Data Privacy Governance for Multinational Organizations: A Challenge

BrandPost By Jayant Dani, Sameer Rane
Jan 31, 2020
Data PrivacyIT Leadership

istock 1092965132
Credit: metamorworks/istock

With an increased global digital footprint, meeting regulatory requirements and customer expectations for data privacy has become the new normal in today’s world. On one hand, for the purpose of giving more control to citizens over their own data, countries across the globe are either making their data protection regulations more stringent or creating new regulations. On the other hand, organizations have also realized the importance of ensuring privacy of customers’ data –  not just for compliance with data privacy regulations, but also to enhance customers’ trust and gain competitive edge.

With operations widely spread across geographies, it is often becoming a challenge for multinational organizations to meet data privacy requirements. Some underlying reasons for this include:

  • The varied and evolving nature of data protection regulations across geographies and countries
  • Data locality in multiple geographies
  • A lack of centralized monitoring for data privacy compliance and data governance

In parallel, organizations have started adopting cloud and agile cultures increasingly for flexible and high-quality delivery of customer-driven innovations. However, not all data can be quickly or easily moved to cloud. Therefore, most enterprises will need to simultaneously manage data privacy on-premise, in the cloud, and in hybrid (on-premise + cloud) architectures.

This blog post highlights some key aspects of data privacy management that organizations should adopt for such scenarios.

Key aspects of data privacy management

Enterprise data glossary: Be it business metadata or technical metadata, an organization should curate a digitized and centralized repository of metadata for consistent, secure, and efficient governance across data stores residing on-premise or in the cloud.

Sensitive data attribute discovery: Implement an automated solution to identify sensitive data in accordance to the applicable data protection regulations and map the same with relevant data protection policy. The solution should have built-in capabilities to easily reconfigure these policies in case of any change to the data privacy regulations or environment.

Policy-based data anonymization: Define data privacy policy for each geography in line with pertinent data protection regulations and digitize the policy for automated execution and monitoring.

Centralized monitoring with localized execution: Leverage an approach of centralized monitoring of the policy with localized policy processing of sensitive data, to address data privacy requirements pertaining to specific geography and data residency concerns. Cloud providers that enable hosting in multiple countries with secure channel for communication between on-premise and cloud data centers are a good fit in such scenario. In such a case, the data privacy solution should also have a capability to provision privacy-safe data by de-identifying sensitive data residing in on-premise, cloud, or hybrid architectures.

Role-based data access: In scenarios where access to the sensitive information is required for some specific business operations or function, organizations should ensure that access to such information is available only to authorized persons and managed via role-based methods.

Scalability with ease: The shorter deployment cycles of agile development methodology demands prompt availability of privacy-safe test data for development and testing. For this need, organizations should provide an automated solution which provisions said data within a short span of time and scales horizontally and seamlessly as needed.

TCS MasterCraftTM DataPlus and AWS

Addressing the above-mentioned aspects of data privacy management through automation is a key factor for a successful data privacy program in any enterprise. To address these aspects, TCS brings a domain-agnostic and integrated data management software, TCS MasterCraftTM DataPlus, which provides capabilities for centralized management of enterprise metadata, sensitive data attribute discovery, policy-based data anonymization for data at rest and in real-time, with lean governance around data privacy.

Backed up by 10+ years of research in data privacy, patented algorithms, and support for heterogeneous on-premise and cloud data sources, TCS MasterCraftTM DataPlus helps organizations effectively address data privacy requirements.

Figure 1 depicts an indicative approach of deploying TCS MasterCraftTM DataPlus for data privacy with cloud and hybrid data sources:

mcdp idg brandpost blog picture1

Figure 1: Typical deployment architecture of TCS MasterCraftTM DataPlus on cloud for Multinational Organization

The power of TCS MasterCraftTM DataPlus combined with AWS not only helps customers in meeting their data privacy goals, but also provides horizontal scalability for an agile data privacy program deployment. AWS functionalities such as EC2, RDS, S3, VPC, and CloudFormation along with TCS MasterCraftTM DataPlus enable organizations to provision privacy-safe data in a rapid and highly secure manner.

One recent customer example is a telecommunication service provider in Europe who uses TCS MasterCraftTM DataPlus to comply with data privacy requirements for provisioning privacy-safe test data in non-production environments. Their deployment landscape consists of multiple environments, applications, and datastores such as Oracle, MS SQL Server, and AWS S3. For this deployment, TCS MasterCraftTM DataPlus is deployed in a hybrid deployment architecture – where TCS MasterCraftTM DataPlus platform and one of the product’s data privacy services is installed on-premise and another data privacy service is installed in the customer AWS environment. This deployment enabled the customer to provision privacy-safe test data in an automated fashion with optimized infrastructure utilization and operations, driving improved and accelerated development outcomes, which translate directly into business results.


With growing adoption of agile practices and cloud at times competing with honoring varying requirements of stringent data protection regulations, organizations often must find and strike an optimum balance between data usability and data privacy. When considering these demands, organizations should look for an automated, flexible, scalable, and proven approach to power their data privacy programs.

Contact our TCS+AWS alliance team and start your own data privacy journey powered by TCS MasterCraftTM DataPlus and AWS.