Bernhard Schäfer
Bernhard is a Senior Data Scientist at Merck with a PhD in deep learning and over 7 years of experience in applying data science and data engineering within different industries. For more information you can connect with him on LinkedIn. 🙂
Session
A data scientist builds a Streamlit or Dash prototype, the business wants to validate it, and the hard parts begin: getting access to live data, making the app available company-wide, and ensuring every user only sees what they are allowed to see. Following "best practices" turn a simple demo into weeks of platform work, leaving data scientists frustrated and blocking them from shipping apps to end users.
In this talk we will live-demo Merck's self-service app service we have developed and hardened over multiple years. It lets teams deploy Streamlit (and friends) in 3 minutes while meeting best practices like SSO, CI/CD, and governed data access control. The platform has become essential for Merck to ship data apps at scale: in 2025 it powered 750+ active apps reaching 8,000+ unique end users.
Under the hood, we show: how a use-case based access model enables scoped resource permissions so apps can safely access data on-behalf of the user. We also show starter templates that generate a deployable Git repo with example pages (e.g. Snowflake access or internal LLM chatbot). Finally, we cover the guardrails needed to operate this safely.
What you will learn: a cost-effective reference architecture based on AWS that you can adapt to your hyperscaler or platform, practical patterns for balancing the trade-off between central control and decentral freedom, and how templates and CI/CD help teams iterate quickly without compromising security or reliability.