How Data Modernization Fuels Innovation at Booking.com

Maintaining the status quo has never been part of any competitive or innovative business strategy. From startups to large enterprises, data modernization is a priority because of the technological and business benefits it delivers.

The modernization process gives teams the opportunity to innovate within their data ecosystem. Whether it be an architectural paradigm, a new platform, or an updated approach to data management and access, implementing new concepts and tools helps reinvent the way companies interact with and derive value from their data.

At the 2024 Snowflake Data Cloud Summit, Booking.com Group Product Manager Jay Stricks and Principal Data Engineer Dimitar Nedev shared how their team seized the opportunity to modernize their data stack and enhance their cloud data capabilities. They detailed the unique challenges Booking.com faced, the partners they chose to work with, and the key capabilities that enabled their team to develop a cloud-based, democratized solution.

Why Booking.com Needed to Modernize

Booking.com had been operating in a hybrid infrastructure, with both cloud-based and on-premises data storage supporting their data marketplace. While their existing architecture was powerful, it was not well-equipped to handle the needs of a growing number of employees, partners, and millions of customers – not to mention the terabytes of data being generated.

It became clear that to reach the next level of innovation, Booking.com needed to leverage the full benefits of the cloud. Rather than view modernization as simply a technical necessity, the team approached it as an opportunity for innovative growth.

“We’re doing…modernization and migration at the same time,” said Stricks. “We think about it very strategically – we aren’t just migrating, we aren’t just modernizing. We find the opportunities.”

We're doing…modernization and migration at the same time. We think about it very strategically – we aren't just migrating, we aren't just modernizing. We find the opportunities.”

Jay Stricks, Group Product Manager, Booking.com

Booking.com set core objectives to navigate the migration and modernization process. These included:

1. Scaling storage: Migrating analytical workloads to AWS and making Amazon S3 their primary data storage method for Iceberg tables.
2. Scaling compute: Broadening their use of Snowflake outside of its warehousing capabilities, and incorporating a secondary compute layer with Spark.
3. Scaling data access: Incorporating a new data stewardship process, managing fine-grained access, and avoiding the proliferation of thousands of policies.

Booking.com’s modernization is a multifaceted project, spanning more than just data platforms.

“When I say modernization, I kind of think of it in three different ways: the tech/stack, the data, and the people,” said Stricks. It’s not just about incorporating a specific platform to move to the cloud, it’s about holistically revitalizing their technology to support a massive number of data users and customers. In this way, it’s also a “people” problem – ensuring proper data access for these users, driving better business decisions and an enhanced customer experience.

Booking.com’s Modernization Challenges

Modernization, however, is not always easy – one report found that 50% of organizations find it challenging to scale data modernization efforts. Teams often face numerous roadblocks, including cloud migration challenges, platform and architecture issues, and data governance challenges. Given the nature of their platform and user base, Booking.com faced additional modernization challenges, including:

1. Business complexity: Booking.com operates a global platform with a two-sided marketplace, involving both travelers and hotel, airline, and attraction partners. This setup creates unique data challenges, as they need to ensure that both user types – customers and partners – are able to access or receive critical information from their data assets. This requires unifying both marketplaces without compromising data security and privacy.
2. A sizable data footprint: The team needs to manage data from millions of active users across the globe for analytics and modeling purposes. In turn, this data must be available in a timely manner to thousands of data engineers, ML engineers, data scientists, and analysts, creating a highly complex data ecosystem.
3. Technical infrastructure challenges: Booking.com’s existing technical infrastructure was by no means simple. It was built to support a wide range of use cases – from analytics and machine learning to geospatial data analysis – in order to best serve internal users and external partners and customers. Any modernization effort needed to support this existing infrastructure, without breaking or hampering it, and negatively impacting user experience.

Booking.com’s Keys to Addressing Data Challenges

Faced with these challenges, Booking.com sought solutions that could further their modernization efforts while protecting data across a large, multifaceted cloud data infrastructure. By leveraging Immuta in conjunction with Snowflake and Amazon S3, Booking.com gained important new capabilities that are key to modernization efforts. These include:

Data Access and Stewardship

Booking.com leverages Immuta as a centralized location for policy authoring, implementation, and maintenance. In Immuta, the team creates and enforces plain-language policies across business units and cloud platforms in order to govern sensitive data.

The team matched these technological capabilities with a large organizational emphasis on data stewardship.

“We started introducing stewardship and ownership as a foundational piece of this whole thing,” said Stricks. “‘Who owns these tables?’ If you don’t know who owns it, you gotta go figure out who owns it.”

We started introducing stewardship and ownership as a foundational piece of this whole thing...If you don't know who owns it, you gotta go figure out who owns it.”

Jay Stricks, Group Product Manager, Booking.com

This tackles the “human” side of modernization, as user participation is just as important as technological evolution.

They also introduced user roles like business and technical stewards into the organizational structure. Business stewards focus on the data’s business context and how to tie it to company initiatives, while technical stewards are responsible for aspects like data quality and cadence. By ingraining ownership into their culture, Booking.com makes it easier to distribute responsibilities across teams and regions, instead of entirely centralizing them.

Fine-Grained Access Controls

To further secure and streamline data access, Booking.com incorporated fine-grained access controls into their data management strategy. Capabilities like row filtering and column masking added an extra layer of security to their data access management, enabling more granular decision making for a larger range of users and use cases.

Booking.com also leveraged Immuta’s attribute-based access control (ABAC) policies, using various contextual user attributes to match users with their Okta and Snowflake identities, and grant or deny access accordingly.

“Since we could connect Okta and Immuta, we know who the identities of these people are, and…we could ascertain that they need to access specific data sets,” said Nedev. This additional context ensures that only the appropriate users access specific data sets, protecting sensitive information from unauthorized access.

This tackles the “human” side of modernization, as user participation is just as important as technological evolution. They also introduced user roles like business and technical stewards into the organizational structure. Business stewards focus on the data’s business context and how to tie it to company initiatives, while technical stewards are responsible for aspects like data quality and cadence. By ingraining ownership into their culture, Booking.com makes it easier to distribute responsibilities across teams and regions, instead of entirely centralizing them. Fine-Grained Access Controls To further secure and streamline data access, Booking.com incorporated fine-grained access controls into their data management strategy. Capabilities like row filtering and column masking added an extra layer of security to their data access management, enabling more granular decision making for a larger range of users and use cases. Booking.com also leveraged Immuta’s attribute-based access control (ABAC) policies, using various contextual user attributes to match users with their Okta and Snowflake identities, and grant or deny access accordingly. “Since we could connect Okta and Immuta, we know who the identities of these people are, and…we could ascertain that they need to access specific data sets,” said Nedev. This additional context ensures that only the appropriate users access specific data sets, protecting sensitive information from unauthorized access.

Dimitar Nedev, Principal Data Engineer, Booking.com

Dynamic controls help the Booking.com team manage its large data footprint with scalable, sensible policies. These controls are written, implemented, and managed through the centralized Immuta Data Security Platform, and applied at the object-, row-, and column-level across the platforms and tools in their ecosystem.

Automation and Scalability

Immuta’s native integration with Snowflake enables Booking.com with a robust data storage and security foundation that can scale at the speed of their business without overwhelming their stewards or users.

By automating sensitive data discovery, tagging, classification, and policy application with Immuta, the team has significantly reduced manual overhead. Users easily apply global policies and specific rules for data access, removing access bottlenecks and reducing the access grant burden on data stewards.

“Immuta has calculated what access I should have based on tags or any other policies we’ve created,” said Nedev. “And it says your role is now authorized to read [and] write these objects. It can similarly say ‘these users can access restricted columns if needed.’ And, all can be done on the user level…we are not part of the chain at all.”

Immuta has calculated what access I should have based on tags or any other policies we've created, and it says your role is now authorized to read [and] write these objects. It can similarly say ‘these users can access restricted columns if needed.’ And, all can be done on the user level…we are not part of the chain at all.”

Dimitar Nedev, Principal Data Engineer, Booking.com

Immuta removes the data steward’s manual work, as access decisions are automatically made based on user and data attributes. This sets Booking.com up to scale, without the burden of manual policy creation, maintenance, and access grants – all of which can be set up and managed through Immuta.

Ultimately, these capabilities enable Booking.com to focus on solving analytics problems and driving business value, rather than managing complex access control frameworks that cannot scale.

The Impact of Streamlined Data Governance and Management

By focusing on these key capabilities, the Booking.com team minimized manual access management and modernized its data ecosystem in a scalable and secure manner. This drove results like:

• Streamlined and simplified access: Creating a simplified process for data stewards to manage and automate access requests through a unified interface made data access faster and more efficient.
• Automation and efficiency: Automating data discovery, classification, tagging, and policy application allowed the team to reduce manual overhead.
• Increased productivity: Enabled data scientists and analysts to concentrate on analytics rather than data access issues.
• Enhanced governance: Ensuring compliance with strict compliance laws and regulations through automated and enforceable data access policies.

To learn more about how Immuta and Snowflake future-proof data modernization efforts, request a demo from our team.