Pentaho 11 is here. See what’s new in our most advanced release yet. Read the blog →
Scalable by design:
Products
Solutions
Industries
Learn and grow:
Resource Hub
Dive Deep
Support
Michael Donohue explores why modern AI demands a Golden Lakehouse, one that balances speed, trust, governance, and cost sustainability.
I want to share something I’ve been seeing over and over in the field, because it’s changing how executive teams talk about AI, analytics, and the data foundation underneath them. The conversation usually starts with energy: “We’re ready to scale AI and analytics.” Then it immediately gets real: “Our workloads are sensitive. Our data is regulated. We have chain-of-custody expectations. We can’t create audit exposure.” And lately there’s a third sentence that’s become just as predictable as the first two: “We need cost controls.”
That mix—mission speed, mission assurance, and financial discipline—is why I’ve been using a concept I call the Golden Lakehouse. It’s not a marketing flourish. It’s a way to describe what leaders are actually asking for: one environment where sensitive data can power AI and analytics safely, where trust is provable, and where scale doesn’t automatically mean runaway spend.
And I’ll be honest: this concept feels personal to me, because it’s rooted in Pentaho’s own history. Back in October 2010, James Dixon—Pentaho’s founder and former CTO—coined the term “data lake.” He described a large repository for storing data in its natural state, and he contrasted it with a data mart using a metaphor that still holds up: data marts are like bottled water—cleansed and packaged for easy consumption—while the data lake is a large body of water in a more natural state, where different users can examine it, dive in, or take samples.
That metaphor captured something important: optionality. Organizations wanted a place where data could land without forcing every future question into today’s schema. But the field learned the other half of the lesson the hard way: a lake without stewardship becomes a swamp. If the data isn’t discoverable, understood, governed, and measurable, you don’t get optionality—you get confusion, duplication, and risk.
The industry’s shift toward lakehouse architectures is essentially the ecosystem maturing. The lakehouse idea combines lake-scale flexibility with warehouse-like reliability so you can support BI, AI/ML, and mixed workloads without constantly copying data across separate systems. And it’s why layered refinement patterns like Bronze/Silver/Gold became common—because raw ingestion is fine, but it can’t be the end state. Those layers reflect a simple truth: data becomes more valuable—and safer to use—as you progressively add validation, context, and controls.
But here’s what I keep seeing: for sensitive and mission-critical environments, “lakehouse” still isn’t enough if it’s treated as a storage-and-compute story. These organizations don’t just need data to be usable. They need it to be defensible—and now they need it to be affordable at scale. That’s where the “Golden” in Golden Lakehouse comes in.
When I say “Golden,” I’m not talking about a folder name, tier, or dataset that’s popular. I’m talking about a trust standard you can defend under scrutiny. In most lakehouse conversations, “gold” means business-ready: curated, enriched, optimized for consumption. In the worlds I live in—government, financial services, healthcare, critical infrastructure—the bar is different. Leaders ask: Can we prove who accessed it and why? Can we prove what fed a report, an alert, or a model outcome? Can we show the quality is measured and improving? Can we keep the platform from becoming a cost escalator as volumes grow?
That’s why I frame Golden Lakehouse as a blend of four things that have to work together: security by design, intelligence across the lifecycle, governance that actually executes, and cost control that scales with AI. Security matters, but not the “lock everything down” kind. In fact, one of the most common mistakes I see is well‑intentioned: treating the entire enterprise like a vault. It feels safe on paper; in practice it breaks operations. When governance becomes a bottleneck, teams route around it. They export. They copy. They create “temporary” file shares and side pipelines that become permanent. That’s not a people problem. It’s an architecture problem.
The Golden Lakehouse is about safe speed—the ability to enable analytics and AI without forcing the organization into unsafe workarounds. It’s about creating tiers of trust and controlled pathways so sensitive data can be used, searched, analyzed, and shared appropriately, while still meeting audit and security expectations.
This is where chain of custody becomes the line in the sand. In my world, chain of custody is one of the clearest dividers between a “modern data platform” and a “mission-ready platform.” If data can become evidence—investigations, regulatory actions, clinical outcomes—you need to answer uncomfortable questions: who touched it, when, what changed, and what did it feed downstream? And you need to answer those questions in a way that holds up under scrutiny.
That’s not me being dramatic—that’s the direction frameworks have been pushing for years. NIST’s Audit and Accountability guidance is very practical about what defensibility requires: audit records should capture what happened, when and where it happened, the source and outcome, and the identity involved. It also emphasizes protecting audit information from unauthorized modification or deletion. NIST even calls out stronger protection options for audit trails, like writing them to hardware-enforced write-once media as an enhancement for integrity. And their guidance on log management reinforces a point I make to leaders all the time: logs aren’t “nice to have,” they’re part of your ability to investigate, prove, and respond.
You see similar integrity expectations in financial recordkeeping as well. SEC Rule 17a‑4 historically required certain broker-dealer records to be preserved in a non-rewriteable, non-erasable format (WORM), and later updates introduced an audit-trail alternative—different mechanics, same objective: integrity and reproducibility that stand up under examination.
And here’s the part that gets missed in a lot of generic “modern data” narratives: chain of custody often starts outside the digital world. It starts with wet-ink signatures, paper forms, physical archives, offsite storage. In sensitive programs, you sometimes need to connect that analog origin to digital truth in a way that is explicit and auditable—down to where a document is stored physically—so lineage is not tribal knowledge. That’s the kind of detail mission teams care about because that’s what defensibility looks like in real life, not in a reference architecture diagram.
Now, let’s talk about the newer executive mandate that’s showing up everywhere: cost control as AI scales. This is the shift I don’t think enough people are acknowledging. Leadership teams are not treating cost governance as “Phase 2” anymore. They want it built in. Because AI scale magnifies data gravity. You end up storing more, copying more, replicating more, and retaining more “just in case.” The organization starts paying to store and protect data that isn’t even being used.
This is where ROT becomes a board-level issue. ROT—Redundant, Obsolete, Trivial—describes duplicated, outdated, or low-value data that quietly fills storage, inflates governance effort, and expands security scope. In sensitive environments, ROT isn’t just waste; it’s unnecessary surface area. It’s more to secure, more to govern, and more to potentially produce later.
So when I talk about Golden Lakehouse, cost control isn’t an add-on topic—it’s part of the trust story. A platform that can’t manage its lifecycle will eventually become financially and operationally unsustainable, no matter how advanced the analytics look on day one.
This is where Pentaho fits for me—not as “a tool list,” but as the enabling intelligence layer that turns the lakehouse concept into something you can actually operate in sensitive environments. The Golden Lakehouse is an operating model. Pentaho is what makes that model practical across hybrid estates without pretending you’ll rip and replace everything.
Pentaho Data Catalog is how you make the lake knowable: automated discovery and classification across structured and unstructured assets, business context, and a marketplace-style experience so people can find the right data for the right purpose. Lineage matters for defensibility, and Pentaho’s support for OpenLineage aligns to an open framework for collecting lineage metadata across jobs, runs, and datasets—especially important when your environment isn’t one tool and one stack.
Pentaho Data Quality is how you make trust measurable: profiling, anomaly detection, rules, and quality scoring so you can show improvement over time rather than relying on “we think it’s clean.” Pentaho Data Integration is how you keep movement governed: visual orchestration to ingest, blend, transform, and deliver data across hybrid environments, instead of letting pipelines proliferate into chaos. And Pentaho Business Analytics is how you keep consumption governed: dashboards and reporting that reduce the pressure for uncontrolled exports and shadow reporting ecosystems.
Then there’s the piece executive teams are increasingly asking for explicitly: Pentaho Data Optimizer. This is how you bring lifecycle cost governance into the operating model—understanding access patterns and relevance, identifying ROT, and enabling controlled lifecycle actions like tiering, moving, purging, and rehydrating in a traceable way. This is the difference between “we have a storage bill problem” and “we have an ongoing cost discipline.”
Put all of that together and you get what I mean by “Golden”: data you can find, trust, govern, defend, and afford at scale. It’s not a promise. It’s a set of behaviors you can operationalize.
When organizations take this approach, I see the executive conversation shift in a way that’s hard to miss. It moves from “Can we do this safely?” to “How fast can we do this responsibly?” That’s the practical win: fewer unsafe workarounds, more defensible decisions, and an AI/analytics foundation that doesn’t become a budget and risk trap over time.
And this brings me back to where we started. James Dixon’s original data lake metaphor was right. The lake mattered because it preserved optionality at scale. But sensitive, mission-critical AI needs more than optionality. It needs a platform that behaves like a high-consequence system: auditable, defensible, governed, and financially sustainable.
That’s the Golden Lakehouse—the next chapter of the lake, built for the AI era.
Author
View All Articles
Featured
Simplifying Complex Data Workloads for Core Operations and...
Creating Data Operational Excellence: Combining Services + Technology...
Top Authors
Michael Donahue
Dr. Pragyansmita Nayak
Jessica Allen
Mauro Damo
Tim Tilson
Categories
Unpack why data fitness has become a prerequisite for AI success and how organizations can take practical steps to get there.
Learn More
Most organizations understand technical debt, but fewer recognize data debt.
Snowflake powers analytics at scale, but it won’t clean up zombie tables, stale datasets, or dark data that inflate costs and compliance risk. Pentaho Data Optimizer automates lifecycle management, enforces governance, and reduces spend — without breaking your dashboards.
Increase Innovation Investment Through Smarter Data and Storage Management