Transforming Business Data Governance and Management

Eliminate the complexity and IT cost of managing data access and security while enabling the business to get the data they need faster.

How data-driven organizations manage and govern access to data matters. It means the difference between getting data quickly and efficiently or a wasteful time sink.

Explore a new strategy for managing and governing data access, starting with the role of data stewardship. As you will see, this strategy will dramatically impact businesses and how they operate.

Role for Data Stewards

Today’s data stewards are at the heart of data governance. They provide the day-to-day management for data in their organizations. And as a business function, they represent data owners. 

A key part of data stewardship is defining policies for data access, usage, provenance, retention, and archival for their relevant business areas. To be clear, in some cases, this may be done in conjunction with data governance personnel. Regardless of how policies are created, with appropriate data literacy education, data stewards know data, including the range of risks, both acceptable and those that require immediate attention. Policies for access, security, and privacy are a particularly important stewardship function. They describe when team members should or shouldn’t be granted access to data and how they are allowed to see that data. This includes approval and security requirements. 

Managing Data Access

Unfortunately, the granting of data access remains a complicated function shared between identified representatives of data owners and IT (infrastructure and security). This process slows self-service BI in most organizations. Providing access to data—or turning the switch as some experts put it—requires an in-depth understanding of each data system an organization utilizes. This friction-filled scenario between seemingly opposing forces represents the dual mandate, balancing data democratization with data security to maximize business insights while ensuring privacy and compliance.

So how is data access managed today? Business users need to identify and find the data they need to access. They then create service-management tickets, such as Jira, to request access to the data. Because there is no context to the ticket, the receiver of the ticket then manually needs to find and route the ticket to the appropriate representative of the data owner. With their approval, IT or people with the right skills for each data-system access are requested to manually add the user to the access list. This takes time that digital businesses do not have. This increasingly antiquated process is fraught with unnecessary complexity, including alarming regularity with which requests fall through the cracks. Wasted time, resources, and business opportunities.

Additionally, this approach is costly with the volume of data-request tickets that need to be managed by the business and IT. And once there is business approval, access is manually provisioned on a system-by-system basis with all data systems being different. It is highly inefficient to manage access to data on an account-by-account, workspace-by-workspace, or instance-by-instance basis often involving different IT experts. And this problem only compounds as data and datasets expand at a geometric rate. 

A Better Way Forward

Is there a better way forward? A more effective model for data access, usage, and governance starts with organizations discovering sensitive data across their organization and then protecting that data against unauthorized release in a common, unified manner across their diverse data estate. The optimal path forward involves data engineers and emerging technical data stewards connecting data to data domains. With this, data stewards acting on behalf of data owners create business-oriented data domains and manage the last mile of data stewardship and governed data sharing by provisioning data access for business users. 

Privacera’s latest innovation with Governed Data Stewardship, built on our industry-leading Unified Data Security Platform empowers organizations to build a common data access and security platform across their diverse data estates. Governed Data Stewardship enables organizations to federate data stewardship to manage data domains and handle day-to-day access and sharing requests. 

This moves data access control closer to where the data is best understood and consumed.  Instead of using a non-context aware service-management ticketing and waiting for data custodians and IT to respond, data consumers can go to data stewards who can quickly, and in many cases, automatically provision data for sanctioned uses.

Additionally, for organizations needing more complex workflows, they can utilize Privacera’s published APIs to integrate with existing workflow platforms in your enterprise such as ServiceNow. When users request access to data in their catalogs, a workflow can be kicked off in the workflow system. The final step of creating the controls in the database can be automated via the API call into Privacera. 

Retailer Example

Privacera helped an enterprise-scale retailer with a complex environment. The retailer needed a better way to manage data. They had more than 40 workspaces and over 60,000 tables. There were over 20 data analytics teams all attempting to use the data. This customer needed to: 

• Reduce complexity
• Decrease cost
• Increase data security
• Reduce data risk, including personal identifiable information (PII)/protected health information (PHI) exposure

With the above approach, the customer organized data for the business. They created approximately 60 business data domains/sets. With this, data consumers were able to shop and request access to data domain/set. And best of all, a single data steward managed requests from this point forward.

Business Impacts

Clearly, while cost savings matters, there needs to be concrete business impact to invest in a governed data stewardship strategy. The governed data stewardship approach provides four tangible benefits clearly justifying long-term investment.

1. Eliminates IT Data Bottlenecks: The business gets data faster. This is accomplished by reducing data provisioning time. At the same time, it eliminates time-consuming work managing data access.
2. Reduces IT Costs: The complexity and cost of managing data access is significantly reduced, and in some areas eliminated, through automation, process improvement, reduced operational costs, and reduced compute and storage costs. This also eliminates manual IT processes and reduces IT workload.
3. Empowers Business Agility: Much has been written about the need to industrialize data products and create faster time to insight. This enables data stewards who know the data and the context to manage access at the speed of business. This reduces time to insights by onboarding data and users faster. At the same time, it makes data more accessible and easier to manage.
   
   This supports the move to self-service business intelligence (BI). It is important to remember that how organizations distribute data enables them to better manage through tough economic times. Given that self-service is about enabling business users to directly discover data they need for their jobs, access acceleration means business users get access faster, and this has direct consequences to a company’s top and bottom lines.
4. Improves Security Posture: Governed data stewardship ensures data is being used for the right purpose. At the same time, it can eliminate data proliferation and centralizes auditing. This moves the management of data to data stewards who understand the data risks for their function and business area. This act simultaneously provides greater data access and security.

See Governed Data Stewardship in Action

See the latest innovations from Privacera, talk to our product experts, and see what governed data stewardship can do for your enterprise. Schedule your demo here.