About Swedbank
Swedbank is the largest banking group in Sweden and the third-largest in the Nordics, serving roughly 8 million customers with retail banking, mortgage, asset management, and other financial services and products. As part of its digital transformation journey, Swedbank sought to enhance value for its customers by unifying disparate data sources into a single data lake, migrating analytical capabilities to the cloud, uncovering deeper insights at scale, and improving time-to-market of data use cases.
Subject to the standards of a highly regulated banking market, Swedbank recognized that data security and access control were key to building a superlative data management ecosystem. Its legacy on-premise solution with Hadoop was approaching end of life, and the swelling maintenance costs of its existing solution for data access control, Apache Ranger, were becoming untenable. The bank needed a new data security platform to support the new data platform it was rolling out.
Swedbank’s strategic vision for its enterprise analytics platform (EAP) was to build a resilient, scalable infrastructure to enable the widespread availability of advanced analytics while streamlining the analytics process to achieve operational efficiency. This platform approach represented a realistic, cost-efficient way for the bank to overcome resource constraints and unlock use case value potential across the entire value chain.
Challenge
Faced with increasing operational costs, Swedbank’s on-premises solution could not adapt to new business requirements. This solution was replicated data across platforms, had limited capabilities to separate storage from compute, and lacked support for deep learning and AI capabilities. One of the key drivers for the bank was to look at data across all silos and build analytics to drive its machine learning models. To achieve its goals, Swedbank made the strategic decision to migrate to the cloud, leveraging a combination of Databricks, Immuta, and Azure.
What Swedbank needed, in short, was a cloud-based data platform that supported deep learning, artificial intelligence, secure data sharing, and fast analytics. The stakes were high, as its choice of platform would catalyze a shift from the company’s “default no” culture to a “default yes” culture that would enable it to scale, control, and democratize data throughout the organization.
“We needed to build a solution that would enforce trust in our security, management, and access to data internally, whilst protecting our customers assets and data,” said Vineeth Menon, Head of Data Lake Engineering at Swedbank. “We knew we needed to change our culture, processes, and platforms to create resilience for the future.”
Solution
Swedbank made the strategic decision to leverage Databricks’ and Azure’s cloud capabilities in building its new EAP. Importantly, Databricks would provide deep learning and AI capabilities at scale. The bank could also save costs by separating storage from compute while accelerating time to market.
“A significant advantage over an on-prem solution is having a completely separate storage in Microsoft Azure,” Menon said. “This is key to having centralized production data available for all environments for all our customers to quicken time-to-market.”
Swedbank also selected Immuta as its data security platform to integrate with Databricks and provide comprehensive, end-to-end data security. It chose Immuta for several reasons:
- Robust functionality: Immuta provided a unified solution capable of data discovery, auto-classification, authentication, auditing, user and tag syncing, and enterprise support for both role- and attribute-based access control.
- Scalability: Immuta’s native integration with Databricks, dynamic data masking capabilities, and compliant data governance met future requirements to scale toward unified data governance.
- Time to value: Best-in-class data governance and access controls that accelerate cloud migration in a more secure manner than ever before. (Swedbank’s first policy would be implemented just two months after go-live.)
“Our aim was to create more intelligent access control with greater efficiency,” Menon said. “This was only possible through an advanced implementation of access control, which facilitates a higher degree of automation and transparency.”
Using Databricks and Immuta, Swedbank migrated all critical analytics workloads to a secure cloud environment in less than a year. This was achieved through the full collaboration and investment of compliance, policy security, and technical teams sharing one goal and one initiative, including the ability to manage export rules on data in compliance with various regulations governing data security.
Data access for use cases span across data exploration, the model development life cycle, and data consumption for downstream data products. As long as they have the purpose, data scientists would have full access to all data needed to support advanced analytics and machine learning. User authentication and authorization for data access is managed by Immuta based on policies and metadata of users for the complete analytical model life cycle.
Results
With the help of Immuta and Databricks, Swedbank moved from a static and limited role-based access control model to a dynamic and scalable role-, attribute- and purpose-based access control model. Trust is now built into processes, data scientists have a purpose, and access is both need-based and secure. The cloud migration process was a huge transformation that now allows data science and analytics teams to access the data they need when they need it as long as they have the right purpose and are adhering to company policy, compliance, and security guidelines.
Immuta enables Swedbank’s data team to run data models compliantly and securely on Databricks while consistently enforcing all purpose-driven access and usage. This model moves far beyond traditional role-based access control, enabling a whole new paradigm of trust across every data-driven team in the organization.
With Immuta, Swedbank has tagged 100+ terabytes of data across 2500+ sources for policy authoring, with plans to integrate with an external data catalog.
“Immuta provides easy native integration with Databricks with a scalable model for unified data access across leading cloud technologies,” Menon affirmed. “Its self-service GUI combined with dynamic and native policy enforcement in Databricks increases overall productivity and user adoption.”
Since adopting Immuta, Swedbank has achieved significant process improvements and time savings across its enterprise, including:
- 3x time saved setting up data security and self-service policy authoring
- 2x more data use cases
- 5x improvement in process efficiency
- 100% data access compliance
- Advanced data analytics to develop security-focused intelligence and add value for bank customers
“It is absolutely important for any organization to build an easy-to-use platform with the capabilities various users require to scale analytics,” Menon attested. “Immuta and Databricks have made our lives easier by ensuring the right people have the right access to the right data at the right time.”
What It Means For You
In financial services, adaptability is key to maintaining a competitive advantage and driving bottom-line results. This is particularly true as the industry quickly moves to adopt AI and ML models in order to personalize services, improve predictive analytics, and more. But as more users, including nonhuman identities and AI agents, demand fast access to more data, incorporating a tool to manage data access requests will be critical for moving innovation forward. Integrating Immuta allows institutions like Swedbank to address typical speed and scalability challenges, while ensuring data use is secure and compliant.