Author: Kevin
-
Governance Without Slowing Everyone Down
At this point in the series, we’ve talked a lot about visibility, exposure, and risk. And that’s necessary. But eventually, every governance conversation runs into the same wall: “This sounds great… but people still need to get their jobs done.” That tension is real. Because the fastest way to make governance unpopular is to make…
-
Using AI to Improve Access Governance Instead of Making It Worse
So far in this series, AI has mostly been the thing exposing the problem. And fairly so. AI amplifies access models.It traverses systems quickly.It exposes weak governance faster than most organizations are prepared for. But here’s the part that gets overlooked: AI can also become one of the most effective tools for understanding access complexity.…
-
How to Clean Up Access Control Without Breaking Everything
At some point, every organization reaches the same conclusion: “We need to clean this mess up.” Usually after: That realization matters. But it’s also where many teams make a critical mistake: They treat access cleanup like a technical problem. It isn’t. It’s an operational problem wrapped around a technical system. And if you approach it…
-
Stop Guessing: Build a “Who Has Access to What” Dashboard
By now, a few things should be clear: Your access model isn’t a hierarchy – it’s a graph.That graph contains hidden exposure paths.And those paths can be measured using real signals. That’s a solid foundation. But there’s still a gap: You can’t manage what you can’t see. SQL queries are great for analysis.They’re terrible for…
-
You Can’t Fix What You Can’t Measure: Introducing the Access Risk Score
By this point, two things should be very clear: Your access model is not a clean hierarchy.It behaves like a graph of inherited, interconnected permissions. Which leads to a practical problem: If access is a graph… how do you measure risk inside of it? Because listing roles doesn’t work.Auditing permissions doesn’t scale.And “review everything quarterly”…
-
Your Role Hierarchy Is Probably Lying to You
Most data platforms look clean on paper. Roles are defined.Permissions are assigned.Access flows in a structured hierarchy. It’s logical. Predictable. Auditable. At least, that’s the idea. In reality, the access model you think you have and the access model you actually have are more than likely two very different things. And the gap between them…
-
Most AI Initiatives Don’t Fail for the Reason You Think
Over the past few weeks, I’ve been writing about a pattern I’ve seen across a lot of data platforms: AI initiatives start strong… and then stall. Not because of talent.Not because of tooling. Because of architecture. Across different organizations, the pattern is surprisingly consistent: In fact, they’re the default path for many teams. But when…
-
From Legacy to AI -Ready: A Practical Modernization Roadmap
Part 5 in a series on evolving SQL Server environments into AI-ready architectures. Once organizations recognize the architectural gap between traditional platforms and AI workloads, and understand why lift-and-shift migrations fall short, the next question becomes practical: How do we move forward without disrupting the systems that already work? For most teams, the answer isn’t…
-
Where SQL Server Meets AI: The Case for Hybrid Architecture
Part 4 in a series on evolving SQL Server environments into AI-ready architectures. Simply moving SQL Server to the cloud isn’t enough. Lift-and-shift migrations reproduce the same bottlenecks — often at higher cost. The friction between traditional platforms and AI workloads persists. The solution isn’t abandoning SQL Server. It’s placing workloads where they belong: a hybrid…
-
The Lift-and-Shift Migration Trap (and Its Hidden Costs)
Part 3 in a series on evolving SQL Server environments into AI-ready architectures. Once organizations recognize the architecture gap we discussed in a previous post, the natural instinct is often straightforward: “Let’s move the warehouse to the cloud.” Databases migrate. Pipelines move. Infrastructure changes. The environment is now technically modernized – cloud-based, scalable in theory, and…