You’ve made the leap to external authorization to manage access to your large datasets, but now you're dealing with complex policy issues. In this talk, we will demonstrate how to simplify policy management, optimize retrieval via a combination of data and authorization filters, and ensure that only permissible data are fetched. Using practical examples from a SQL database (but the approach is agnostic), we will explain how to tackle partial evaluation of policies and offload authorization logic into auditable, version-controlled statements. You will level up your database performance, increase the security of your systems, and improve the efficiency of your data retrieval.