New TDWI Report Finds Organizations Struggling to Close the Governance Gap When Enabling Self-Service Analytics
A new report from TDWI, titled Closing the Governance Gap: Enabling Governed Self-Service Analytics, found data governance and data protection are key to eliminating the conflicting forces that organizations face when trying to achieve agile data sharing without compromising compliance and privacy. Sponsored by cloud data governance and security leader Privacera, the report explains how organizations are looking to widen consumer access to a broader array of data assets to enable exploratory analysis, improve business decision-making, and perpetuate data democratization, but are challenged to do so to ensure data protection and compliance.
Marketing Technology News: Strata Introduces Identity Orchestration Platform for Multi-Clouds
As enterprises expand their data landscape, strategy, and architecture across an evolving mix of hybrid, multi-cloud, and on-premises platforms, data access has become particularly complicated. At the same time, organizations are increasingly concerned about leakage of sensitive data and need to define, deploy, and audit compliance with data access control policies.
The report also comments on the existence of- and resolution to- a data “governance gap” which is created when the individuals who are accountable for articulating and specifying data policies do not have enough knowledge of the systems to understand how policies are implemented. This includes the technologists who understand the system but are not familiar enough with data policy drivers to appropriately define and deploy data protection policies. To close this gap, TDWI recommends organizations apply the concept of Governed Data Sharing, which aligns the knowledge, skills, and competencies of the various personas involved in the process to effectively define, deploy, implement, and monitor compliance policies.
At the center of this idea is the concept of data assets, which are logical groupings of data spread across on-premises data sources and cloud services. In Governed Data Sharing, data assets are owned by the relevant functional organization, such as sales or marketing. Data consumers are able to browse through a catalog and request access to the relevant data assets. Owners of these assets have the flexibility to share the entire asset or carve out a subset of data for consumers with the confidence that their data will be used for authorized purposes by authorized personnel.
Marketing Technology News: MarTech Interview with Navdeep Saini, Co-founder and CEO at DistroScale
“The challenge for organizations is that the traditional approach to data protection and governance has involved the process of assigning privileges to individuals in order for them to access specific data assets,” said TDWI affiliate analyst David Loshin, and author of the report. “Clearly, this style is not sustainable, and enterprises can no longer view this as a process of defining rules that allow individuals to access specific data assets. This new Governed Data Sharing approach enables organizations to leverage data assets in a simplified and more effective way so they can get controlled access to the data needed without violating any of the policies that must remain in place to remain in compliance.”
To avoid falling victim to a governance gap, organizations need to first identify the different roles/personas in an organization and what their expectations and responsibilities are with respect to data democratization. TDWI explains how, collectively, these different personas are capable of defining, implementing, and enforcing data policies. However, due to the disparity between how policy drivers write access policies and how they are actually implemented, no single persona has the policy knowledge, technical expertise, and data awareness to deploy data policies.
“Privacera is in lock-step with the Governed Data Sharing approach and will be reflecting this methodology in future product development and subsequent releases,” said Balaji Ganesan, CEO and co-founder, Privacera. “By providing innovative data policy tools, we help ensure that the information data consumers receive is trusted, has all the applicable controls, and is ready to be utilized. At the same time, the data policy drivers and data owners are confident that processes are in place to prevent unauthorized use and risks of data leakage. Essentially, this enables all data stakeholders to operate within their own sphere of competence and responsibly leverage data to its full potential.”