PrivaceraCloud 4.0 Brings Governed Data Sharing from Concept to Reality

Written by Rajiv Dholakia and Vince Goveas

We are proud to announce the general availability of PrivaceraCloud 4.0. This new release  represents a fundamental shift in how companies share data internally and externally with business partners to become more agile 

To drive latency out of the analytics process, PrivaceraCloud 4.0 introduces a new data sharing approach called Governed Data Sharing–that aligns the components of data access governance with the relevant competencies of the personas involved in the analytics process to enable faster access to authorized data without compromising data compliance and privacy. Governed Data Sharing enables a distributed data governance model that delivers a new level of efficiency to accelerate analytical initiatives by grouping functional data–such as sales, marketing, finance, and more–into Data Domains. For example, a Marketing Domain may consist of data sets related to customer/ CRM, campaign, website traffic, or 3rd party demographics data stored in different cloud services.

Friction in the Self-Service Analytics Process

Customers have told us repeatedly that their analytics process is fractured which makes sharing data internally and with business partners an inefficient process that can’t keep up with the pace of business. The persistent challenge that prevents effective internal and external data sharing is the misalignment between the agendas and functional expertise of the various personas involved in the analytics process.  

The data ecosystem in any organization is composed of data access policies, the data on which these policies operate, and the wide range of tools and technology used to automate the creation, application, and management of data access governance policies. In general, the personas that have a stake in how data is managed and accessed can be organized into:

• Policy drivers: Members of centralized governance boards and chief privacy officers, understand privacy regulations and policies very well, but not how these policies are implemented in IT systems or how data is used to make business decisions. 

• Policy implementers: Enterprise and data architects in IT, are experts in systems and implementation, but they don’t have a good understanding of privacy regulations or data’s impact on business decisions. 

• Data consumers: Data scientists and business analysts are well versed in how data can be used to drive business decisions and gauge organizational performance, but they lack an understanding of privacy regulations and system implementation. 

As a result, enterprises struggle to construct data governance ecosystems that facilitate authorized access to data, enable compliance with privacy and industry regulations and can keep pace with the business’s need to share data internally and externally. 

The biggest bottleneck in this process is the traditional data governance models that consolidate the definition and enforcement of access policies in the IT organization. The fact that all the requests to access data are routed to IT places a heavy operational burden on this organization. Traditionally, these over-tasked resources have been responsible for managing access requests from business users. However, the task is made even more complex, due to the growing number of cloud services, each of which has a unique mechanism of defining and administering access control policies. In the absence of a solution that unifies and automates the authorization process, IT gets inundated with access requests for which it lacks the context and the criteria needed to act on these requests. At the same time, this is a frustrating scenario for data scientists and analysts who now have to wait for days or weeks for IT to get the data owner’s approval while their productivity suffers. 

Building Data Domains is Key to Sharing Data

The use of Data Domains alleviates the operational burden on IT by putting data owners in direct contact with data consumers to manage access requests, thereby greatly improving collaboration, flexibility and responsiveness. Since IT is most familiar with the mechanics of the cloud services used across organizations, it is responsible for organizing functional data stored in cloud and on-premises services into Data Domains. At the same time, access policies are automatically applied to data sets inside Data Domains. The unique thing about Data Domains is that, although they are created by IT, they are owned by personnel with the most knowledge of that functional area. The “data owner” of a particular functional Data Domain are leaders in the relevant line of business, such as the VP of Sales, Marketing or Finance. Data owners can create shared data sets within Data Domains and make them discoverable by others in the company. PrivaceraCloud 4.0 provides each line of business the flexibility to control the distribution and consumption of their data, greatly improving data fluidity and utilization in the organization.

Data consumers, such as data scientists or business analysts, are now able to browse through an inventory of data sets organized within a Data Domain. They can request access to the relevant data sets from the data owner by providing a justification. For example, in the above exhibit, financial analysts can search and request the relevant sales, customer, and finance data with the justification that they need it for a revenue projection project. Data Domain owners have the context and confidence that data will be used for authorized purposes by authorized personnel. Data scientists and analysts can be more productive because they can now subscribe to the desired data sets within Data Domains for which they receive automatic notifications, rather than manually searching for data sets across on-prem and cloud services.

At the same time, IT no longer manages the hundreds of access requests from data consumers. The task of requesting and granting access to a data set is now a simple interaction between data owners and data consumers, which can be accomplished with a click of a mouse. Since IT understands systems and knows about implementation details, in our framework, IT continues to maintain oversight of the data access governance platform to get visibility into all user activity, ensure auditability of the access control policies, and proactively bring any compliance violations to the attention of internal auditors.

Governed Data Sharing in Action

Let’s look at Governed Data Sharing in PrivaceraCloud 4.0 in action. The process revolves around the interaction between Bruce, who owns the Data Domain called Customer Experience, and Eve, a business analyst working on a project that involves analyzing customer data.

Governed Data Sharing aligns the personas involved in the data and analytics ecosystem with their areas of expertise. The policy drivers build overall corporate governance policies and communicate them to IT and lines of business. Data policy implementers or IT select and deploy the platform to implement those policies. IT continues to maintain oversight of the data governance platform to get visibility into all user activity, ensure auditability of the access control policies, and proactively bring any compliance violations to the attention of internal auditors.

At the same time, data consumers get faster turnaround to their requests to access the data assets they need to do their job, as these requests are now routed to data owners and/or data stewards within lines of business. 

See PrivaceraCloud 4.0 in action! Visit our booth and session at the CDAO Fall Virtual from October 12-14, and then join us on October 29th to hear industry expert Robert S. Seiner, President & Principal at KIK Consulting & Educational Services talk about modern approaches to enabling faster access to enterprise data during our Fireside Chat.