Categories
erwin Expert Blog

What’s the State of Data Governance and Empowerment in 2021?

erwin by Quest just released the “2021 State of Data Governance and Empowerment” report. Building on prior research, we worked with Enterprise Strategy Group (ESG) to understand how organizations are defining, adopting and prioritizing data governance, as well as examine the current drivers and challenges of governing data through its lifecycle and integration points.

It’s safe to say that the world looks a lot different than it did just 15 months ago. Today, data needs to fuel rapid decisions that make an organization more effective, customer-centric and competitive. That was true before COVID-19, and it’s even more important in the face of the radical disruption it’s caused.

As a matter of fact, according to the report, 84% of organizations believe their data represents the best opportunity for gaining a competitive advantage during the next 12 to 24 months.

This past year also saw a major shift as the silos between data governance, data operations and data protection diminished, with enterprises seeking to understand their data and the systems they use and secure to empower smarter decision-making.

Highlighting this shift, 82% of organizations have mostly, if not completely, aligned their data governance and data protection strategies, with 55% of survey respondents citing “data protection” as the term they most closely associate with data governance. Additionally, 85% monitor their databases and other data systems as part of their data governance programs. Furthermore, nearly three-quarters reported a need to dramatically improve data infrastructure.

Data Governance Strategy

What else did we learn?

Data Governance Definition Varies

There is still no consensus on how to define data governance. When asked for a definition, the two most popular responses were:

  • Building a set of policies that governs data.
  • Ensuring data usage follows defined rules.

While neither of these answers are wrong, they continue to illustrate that there’s no standard definition.

At erwin, we define data governance as helping organizations establish a sound yet flexible framework for awareness of and access to available data assets, guidance on their use, and guardrails to ensure data policies and best practices are followed.

A New Level of Maturity

When asked “how mature is your data governance program/what stage are you in,” 42% of organizations said they’ve fully implemented data governance.

That’s in sharp contrast to our last study that showed 38% of data governance programs were a work in progress and 31% were just getting started.

So it appears that enterprise data governance programs have indeed reached a new level of maturity, but the majority (58%) say their data governance programs are evolving. However, if we’ve learned anything, isn’t it that data governance is an ever-evolving, ever-changing tenet of modern business?

Key Bottlenecks and Challenges

We explored the bottlenecks and issues causing delays across the entire data value chain.

Thematically “data quality” is at the heart desired data governance outcomes, challenges and bottlenecks, pointing to its overall importance.

Finding, identifying and harvesting data assets, the performance of systems where data is stored, documenting end-to-end data lineage, and visibility into mechanisms to protect data round out the top five bottlenecks to achieving optimal data value.

These are largely consistent with what we learned in our last study, with data system performance and protection making their debut this year as highly relevant problems to address.

With regard to challenges, respondents cite data quality and accuracy, skills shortages/gaps, cost, cultural change and operationalizing data governance – making it a working reality as opposed to a concept – as the top issues to address in maximizing data governance ROI.

Interestingly, 5% said they have no challenges – wouldn’t we like them to share their rose-colored glasses data governance glasses?

Other Key Findings

The report has a lot to unpack, but here is a snapshot of some other key findings:

Time is a major factor.

  • Data stewards still spend too much time on data-related activities, including analyzing (23%), protecting (23%) and searching for data (20%).
  • It takes most business users (e.g., developers, analysts, data scientists) one to two business days to receive the data they request from IT.

More automation opportunities exist.

  • While 42% of organizations have some mix of manual and automated processes, 93% say there’s room to incorporate more automation into their data operations.
  • In line with ensuring trust in data, data quality (27%), data integration (17%), and data preparation (14%) are the three data operations automated the most.

Self-service done right is a game-changer.

  • 93% of organizations have already or plan to leverage self-service in provisioning data, showing that self-service is more important than ever.
  • Seven out of 10 respondents report their organizations’ self-service data provisioning enablement has had a significant business impact.

The Path to Data Empowerment

The report validates Quest’s newly launched Data Empowerment strategy and platform that bridges the gaps between data infrastructure, security and governance initiatives to mitigate risk and unleash more value from data.

Data governance provides visibility, automation, governance and collaboration for data democratization.

As part of a Data Empowerment platform — data governance puts real-time, relevant, role-based data in context in the hands of users to optimize the enterprise data capability.

So with these solutions working in concert, you can ensure the availability of secure, high-quality data to empower everyone in your organization to be more successful – that’s a win-win for employees and the organization in accomplishing its mission.

Click here to download a free copy of the “2021 State of Data Governance and Empowerment” report.

And join us for the Quest Data Empowerment Summit this week, May 18-20. It includes three unique tracks —Data OperationsData Protection and Data Governance — with sessions about the latest trends, best practices and technologies to align these critical areas and close the gaps between your front and back office.

Categories
erwin Expert Blog Data Governance

How Data Governance Protects Sensitive Data

 

Data governance reduces the risk of sensitive data.

Organizations are managing more data than ever. In fact, the global datasphere is projected to reach 175 zettabytes by 2025, according to IDC.

With more companies increasingly migrating their data to the cloud to ensure availability and scalability, the risks associated with data management and protection also are growing.

How can companies protect their enterprise data assets, while also ensuring their availability to stewards and consumers while minimizing costs and meeting data privacy requirements?

Data Security Starts with Data Governance

Lack of a solid data governance foundation increases the risk of data-security incidents. An assessment of the data breaches that crop up like weeds each year supports the conclusion that companies, absent data governance, wind up building security architectures strictly from a technical perspective.

Given that every company has in its possession important information about and relationships with people based on the private data they provide, every business should understand the related risks and protect against them under the banner of data governance—and avoid the costs and reputation damage that data breaches can inflict more intelligently and better. That’s especially true as the data-driven enterprise momentum grows along with self-service analytics that enable users to have greater access to information, often using it without IT’s knowledge.

Indeed, with nearly everyone in the enterprise involved either in maintaining or using the company’s data, it only makes sense that both business and IT begin to work together to discover, understand, govern and socialize those assets. This should come as part of a data governance plan that emphasizes making all stakeholders responsible not only for enhancing data for business benefit, but also for reducing the risks that unfettered access to and use of it can pose.

With data catalog and literacy capabilities, you provide the context to keep relevant data private and secure – the assets available, their locations, the relationships between them, associated systems and processes, authorized users and guidelines for usage.

Without data governance, organizations lack the ability to connect the dots across data governance, security and privacy – and to act accordingly. So they can’t answer these fundamental questions:

  • What data do we have and where is it now?
  • Where did it come from and how has it changed?
  • Is it sensitive data or are there any risks associated with it?
  • Who is authorized to use it and how?

When an organization knows what data it has, it can define that data’s business purpose. And knowing the business purpose translates into actively governing personal data against potential privacy and security violations.

Do You Know Where Your Sensitive Data Is?

Data is a valuable asset used to operate, manage and grow a business. While sometimes at rest in databases, data lakes and data warehouses; a large percentage is federated and integrated across the enterprise, management and governance issues that must be addressed.

Knowing where sensitive data is located and properly governing it with policy rules, impact analysis and lineage views is critical for risk management, data audits and regulatory compliance.

For example, understanding and protecting sensitive data is especially critical for complying with privacy regulations like the European Union’s General Data Protection Regulation (GDPR).

The demands GDPR places on organizations are all-encompassing. Protecting what traditionally has been considered personally identifiable information (PII) — people’s names, addresses, government identification numbers and so forth — that a business collects, and hosts is just the beginning of GDPR mandates. Personal data now means anything collected or stored that can be linked to an individual (right down to IP addresses), and the term doesn’t only apply to individual pieces of information but also to how they may be combined in revealing relationships. And it isn’t just about protecting the data your business gathers, processes and stores but also any data it may leverage from third-party sources.

When key data isn’t discovered, harvested, cataloged, defined and standardized as part of integration processes, audits may be flawed putting your organization at risk.

Sensitive data – at rest or in motion – that exists in various forms across multiple systems must be automatically tagged, its lineage automatically documented, and its flows depicted so that it is easily found, and its usage easily traced across workflows.

Fortunately, tools are available to help automate the scanning, detection and tagging of sensitive data by:

  • Monitoring and controlling sensitive data: Better visibility and control across the enterprise to identify data security threats and reduce associated risks
  • Enriching business data elements for sensitive data discovery: Comprehensive mechanism to define business data element for PII, PHI and PCI across database systems, cloud and Big Data stores to easily identify sensitive data based on a set of algorithms and data patterns
  • Providing metadata and value-based analysis: Discovery and classification of sensitive data based on metadata and data value patterns and algorithms. Organizations can define business data elements and rules to identify and locate sensitive data including PII, PHI, PCI and other sensitive information.

Minimizing Risk Exposure with Data Intelligence

Organizations suffering data losses won’t benefit from the money spent on security technologies nor the time invested in developing data privacy classifications if they can’t get a handle on how they handle their data.

They also may face heavy fines and other penalties – not to mention bad PR.

Don’t let that happen to your organization.

A well-formed security architecture that is driven by and aligned by data intelligence is your best defense. Being prepared means you can minimize your risk exposure.

With erwin Data Intelligence by Quest, you’ll have an unfettered view of where sensitive data resides with the ability to seamlessly apply privacy rules and create access privileges.

Additionally, with Quest’s acquisition of erwin comes the abilities to mask, encrypt, redact and audit sensitive data for an automated and comprehensive solution to resolve sensitive-data issues.

When an organization knows what data it has, it can define that data’s business purpose. And knowing the business purpose translates into actively governing personal data against potential privacy and security violations.

From risk management and regulatory compliance to innovation and digital transformation, you need data intelligence. With erwin by Quest, you will know your data so you can fully realize its business benefits.

[blog-cta header=”erwin Data Intelligence” body=”Click here to request a demo of erwin Data Intelligence by Quest.” button=”Request Demo” button_link=”https://s38605.p1254.sites.pressdns.com/erwin-data-intelligence-free-demo/” image=”https://s38605.p1254.sites.pressdns.com/wp-content/uploads/2018/11/iStock-914789708.jpg” ]