Data security and data governance

New Gold

Data Governance

As mentioned earlier, data governance is more than just data protection and is best defined as an umbrella term covering various functions of protecting and controlling data and data usage. Two other important functional areas in addition to data security are:

  • Privacy management for handling information that falls under the scope of the GDPR. Like the entire topic of data management, it is no longer just about structured data, but also about unstructured data that needs to be analyzed, managed, and protected.
  • Data governance and risk is a sub-area that focuses on concrete metrics and control functions that can be used to monitor and improve compliance with defined rules for handling data. On the one hand, this sphere includes regulations in the area of data protection such as the GDPR; on the other hand, it encompasses other requirements for handling sensitive information, as well as internal rules for handling and protecting particularly critical and valuable data. Such tools typically dovetail with IT governance, risk, and compliance (GRC) products to deliver data into a higher level of risk management.

A good strategy for data governance is always built on integration of the specific functions with data security, as well as the underlying metadata management and data catalogs.

Flexibility and Coordination

Perhaps the biggest challenge in implementing a data fabric – and in sub-areas such as metadata management or data governance – is that people work with data everywhere in organizations. The multiple areas of use and numerous stakeholders make it difficult to avoid a proliferation of initiatives and technical approaches.

However, precisely here, well-thought-out and comprehensive approaches can help, including an architecture with associated operating models (e.g., target operating models, TOMs) for the data fabric and service-oriented approaches for providing the technical implementation. Experience shows that very few divisions in the corporate environment actually want to implement their own tools if they can turn to a functionally useful service with a suitable operating model. In other words, with a correctly implemented data fabric as an internal service, a corporation has a good chance of containing a significant amount of undesirable growth.

Communication is important so that the different divisions in the company know which services are available. Because the users and areas involved come from both IT and business, advisory support is required on top of technical services. In many cases, today's tools in the wider data management environment support functions for collaboration; assessing data usability; and collaboration among users, data stewards, and administrative and technical users.

Conclusions

The importance of data security means corporations need to move away from isolated, incomplete tools that are expensive, often fail to cover important security and data governance requirements, or do not do a complete job of providing coverage. An additional consideration is that continually introducing new local solutions simply takes too much time. However, solutions must also serve the quite different requirements of stakeholders from business, IT security, data protection, and other areas.

To deal with data efficiently and effectively, corporations need a strategy in which a holistic view of the required elements (e.g., a data fabric) plays a central role. Individual approaches in the area of analysis are not enough. IT managers need to implement both the foundations with metadata management and data catalogs and the interdisciplinary functions of data governance and data security correctly to be able to work optimally with data and generate the desired added value.

The Author

Martin Kuppinger is the founder and Principal Analyst of KuppingerCole Analysts AG.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy ADMIN Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

comments powered by Disqus