As companies progress with digital transformation and migrate to the cloud, data governance and access control become paramount to success. Implementing data access controls manually is inefficient and impractical, driving the need for an automated governance solution.
During our webinar last week, Privacera, GigaOm, and Comcast discussed challenges faced by IT data infrastructure and platform teams. The webinar featured guest speakers GigaOm Analyst Andrew Brust, Senior Principal Architect from Comcast, Barbara Eckman, and our own Balaji Ganesan, CEO & Co-Founder of Privacera, a leader in data security and governance solutions.
Continue reading for highlights from the topics discussed.
Evolution of Data Governance
Andrew kicked off the webinar by discussing how data governance has evolved past traditional techniques, such as master data management (MDM). As enterprises migrate to the cloud, data governance in multi and hybrid clouds becomes increasingly challenging. At the same time, privacy and industry regulations are becoming more stringent. These two opposing forces compel enterprises to take a hard look at data governance. The panelists discussed how the diversity of enterprise data will continue to rise, as streaming and time-series data is expected to play a greater role among the types of data companies process and analyze. The panelists agreed that, given the complexity of data sources, access control requirements across all the available data sources are simply too vast and require a comprehensive and automated data governance framework.
Dual Mandate of IT Teams
Balaji led the discussion on challenges IT teams face in balancing the demand to make data widely and easily available to data analysts, and data scientists, while still complying with privacy regulations, internal contracts, and best practices. The panelists covered how to address this dual mandate, discussing why enterprises need visibility into data as soon as it lands into storage, then how to leverage that insight to build access control policies that govern the use of data across the enterprise. The expert speakers advised enterprises to think proactively about data governance and to do so early in the process of cloud migration, rather than as an afterthought.
Limitation of Native Cloud Platforms’ Security Features
Barbara shared her thoughts on security features offered by public cloud providers as part of their respective platforms. As enterprises implement hybrid and multi-cloud architectures, it becomes challenging to use these cloud provider specific features across all the data that resides across various on-premises data lakes and cloud and third-party services. Panelists emphasized the importance of managing data agnostically, using a framework that spans across all on-premises and cloud data sources to avoid having all their data locked in one public cloud and to achieve the flexibility of using best-of-breed services, including from third-party cloud providers.
Role of Data Classification in Driving Access Policies
As a best practice, speakers pointed out that the effectiveness of tag-based policies and the ability to classify data. For example, companies can now build policies to provide users access to data that has been classified or tagged as personally identifiable. Panelists agreed the propagation of tags can play an important role in seamlessly enforcing access policies.