capability to create an information resource that can be trusted by employees, partners, and customers, as well as government organizations
Security & Governance
potentially the most critical of the pillars of data management
all data that can be uniquely tied to an individual are removed (ex: person's name, soc sec num, credit card number) - not always easily done
protects sensitive data by replacing it with random tokens or alias values that mean nothing to someone who gains unauthorized access to this data - is argued that it's more secure than encryption
cloud database controls
access controls are built into the database to protect the whole database sot that each piece of data doesn't need to be encrypted
cloud database controls
visibility - be aware of how the data will be used and controlled unvetted employees - trust of those working with the data
two key issues to consider in regards to data governance
ANY or ALL data
______ that will be ultimately be stored or embedded in organizational processes must be covered by some sort of governance policies
restrictions on the use of data - the organization has first say in how I can use their data
issue with data governance regarding seeing the data as it transforms - everything that happens to the data must be tracked - not all data access is always under the control of the org - all parties with access to the data should be able to track & share all movement & comply with the org's governance policies
unvetted employees (without background checks)
issue with data governance dealing with security threats coming from within an org - background checks - education on governance policies helps
a way to show logs or other evidence that the data you are using is secure and clean - explain the sources of that data & minimize the risk to the company
creating data managament policies (can be put in place before any data has arrived - don't change much with big vs traditional data)
the "first" step in the organizational structure process
one who needs to understand the company's data retention policy as well as the requirements for masking out personal data no matter where that data originates - the one who is tasked with data management oversight
determine best practices
compare policies w/self & others policy concerning length of time to hold on to info?
importance of data being brought in
some of the key elements that need to be codified to protect your organization in regards to governance
what's already in place?
compare w/others in industry? your policies complete?
policies reflect data quality, trust, security, & risk issues?
key elements of data policies
what's your current approach to data security?
what're your data access policies? what're your vulnerablities?
are you secure from external intruders? how is encryption handled?
does your software monitor questionable transactions? are you in control of all data resources?
what're your recovery plans?
questions to consider in developing a well-governed and secure big data environment