Mimicked data in local dev environments for maximum security
< 1 Hour
Time to spin up a subsetted dataset for dev and testing
Code releases per day
July 5, 2022
Kin Insurance Speeds Growth With Fast, Secure Data Access From Tonic
Kin developers now go through Tonic.ai to generate only the data subsets they need to fix bugs or build the features that customers want.
The Kin Challenge
Data security protections led to delays in development
With a successful series C funding round behind them and an eye on an IPO in the future, Kin Insurance had to balance growth pressure with customer satisfaction.
Kin represents a fresh approach to homeowner’s insurance, with no physical presence and intelligent customer targeting. Through lower fixed costs and intelligent customization, Kin promises homeowners the ability to secure better tailored and lower priced insurance.
This approach fueled rapid growth, investor confidence and high customer satisfaction ratings. However, keeping that growth on track took a great deal of development and testing. At the same time, Kin needed to answer tough investor questions about how they were protecting the PII (personal identifying information) of their customers.
To address security concerns, only a few individuals were granted access to the production database. Engineers were matched up with their access partner and were given only read access to the data.
This setup quickly led to their first challenge as it was a significant security risk every time engineers had to build features or fix bugs. They would have to first request, then move sensitive customer data in their own local dev environments. The second challenge was the productivity sink of all this complexity. Time was lost in requesting read-only access to the data, then waiting on the download of very large datasets.
Company laptops would run out of disk space after 3-4 hours of downloading and the whole process would have to start over. Sometimes downloads would need to be done overnight or after the customer service reps had left for the day.
“We are very much a ‘Let’s deploy as quickly as possible’ company. Accessing data took so long that developers didn’t want to do it. Tonic changed that out of the gate. We used to have to load tables overnight sometimes. Now Tonic can kick off a database that anyone can pull down in an hour or less.” Stephen Wooten, Co-Founder & Director of Engineering at Kin Insurance
Engineers found workarounds such as asking for just a snippet of the code or asking those who already had access to do the work.
This was clearly not sustainable. Kin needed a better process in order to grow the team by 3X as planned. They called on Tonic for help in solving their two biggest problems at once: faster data access and tighter security.
The Kin Solution
Tonic streamlines and automates processes to eliminate complexity
Kin solved their problems with two large-scale and interrelated project plans. First, they brought in Tonic’s experts in data management to subset the database and address security concerns. Second, they migrated from Heroku to AWS.
“The two main reasons why we wanted to use Tonic were: 1) to scrub any PII from the system; and 2) so engineers didn’t require access to the entire database for development and testing. Some of our tables are really big and you don’t need the entire dataset to do what you need to do.” Stephen Wooten, Co-Founder & Director of Engineering at Kin Insurance
AWS lowered their costs by about the cost of an Ops hire and simultaneously upgraded their data security profile.
As part of their new AWS setup, Kin’s production database was completely sealed off from development. That security upgrade made investors happy and also set the stage for tighter scrutiny in the future as they evolve toward an IPO.
For these changes to work, every single service had to have its own user and own permissions so their processes had to be completely redesigned from scratch.
Tonic was essential as developers had to work with mimicked data that perfectly represented the variety and volume of production DB, including differential privacy to protect against re-identification of individuals in outlier data.
Kin developers now go through Tonic to generate only the data subsets they need to fix bugs or build the features that customers want.
QA uses that same dataset to verify that code release will work in production exactly as they did in the sandbox. No more uncertainty over partially updated records. No more hotfixes on the fly.
Kin is now looking at how to expand their use of Tonic in areas like automation, schema change alerts and API integrations.
For external stakeholders, all of these changes add up to a vision of Kin as a highly secure, responsive, and efficient insurance tech firm that is well-positioned to handle its next phase of explosive growth.
“Before Tonic, there was a risk of sensitive data leaking out because people had it on their laptops. For us, it was pretty important for both the Series C raise and as we look ahead to IPO that we needed to lock that down.Tonic gives us a level of comfort and security with our data management.” Stephen Wooten, Co-Founder & Director of Engineering at Kin Insurance
More case studies like this one
iTedium lowers cloud costs while beefing up data security with Tonic