieving technical success?

SC: Systems integration comes with experience. When I was at Cisco, I was working vertically with every major customer. I was on-site with most of our customers as a part of their team implementing responsibilities. It’s about scoping out the landscape. It depends on the problem, but normally some ideas are extraneous to the core problem. So, it’s important to isolate the core problem and build a solution around it.

A lot of times, architects will try to solve problems by implementing technology they already know. They think, “Oh, we can solve this problem with this tool,” when they haven’t even asked what’s the actual problem they’re trying to solve. So, the best way to drive technical success is to stay fundamentally grounded in fixing a business problem.

AG: Sure, it makes sense to have that anchor point. Is the technical approach similar with different customer spaces?

SC: Obviously, we have to know the space well. At Immuta, we touch so many different platforms. We have big customers with multiple cloud computes. It’s important to have a well-rounded knowledge of how each one operates because they do things slightly differently. The job entails listening to the business case and tying that back into whatever their environment looks like, then giving a technical plan based on that.

AG: How might implementing Immuta change going forward with our new product, Detect?

SC: Data security and access policy can be very siloed in an organization. Meaning, typically there’s a data engineering team or a database administration team that’s implementing the policy logic.

What Immuta now allows us to do with Detect is bridge the gap between all the different parties in an organization. So, data engineers or business analysts build the policies, but they can all collaborate in a single place. Engineers build their code pipelines and push Immuta policy with their code data while data analysts can go into Immuta in the UI and see it in an easy-to-understand way. Additionally, with the introduction of Detect, CISOs and security professionals can get a glance at the entire landscape of all their data access in a single place while being able to collaborate with these other teams to ensure that data is being used correctly. Essentially, we’re filling the gap in security silos with our product by letting everybody cross-collaborate and enforce this thought that everyone in the organization is responsible for the data, not just the data engineering teams.

AG: So, with Detect, all of this information is displayed in one harmonized model. What kind of business problems can that solve?

SC: Today, it’s really hard to figure out who’s querying data. It’s especially a challenge when you have multiple platforms. This is mainly because of the way these different systems audit the query information, the way they break it down, and the level of detail they provide. For example, the format of the logs may be slightly different. So, historically, people are doing a lot of this work by themselves. They’re formatting it, they’re extracting, transforming, and loading (ETL) it somewhere.

Obviously, there’s a lot of risk involved if the ETL fails. Now, we’re going to manage all that automation for you. We’re going to put all the logs from your cloud compute platforms in a single place.

AG: What’s the benefit of that?

SC: The added benefit of that is we’re doing something intelligent to help classify what type of behavior is going on there. That way, you can see if something’s highly sensitive. For example, maybe they’re joining two tables together that are typically not sensitive because they joined a customer table with sales information. Now, they’re getting additional insight that now makes that query dangerous or potentially sensitive based on whatever criteria we set.

Immuta will now provide that type of information and manage the technology to do it. Also, we’ll let you export that to your existing SIEM solution. So, if you’re already using Splunk or some other tool to monitor this stuff, it’ll be easy for us just to drop in. Ultimately, the data will be correct because we’re spending a lot of engineering time to make sure all of these logs for these different systems match so we can analyze them.

AG: Great, thank you for the breakdown. Finally, to switch gears a bit, you create a lot of content for Immuta, including things like marketplace demos and explainer videos for our YouTube page. Has your role as a Solutions Architect, guiding companies through implementations, helped you gain the skills necessary to make some of this content?

SC: I have a background in consulting. I worked for Cisco for three years and we did a lot of training and enablement for customers. Typically, if I get a lot of the same questions from different people, I’ll make a video to answer them in one place. The videos started as a tool to enable people to better understand Immuta quickly and easily.

Coming from a technical background, it’s easier to explain these ideas because we’re dealing with some challenging concepts. Security’s not always straightforward. It’s typically pretty complex, but if we can break it down into little chunks, I find that it’s a lot easier to consume.

AG: Well, thank you for not only your explainer videos but for helping us better understand the Solutions Architect role, as well as how Detect will help our customers.