As more data migrates to the cloud, driven by the cloud’s near-infinite scale and horsepower, it’s imperative that enterprise data governance models evolve in step. IT and business leaders need up-to-date policies to protect data as it moves back and forth among different repositories and to accommodate changing privacy and data security regulations about where data can be stored.
Both good data and a good amount of data are necessary for the real-time analytics and machine learning (ML) enterprises require to help them improve decisions and automate operations. That’s why it’s essential to gain complete data visibility across different types of data stores, with unified governance and security policies to match.
Achieving a modern governance model requires proper balance between protecting the data while making it accessible to the people who need it.
“A common mistake we’ve seen is that organizations end up creating overly rigid governance scenarios, where the central teams become a bottleneck to the lines of business trying to work with data to improve the business,” says Rahul Pathak, Vice President for Analytics at AWS. “The key to good governance is figuring out how to define access, then getting out of the way. By that I mean creating exception processes, rather than taking an approach that anytime you need data, you have to ask someone in a central organization for it.”
Pathak shared other key components of a modern data governance framework:
- Mapping between entities and the resources those entities can access. Match access control policies to the people, applications, and servers anywhere in the distributed environment that have permission to act on that data. “One of the benefits of doing this in the cloud is that you can track all these interactions,” says Pathak.
- Adoption of a zero-trust security model. Zero trust applies the “least privilege” concept to protect data by assigning permissions based on the minimum access required for individuals and applications to perform their roles successfully.
- A central mechanism for tracking data and managing security and governance. For example, AWS provides a data catalog that automatically discovers, tags, and catalogs data and provides an easy way to centrally define and manage security, governance, and auditing policies—all in one place. “This enables organizations to provide fine-grained data access to legitimate users and effectively meet their regulatory governance and compliance requirements,” says Pathak.
- Geographical compliance. Governmental privacy regulations often have rules about where customer information can and can’t be stored. Make sure you and any cloud providers you use have a way to control where data physically resides, since the cloud uses virtual machines that could theoretically be anywhere. AWS, for example, operates in multiple regions and “data doesn’t move between regions unless the customer asks or takes an action,” says Pathak. “That decision is in the customer’s hands.” Creating and maintaining a compliance database can help on this score. Mapping out digital compliance standards by country creates a clear, active structure for compliance.
Organizations are increasingly required to comply with government, regulatory, and internal policies. Practically speaking, better data governance helps avoid potential violation fines and penalties. Just as important is achieving a modern governance model that protects the data while making it accessible to the people who need it to drive the business forward.
Learn more about ways to reinvent your business with data.