SAS sounds a warning on open source governance
While open source has become the de facto software development methodology for most organisations today, businesses should ensure that doing so will not compromise their ability to meet regulatory requirements.
That’s the warning from Akesh Lalla, country manager of business analytics company SAS, who acknowledges that the embrace of open source is a “business imperative” for most businesses, particularly those that want to remain agile and responsive. As a result, an increasing number of analytical models were being developed in open source.
However, developing the software is only part of the equation. A possibly greater challenge lies in taking that software into production, particularly in an increasingly stringent regulatory environment. South Africa is no exception to this, where, according to Lalla, the regulatory environment – especially in the financial sector – is becoming tighter and more challenging.
“It’s important to be able to see right through your entire data lineage, to know how the data has changed and how AI inside the model has impacted the results and outputs. When the regulator asks those questions, organisations must be in a position to answer; regulators expect companies to provide the appropriate levels of traceability and auditability,” he says.
Lalla maintains that open source software development does not always enable this level of transparency, accountability, governance and, ultimately, trust.
People entrust organisations with their data. It is therefore essential that the organisation has mechanisms in place to meet these expectations. In addition, they have to develop and maintain an internal organisational moral compass for protecting the agreed upon use of the data.
A hybrid approach of combining both open source and proprietary software is the most effective way to combine rapid development with deployment at scale, and reliability in model management.
“Controls are also necessary to provide trust in the data. Businesses have to trust that the results of models are accurate and that those models will continue to perform into the future. Transparency, governance and security are all essential components, and they become even more critical when organisations scale their efforts,” he adds.
All this, he explains, can be summed up in what SAS refers to as “digital guardianship”.
Given the potential frailty of open source in the area of “digital guardianship”, Lalla believs that a hybrid approach of combining both open source and proprietary software is the most effective way to combine rapid development with deployment at scale, and reliability in model management.
SAS, which has embraced open source and developed an open platform that supports and accelerates the entire end-to-end analytics life cycle, therefore believes that a hybrid approach of combining open source with proprietary software could deliver the best of both worlds – proprietary for the required “digital guardianship”, and open source for agility, innovation and responsiveness.
“Robust end-to-end data science platforms benefit any company working with data at scale. It’s imperative to work with products that allow data scientists to write code and build models in any analytic programming language of their choice, but deploy and run them in a controlled, enterprise-grade environment with full end-to-end traceability,” Lalla concludes.