erwin Expert Blog

An Agile Data Governance Foundation for Building the Data-Driven Enterprise

The data-driven enterprise is the cornerstone of modern business, and good data governance is a key enabler.

In recent years, we’ve seen startups leverage data to catapult themselves ahead of legacy competitors. Companies such as Airbnb, Netflix and Uber have become household names. Although the service each offers differs vastly, all three identify as ‘technology’ organizations because data is integral to their operations.

Data-Driven Business

As with any standard-setting revolution, businesses across the spectrum are now following these examples. But what these organizations need to understand is that simply deciding to be data-driven, or to “do Big Data,” isn’t enough.

As with any strategy or business model, it’s advisable to apply best practices to ensure the endeavor is worthwhile and that it operates as efficiently as possible. In fact, it’s especially important with data, as poorly governed data will lead to slower times to market and oversights in security. Additionally, poorly managed data fosters inaccurate analysis and poor decision-making, further hampering times to market due to inaccuracy in the planning stages, false starts and wasted cycles.

Essentially garbage in, garbage out – so it’s important for businesses to get their foundations right. To build something, you need to know exactly what you’re building and why to understand the best way to progress.

Data Governance 2.0 Is the Underlying Factor

Good data governance (DG) enables every relevant stakeholder – from executives to frontline employees – to discover, understand, govern and socialize data. Then the right people have access to the right data, so the right decisions are easier to make.

Traditionally, DG encompassed governance goals such as maintaining a business glossary of data terms, a data dictionary and catalog. It also enabled lineage mapping and policy authoring.

However, Data Governance 1.0 was siloed with IT left to handle it. Often there were gaps in context, the chain of accountability and the analysis itself.

Data Governance 2.0 remedies this by taking into account the fact that data now permeates all levels of a business. And it allows for greater collaboration.

It gives people interacting with data the required context to make good decisions, and documents the data’s journey, ensuring accountability and compliance with existing and upcoming data regulations.

But beyond the greater collaboration it fosters between people, it also allows for better collaboration between departments and integration with other technology.

By integrating data governance with data modeling (DM), enterprise architecture (EA) and business process (BP), organizations can break down inter-departmental and technical silos for greater visibility and control across domains.

By leveraging a common metadata repository and intuitive role-based and highly configurable user interfaces, organizations can guarantee everyone is singing off the same sheet of music.

Data Governance Enables Better Data Management

The collaborative nature of Data Governance 2.0 is a key enabler for strong data management. Without it, the differing data management initiatives can and often do pull in different directions.

These silos are usually born out of the use of disparate tools that don’t enable collaboration between the relevant roles responsible for the individual data management initiative. This stifles the potential of data analysis, something organizations can’t afford given today’s market conditions.

Businesses operating in highly competitive markets need every advantage: growth, innovation and differentiation. Organizations also need a complete data platform as the rise of data’s involvement in business and subsequent frequent tech advancements mean market landscapes are changing faster than ever before.

By integrating DM, EA and BP, organizations ensure all three initiatives are in sync. Then historically common issues born of siloed data management initiatives don’t arise.

A unified approach, with Data Governance 2.0 at its core, allows organizations to:

  • Enable data fluency and accountability across diverse stakeholders
  • Standardize and harmonize diverse data management platforms and technologies
  • Satisfy compliance and legislative requirements
  • Reduce risks associated with data-driven business transformation
  • Enable enterprise agility and efficiency in data usage.

Data governance is everyone's business

erwin Expert Blog

Data Governance and Risk Management

Risk management is crucial for any data-driven business. Former FBI Director Robert Mueller famously said, “There are only two types of companies: those that have been hacked and those that will be.” This statement struck a chord when first spoken in 2012, and the strings are still ringing.

As data continues to be more deeply intertwined in our day-to-day lives, the associated risks are growing in number and severity. So, there’s increasing scrutiny on organizations’ data governance practices – and for good reason.

Governmental scrutiny, in particular, is gearing up. The General Data Protection Regulation (GDPR) introduces strict formality in the way data is governed across the European Union, including organizations outside the EU that wish to do business with its member nations.

But in certain sectors, public scrutiny is just as – if not more – important to consider. We’ve been talking since September about the data breach at Equifax, which has just been hit with a 50-state, class-action lawsuit.

And we just learned that Uber was hacked, resulting in the personal data of 57 million customers and Uber drivers being stolen. What’s more, the company concealed the breach for more than a year.

Whether we’re talking about financial or reputational damage, it’s absolutely clear that bad data governance is bad business.

Risk Management Data Governance

Risk Management for IoT

Think about the Internet of Things (IoT) for a moment …

IoT devices are gaining more stock in daily life – from the mundane of smart refrigerators and thermostats to the formidable of medical devices. Despite the degree of severity here, personal data is personal data, and the steps taken to mitigate security risks must be evidenced to be compliant.

Data governance is fundamental to risk mitigation and management. That’s because data governance is largely concerned with understanding two key things: where your data is kept and what it’s used for. Considering the scope of IoT data, this is no easy feat.

Estimates indicate that by 2020, 50 billion connected devices will be in circulation. Misunderstanding where and what this data is could leave the records of millions exposed.

On top of the already pressing need for effective data governance for risk management, we’re constantly approaching uncharted territories in data applications.

Lessons from Driverless Cars

The driverless car industry is one such example on the not-too-distant horizon.

Businesses from BMW to Google are scrambling to win the driverless car race, but fears that driverless cars could be hacked are well founded. Earlier this year, a Deloitte Insights report considered the likely risks of introducing autonomous vehicles onto public roads.

It reads, “The very innovations that aim to enhance the way we move from place to place entail first-order cybersecurity challenges.” It also indicates that organizations need to make radical changes in how they view cybersecurity to ensure connected vehicles are secure, vigilant and resilient:

  • Secure – Work on risk management by prioritizing sensitive assets to balance security and productivity.
  • Vigilant – Integrate threat data, IT data and business data to be equipped with context-rich alerts to prioritize incident handling and streamline incident investigation.
  • Resilient – Rapidly adapt and respond to internal or external changes to continue operations with limited business impacts.

The first thing organizations should take away is that this advice applies to the handling of all sensitive data; it’s by no means exclusive to autonomous vehicles. And second, security, vigilance and resilience all are enabled by data governance.

Data Governance Leads the Way

As discussed, data governance is about knowing where your data is and what it’s used for.  This understanding indicates where security resources should be spent to help mitigate data breaches.

Data governance also makes threat data, IT data and business data more readily discoverable, understandable and applicable, meaning any decisions you make regarding security investments are well informed.

In terms of resilience and the ability to rapidly respond, businesses must be agile and collaborative, points of contention in traditional data governance. However, Data Governance 2.0 as defined by Forrester addresses agility in terms of “just enough controls for managing risk, which enables broader and more insightful use of data required by the evolving needs of an expanding business ecosystem.”

As GDPR looms ever near, an understanding of data governance best practices will be indispensable. To get the best of them, click here.

Data governance is everyone's business