Categories
erwin Expert Blog

Data Governance and Metadata Management: You Can’t Have One Without the Other

When an organization’s data governance and metadata management programs work in harmony, then everything is easier.

Data governance is a complex but critical practice. There’s always more data to handle, much of it unstructured; more data sources, like IoT, more points of integration, and more regulatory compliance requirements.

Creating and sustaining an enterprise-wide view of and easy access to underlying metadata is also a tall order.

The numerous data types and data sources that exist today weren’t designed to work together, and data infrastructures have been cobbled together over time with disparate technologies, poor documentation and little thought for downstream integration.

Therefore, most enterprises have encountered difficulty trying to master data governance and metadata management, but they need a solid data infrastructure on which to build their applications and initiatives.

Without it, they risk faulty analyses and insights that effect not only revenue generation but regulatory compliance and any number of other organizational objectives.

Data Governance Predictions

Data Governance Attitudes Are Shifting

The 2020 State of Data Governance and Automation (DGA) shows that attitudes about data governance and the drivers behind it are changing – arguably for the better.

Regulatory compliance was the biggest driver for data governance implementation, according to the 2018 report. That’s not surprising given the General Data Protection Regulation (GDPR) was going into effect just six months after the survey.

Now better decision-making is the primary reason to implement data governance, cited by 60 percent of survey participants. This shift suggests organizations are using data to improve their overall performance, rather than just trying to tick off a compliance checkbox.

We’re pleased to see this because we’ve always believed that IT-siloed data governance has limited value. Instead, data governance has to be an enterprise initiative with IT and the wider business collaborating to limit data-related risks and determine where greater potential and value can be unleashed.

Metadata Management Takes Time

About 70 percent of DGA report respondents – a combination of roles from data architects to executive managers – say they spend an average of 10 or more hours per week on data-related activities.

Most of that time is spent on data analysis – but only after searching for and preparing data.

A separate study by IDC indicates data professionals actually spend 80 percent of their time on data discovery, preparation and protection and only 20 percent on analysis.

Why such a heavy lift? Finding metadata, “the data about the data,” isn’t easy.

When asked about the most significant bottlenecks in the data value chain, documenting complete data lineage leads with 62 percent followed by understanding the quality of the source data (58 percent), discovery, identification and harvesting (55 percent), and curating data assets with business context (52%.)

So it make sense that the data operations deemed most valuable in terms of automation are:

  • Data Lineage (65%)
  • Data Cataloging (61%)
  • Data Mapping (53%)
  • Impact Analysis (48%)
  • Data Harvesting (38%)
  • Code Generation (21%)

But as suspected, most data operations are still manual and largely dependent on technical resources. They aren’t taking advantage of repeatable, sustainable practices – also known as automation.

The Benefits of Automating Data Governance and Metadata Management Processes

Availability, quality, consistency, usability and reduced latency are requirements at the heart of successful data governance.

And with a solid framework for automation, organizations can generate metadata every time data is captured at a source, accessed by users, moved through an organization, integrated or augmented with other data from other sources, profiled, cleansed and analyzed.

Other benefits of automating data governance and metadata management processes include:

  • Better Data Quality – Identification and repair of data issues and inconsistencies within integrated data sources in real time
  • Quicker Project Delivery – Acceleration of Big Data deployments, Data Vaults, data warehouse modernization, cloud migration, etc.
  • Faster Speed to Insights – Reversing the 80/20 rule that keeps high-paid knowledge workers too busy finding, understanding and resolving errors or inconsistencies to actually analyze source data
  • Greater Productivity & Reduced Costs – Use of automated, repeatable processes to for metadata discovery, data design, data conversion, data mapping and code generation
  • Digital Transformation – Better understanding of what data exists and its potential value to improve digital experiences, enhance digital operations, drive digital innovation and build digital ecosystems
  • Enterprise Collaboration – The ability for IT and the wider business to find, trust and use data to effectively meet organizational objectives

To learn more about the information we’ve covered in today’s blog, please join us for our webinar with Dataversity on Feb. 18.

Data Governance Webinar

Categories
erwin Expert Blog

Financial Services Data Governance: Helping Value ‘the New Currency’

For organizations operating in financial services data governance is becoming increasingly more important. When financial services industry board members and executives gathered for EY’s Financial Services Leadership Summit in early 2018, data was a major topic of conversation.

Attendees referred to data as “the new oil” and “the new currency,” and with good reason. Financial services organizations, including banks, brokerages, insurance companies, asset management firms and more, collect and store massive amounts of data.

But data is only part of the bigger picture in financial services today. Many institutions are investing heavily in IT to help transform their businesses to serve customers and partners who are quickly adopting new technologies. For example, Gartner research expects the global banking industry will spend $519 billion on IT in 2018.

The combination of more data and technology and fewer in-person experiences puts a premium on trust and customer loyalty. Trust has long been at the heart of the financial services industry. It’s why bank buildings in a bygone era were often erected as imposing stone structures that signified strength at a time before deposit insurance, when poor management or even a bank robbery could have devastating effects on a local economy.

Trust is still vital to the health of financial institutions, except today’s worst-case scenario often involves faceless hackers pillaging sensitive data to use or re-sell on the dark web. That’s why governing all of the industry’s data, and managing the risks that comes with collecting and storing such vast amounts of information, is increasingly a board-level issue.

The boards of modern financial services institutions understand three important aspects of data:

  1. Data has a tremendous amount of value to the institution in terms of helping identify the wants and needs of customers.
  2. Data is central to security and compliance, and there are potentially severe consequences for organizations that run afoul of either.
  3. Data is central to the transformation underway at many financial institutions as they work to meet the needs of the modern customer and improve their own efficiencies.

Data Management and Data Governance: Solving the Enterprise Data Dilemma

Data governance helps organizations in financial services understand their data. It’s essential to protecting that data and to helping comply with the many government and industry regulations in the industry. But financial services data governance – all data governance in fact – is about more than security and compliance; it’s about understanding the value and quality of data.

When done right and deployed in a holistic manner that’s woven into the business processes and enterprise architecture, data governance helps financial services organizations better understand where their data is, where it came from, its value, its quality, and how the data is accessed and used by people and applications.

Financial Services Data Governance: It’s Complicated

Financial services data governance is getting increasingly complicated for a number of reasons.

Mergers & Acquisitions

Deloitte’s 2018 Banking and Securities M&A Outlook described 2017 as “stuck in neutral,” but there is reason to believe the market picks up steam in 2018 and beyond, especially when it comes to financial technology (or fintech) firms. Bringing in new sets of data, new applications and new processes through mergers and acquisitions creates a great deal of complexity.

The integrations can be difficult, and there is an increased likelihood of data sprawl and data silos. Data governance not only helps organizations better understand the data, but it also helps make sense of the application portfolios of merging institutions to discover gaps and redundancies.

Regulatory Environment

There is a lengthy list of regulations and governing bodies that oversee the financial services industry, covering everything from cybersecurity to fraud protection to payment processing, all in an effort to minimize risk and protect customers.

The holistic view of data that results from a strong data governance initiative is becoming essential to regulatory compliance. According to a 2017 survey by erwin, Inc. and UBM, 60 percent of organizations said compliance drives their data governance initiatives.

More Partnerships and Networks

According to research by IBM, 45 percent of bankers say partnerships and alliances help improve their agility and competitiveness. Like consumers, today’s financial institutions are more connected than ever before, and it’s no longer couriers and cash that are being transferred in these partnerships; it’s data.

Understanding the value, quality and risk of the data shared in these alliances is essential – not only to be a good partner and derive a business benefit from the relationship, but also to evaluate whether or not an alliance or partnership makes good business sense.

Financial Services Data Governance

More Sources of Data, More Touch Points

Financial services institutions are at the forefront of the multi-channel customer experience and have been for years. People do business with institutions by phone, in person, via the Web, and using mobile devices.

All of these touch points generate data, and it is essential that organizations can tie them all together to understand their customers. This information is not only important to customer service, but also to finding opportunities to grow relationships with customers by identifying where it makes sense to upsell and cross-sell products and services.

Grow the Business, Manage the Risk

In the end, financial services organizations need to understand the ways their data can help grow the business and manage risk. Data governance plays an important role in both.

Financial services data governance can better enable:

  • The personalized, self-service, applications customers want
  • The machine learning solutions that automate decision-making and create more efficient business processes
  • Faster and more accurate identification of cross-sell and upsell opportunities
  • Better decision-making about the application portfolio, M&A targets, M&A success and more

If you’re interested in financial services data governance, or evaluating new data governance technologies for another industry, you can schedule a demo of erwin’s data mapping and data governance solutions.

Data Mapping Demo CTA

And you also might want to download our latest e-book, Solving the Enterprise Data Dilemma.

Michael Pastore is the Director, Content Services at QuinStreet B2B Tech.

Categories
erwin Expert Blog

Big Data Posing Challenges? Data Governance Offers Solutions

Big Data is causing complexity for many organizations, not just because of the volume of data they’re collecting, but because of the variety of data they’re collecting.

Big Data often consists of unstructured data that streams into businesses from social media networks, internet-connected sensors, and more. But the data operations at many organizations were not designed to handle this flood of unstructured data.

Dealing with the volume, velocity and variety of Big Data is causing many organizations to re-think how they store and govern their data. A perfect example is the data warehouse. The people who built and manage the data warehouse at your organization built something that made sense to them at the time. They understood what data was stored where and why, as well how it was used by business units and applications.

The era of Big Data introduced inexpensive data lakes to some organizations’ data operations, but as vast amounts of data pour into these lakes, many IT departments found themselves managing a data swamp instead.

In a perfect world, your organization would treat Big Data like any other type of data. But, alas, the world is not perfect. In reality, practicality and human nature intervene. Many new technologies, when first adopted, are separated from the rest of the infrastructure.

“New technologies are often looked at in a vacuum, and then built in a silo,” says Danny Sandwell, director of product marketing for erwin, Inc.

That leaves many organizations with parallel collections of data: one for so-called “traditional” data and one for the Big Data.

There are a few problems with this outcome. For one, silos in IT have a long history of keeping organizations from understanding what they have, where it is, why they need it, and whether it’s of any value. They also have a tendency to increase costs because they don’t share common IT resources, leading to redundant infrastructure and complexity. Finally, silos usually mean increased risk.

But there’s another reason why parallel operations for Big Data and traditional data don’t make much sense: The users simply don’t care.

At the end of the day, your users want access to the data they need to do their jobs, and whether IT considers it Big Data, little data, or medium-sized data isn’t important. What’s most important is that the data is the right data – meaning it’s accurate, relevant and can be used to support or oppose a decision.

Reputation Management - What's Driving Data Governance

How Data Governance Turns Big Data into Just Plain Data

According to a November 2017 survey by erwin and UBM, 21 percent of respondents cited Big Data as a driver of their data governance initiatives.

In today’s data-driven world, data governance can help your business understand what data it has, how good it is, where it is, and how it’s used. The erwin/UBM survey found that 52 percent of respondents said data is critically important to their organization and they have a formal data governance strategy in place. But almost as many respondents (46 percent) said they recognize the value of data to their organization but don’t have a formal governance strategy.

A holistic approach to data governance includes thesekey components.

  • An enterprise architecture component is important because it aligns IT and the business, mapping a company’s applications and the associated technologies and data to the business functions they enable. By integrating data governance with enterprise architecture, businesses can define application capabilities and interdependencies within the context of their connection to enterprise strategy to prioritize technology investments so they align with business goals and strategies to produce the desired outcomes.
  • A business process and analysis component defines how the business operates and ensures employees understand and are accountable for carrying out the processes for which they are responsible. Enterprises can clearly define, map and analyze workflows and build models to drive process improvements, as well as identify business practices susceptible to the greatest security, compliance or other risks and where controls are most needed to mitigate exposures.
  • A data modeling component is the best way to design and deploy new databases with high-quality data sources and support application development. Being able to cost-effectively and efficiently discover, visualize and analyze “any data” from “anywhere” underpins large-scale data integration, master data management, Big Data and business intelligence/analytics with the ability to synthesize, standardize and store data sources from a single design, as well as reuse artifacts across projects.

When data governance is done right, and it’s woven into the structure and architecture of your business, it helps your organization accept new technologies and the new sources of data they provide as they come along. This makes it easier to see ROI and ROO from your Big Data initiatives by managing Big Data in the same manner your organization treats all of its data – by understanding its metadata, defining its relationships, and defining its quality.

Furthermore, businesses that apply sound data governance will find themselves with a template or roadmap they can use to integrate Big Data throughout their organizations.

If your business isn’t capitalizing on the Big Data it’s collecting, then it’s throwing away dollars spent on data collection, storage and analysis. Just as bad, however, is a situation where all of that data and analysis is leading to the wrong decisions and poor business outcomes because the data isn’t properly governed.

Previous posts:

You can determine how effective your current data governance initiative is by taking erwin’s DG RediChek.

Categories
erwin Expert Blog

Data Plays Huge Role in Reputation Management

How much does your business invest in reputation management? It’s likely no one in the organization knows for sure because every interaction – in person, online or over the phone – can affect your firm’s reputation. The quality of the goods and services your organization provides, the training it gives employees, and the causes and initiatives it supports all can improve or worsen its reputation.

Reputation management has always been important to businesses, but because information flows so quickly and freely today, reputations are more fragile than ever. Bad news travels fast; often much faster than businesses can respond. It’s also incredibly hard to make bad news go away. Social media and search engines crushed the concept of the news cycle because they make it easy for information to circulate, even long after incidents have occurred.

One of the fastest ways to see your organization’s reputation suffer today is to lose or expose sensitive data. A study in the U.K. found that 86 percent of customers would not do business with a company that failed to protect its customers’ credit card data.

But data theft isn’t the only risk. Facebook may not have even violated its user agreement in the Cambridge Analytica scandal, but reputations have a funny way of rising and falling on perception, not just facts.

It’s estimated that Walmart, for example, spent $18 million in 2016 and 2017 on advertising for retrospective reputation management, after suffering from a perception the company was anti-worker, fixated on profits, and selling too many foreign-made products.

Perception is why companies publicize their efforts to be good corporate citizens, whether it means supporting charities or causes, or discussing sustainability initiatives that are aimed at protecting the environment.

When you are perceived as having a good reputation, a number of positive things happen. For starters, you can invest $18 million in your business and your customers, instead of spending it on ads you hope will change people’s perceptions of your company. But good reputation management also helps create happy, loyal customers who in turn become brand advocates spreading the word about your company.

Data permeates this entire process. Successful reputation management shows up in the data your business collects. Data also will help identify the brand ambassadors who are helping you sell your products and services.  When something goes wrong, the problem might first appear – and be resolved – thanks to data. But what data giveth, data can taketh away.

A big part of building and maintaining a good reputation today means avoiding missteps like those suffered by Facebook, Equifax, Uber, Yahoo, Wells Fargo and many others. Executives clearly grasp the importance of understanding and governing their organization’s data assets. More than three-quarters of the respondents to a November 2017 survey by erwin, Inc. and UBM said understanding and governing data assets is important or very important to their executives.

Reputation Management - How Important is DG

A strong data governance practice gives businesses the needed visibility into their data – what they’re collecting, why they’re collecting it, who can access it, where it’s stored, how it’s used, and more. This visibility can help protect reputations because knowing what you have, how it’s used, and where it is helps improve data protection.

Having visibility into your data also enables transparency, which works in two ways. Internally, transparency means being able to quickly and accurately answer questions posed by executives, auditors or regulators. Customer-facing transparency means businesses have a single view of their customers, so they can quickly solve problems, answer questions, and help align the products and services most relevant to customer needs.

Both types of transparency help manage an organization’s reputation. Businesses with a well-developed strategy for data governance are less likely to be caught off guard by a data breach months after the fact, and are better positioned to deliver the modern, personalized, omnichannel customer experience today’s consumers crave.

The connection between data governance and reputation is well understood. The erwin-UBM study found that 30 percent of organizations cite reputation management as the primary driver of their data governance initiative.

Reputation Management - What's Driving Data Governance

But data governance is more than protecting data (and by extension, your reputation). It is, when done well, a practice that permeates the organization. Integrating your data governance strategy with your enterprise architecture, for example, helps you define application capabilities and interdependencies within the context of your overall strategy. It also adds a layer of protection for data beyond your Level 1 security (the passwords, firewalls, etc., we know are vulnerable).

Data governance with a business process and analysis component helps enterprises clearly define, map and analyze their workflows and build models to drive process improvement, as well as identify business practices susceptible to the greatest security, compliance or other risks and where controls are most needed to mitigate exposures.

For example, many businesses today are likely keeping too much data. A wave of accounting scandals in the early 2000s, most notably at Enron, led to regulations that included the need to preserve records and produce them in a timely manner. As a result, businesses started to store data like never before. Add to this new sources of data, like social media and sensors connected to the Internet of Things (IoT), and you have companies awash in data, paying (in some cases) more to store and protect it than it’s actually worth to their businesses.

When done well, data governance helps businesses make more informed decisions about data, such as whether the reward from the data they’re keeping is worth the risk and cost of storage.

“The further data gets from everyday use, it just sits on these little islands of risk,” says Danny Sandwell, director of product marketing for erwin.

All it takes is someone with bad intentions or improper training to airlift that data off the island and your firm’s reputation will crash and burn.

Alternatively, your organization can adopt data governance practices that will work to prevent data loss or misuse and enable faster remediation should a problem occur. Developing a reputation for “data responsibility” – from protecting data to transparency around its collection and use – is becoming a valuable differentiator. It’s entirely possible that as the number of data breaches and scandals continue to pile up, firms will start using their efforts toward data responsibility to enhance their reputation and appeal to customers, much in the way businesses talk about environmental sustainability initiatives.

A strong data governance foundation underpins data security and privacy. To learn more about how data governance will work for you, click here.

Examining the Data Trinity

 

Previous posts:

You can determine how effective your current data governance initiative is by taking erwin’s DG RediChek.

Categories
erwin Expert Blog

Defining Data Governance: What Is Data Governance?

Data governance (DG) is one of the fastest growing disciplines, yet when it comes to defining data governance many organizations struggle.

Dataversity says DG is “the practices and processes which help to ensure the formal management of data assets within an organization.” These practices and processes can vary, depending on an organization’s needs. Therefore, when defining data governance for your organization, it’s important to consider the factors driving its adoption.

The General Data Protection Regulation (GDPR) has contributed significantly to data governance’s escalating prominence. In fact, erwin’s 2018 State of Data Governance Report found that 60% of organizations consider regulatory compliance to be their biggest driver of data governance.

Defining data governance: DG Drivers

Other significant drivers include improving customer trust/satisfaction and encouraging better decision-making, but they trail behind regulatory compliance at 49% and 45% respectively. Reputation management (30%), analytics (27%) and Big Data (21%) also are factors.

But data governance’s adoption is of little benefit without understanding how DG should be applied within these contexts. This is arguably one of the issues that’s held data governance back in the past.

With no set definition, and the historical practice of isolating data governance within IT, organizations often have had different ideas of what data governance is, even between departments. With this inter-departmental disconnect, it’s not hard to imagine why data governance has historically left a lot to be desired.

However, with the mandate for DG within GDPR, organizations must work on defining data governance organization-wide to manage its successful implementation, or face GDPR’s penalties.

Defining Data Governance: Desired Outcomes

A great place to start when defining an organization-wide DG initiative is to consider the desired business outcomes. This approach ensures that all parties involved have a common goal.

Past examples of Data Governance 1.0 were mainly concerned with cataloging data to support search and discovery. The nature of this approach, coupled with the fact that DG initiatives were typically siloed within IT departments without input from the wider business, meant the practice often struggled to add value.

Without input from the wider business, the data cataloging process suffered from a lack of context. By neglecting to include the organization’s primary data citizens – those that manage and or leverage data on a day-to-day basis for analysis and insight – organizational data was often plagued by duplications, inconsistencies and poor quality.

The nature of modern data-driven business means that such data citizens are spread throughout the organization. Furthermore, many of the key data citizens (think value-adding approaches to data use such as data-driven marketing) aren’t actively involved with IT departments.

Because of this, Data Governance 1.0 initiatives fizzled out at discouraging frequencies.

This is, of course, problematic for organizations that identify regulatory compliance as a driver of data governance. Considering the nature of data-driven business – with new data being constantly captured, stored and leveraged – meeting compliance standards can’t be viewed as a one-time fix, so data governance can’t be de-prioritized and left to fizzle out.

Even those businesses that manage to maintain the level of input data governance needs on an indefinite basis, will find the Data Governance 1.0 approach wanting. In terms of regulatory compliance, the lack of context associated with data governance 1.0, and the inaccuracies it leads to mean that potentially serious data governance issues could go unfounded and result in repercussions for non-compliance.

We recommend organizations look beyond just data cataloging and compliance as desired outcomes when implementing DG. In the data-driven business landscape, data governance finds its true potential as a value-added initiative.

Organizations that identify the desired business outcome of data governance as a value-added initiative should also consider data governance 1.0’s shortcomings and any organizations that hasn’t identified value-adding as a business outcome, should ask themselves, “why?”

Many of the biggest market disruptors of the 21st Century have been digital savvy start-ups with robust data strategies – think Airbnb, Amazon and Netflix. Without high data governance standards, such companies would not have the level of trust in their data to confidently action such digital-first strategies, making them difficult to manage.

Therefore, in the data-driven business era, organizations should consider a Data Governance 2.0 strategy, with DG becoming an organization-wide, strategic initiative that de-silos the practice from the confines of IT.

This collaborative take on data governance intrinsically involves data’s biggest beneficiaries and users in the governance process, meaning functions like data cataloging benefit from greater context, accuracy and consistency.

It also means that organizations can have greater trust in their data and be more assured of meeting the standards set for regulatory compliance. It means that organizations can better respond to customer needs through more accurate methods of profiling and analysis, improving rates of satisfaction. And it means that organizations are less likely to suffer data breaches and their associated damages.

Defining Data Governance: The Enterprise Data Governance Experience (EDGE)

The EDGE is the erwin approach to Data Governance 2.0, empowering an organization to:

  • Manage any data, anywhere (Any2)
  • Instil a culture of collaboration and organizational empowerment
  • Introduce an integrated ecosystem for data management that draws from one central repository and ensures data (including real-time changes) is consistent throughout the organization
  • Have visibility across domains by breaking down silos between business and IT and introducing a common data vocabulary
  • Have regulatory peace of mind through mitigation of a wide range of risks, from GDPR to cybersecurity. 

To learn more about implementing data governance, click here.

Take the DG RediChek

Categories
erwin Expert Blog

GDPR, Compliance Concerns Driving Data Governance Strategies

There are many factors driving data governance adoption, as revealed in erwin’s State of Data Governance Report. Over the coming weeks, we’ll be exploring them in detail, starting with regulatory compliance.

By Michael Pastore

Almost every organization views data governance as important, so why don’t they all have it in place?

Modern organizations run on data. Whether from sensors monitoring equipment on a factory floor or a customer’s purchasing history, data enters modern businesses from every angle, gets stored in any number of places, and is used by many different people and applications.

Data governance refers to the practices that help businesses understand where their data comes from, where it resides, how accurate it is, who or what can access it, and how it can be used. The idea of data governance is not new, but putting data governance into practice and reaping the benefits remains a struggle for many organizations.

According to our November 2017 survey with UBM, nearly all (98 percent) respondents said their organizations view data governance as either important or critically important from a business perspective. Despite this, 46 percent of respondents indicated their organizations recognize the value of data, but lack a formal governance strategy.

One of the significant obstacles to data governance for many organizations is the idea of ownership. In many businesses, it’s safe to say that the IT organization has ownership over the network, just as it’s easy to say that the business oversees payroll.

Data is a bit more complicated. The business side of the organization often analyzes the data, but it’s the IT organization that stores and protects it. This data division of labor often leaves data governance in a sort of no-man’s land, with each side expecting the other to pick up the torch.

The results of the erwin-UBM survey indicate that businesses are increasingly treating data governance as an enterprise-wide imperative. At 57 percent of respondents’ organizations, both IT and the business are responsible for data governance. Just 34 percent of the organizations put IT solely in charge.

Strong data governance initiatives will overcome the issue of ownership thanks in part to a new organizational structure that considers the importance of data. The emergence of the chief data officer (CDO) is one sign that businesses recognize the vital role of their data.

Many of the first generation of CDOs reported to the CIO. Now, you’re more likely to see the CDO at forward-thinking organizations sit on the business side, perhaps in the finance department, or even marketing, which is a huge consumer of data in many businesses. Under the CDO, it’s increasingly likely to find a data protection officer (DPO) tasked with overseeing how the business safeguards its information.

What's Driving Data Governance

Driving Data Governance: Compliance Is Leading Organizations to Data Governance

Now is a good time for businesses to re-think their data structure and governance initiatives. Data is central to organizations’ compliance, privacy and security initiatives because it has value — value to the business; value to the customer; and, like anything of value, value to criminals who want to get their hands on it.

The need to protect data and reduce risk is an important factor in driving data governance at many organizations. In fact, our survey found that regulatory compliance, cited by 60 percent of respondents, was the most popular factor driving data governance.

There’s an increased sense of urgency regarding data governance and compliance because of the European Union’s General Data Protection Regulation (GDPR), which goes into effect this month. According to our research, only 6 percent of respondents said their organization was “completely prepared” for the regulation.

Not only does the GDPR protect EU citizens at home, but it extends protections to EU citizens wherever they do business. It really goes much farther than any other legislation ever has.

The GDPR essentially gives rights to the people the data represents, so businesses must:

  • Minimize identifiability in data
  • Report data breaches within 72 hours
  • Give consumers the ability to dispute data and demand data portability
  • Understand the GDPR’s expanded definition of personally identifiable information (PII)
  • Extend to consumers the right to be “forgotten”

And much, much more.

The maximum fine for organizations in breach of the GDPR is up to 4 percent of annual global turnover or €20 million, whichever is greater. And because the GDPR will apply to anyone doing business with EU citizens, and the internet transcends international borders, it’s likely the GDPR will become the standard organizations around the world will need to rise to meet.

The GDPR is a hot topic right now, but it’s not the only data-security regulation organizations have to honor. In addition to Payment Card Industry (PCI) standards for payment processors, industry-specific regulations exist in such areas as financial services, healthcare and education.

This web of regulations brings us back to data governance. Simply put, it’s easier to protect data and mitigate a breach if your organization knows where the data comes from, where it is stored, and what it includes.

Businesses stand to gain a number of advantages by implementing strong data governance. Regulatory compliance is sure to get the attention of C-level executives, the legal team and the board, but it means very little to consumers – until there’s a breach.

With new breaches being reported on a seemingly daily basis, businesses that practice strong data governance can help build a competitive advantage by better protecting their data and gaining a reputation as an organization that can be trusted in a way that firms suffering from high-profile breaches cannot. In this way, data governance helps contribute directly to the bottom line.

Still, compliance is the No. 1 factor driving data governance initiatives for a reason.

Using data governance to drive upside growth is great, but not if you’re going to lose money in fines.

In our next post in this series, we’ll explore how your organization can use data governance to build trust with your customers.

 

Michael Pastore is the Director, Content Services at QuinStreet B2B Tech. This content originally appeared as a sponsored post on http://www.eweek.com/.

Learn more about how data governance can help with GDPR compliance by downloading the free white paper: GDPR and Your Business: A Call to Enhance Data Governance Expertise.

Data Governance and GDPR: GDPR and Your Business Whitepaper

Categories
erwin Expert Blog

Five Pillars of Data Governance Readiness: Team Resources

The Facebook scandal has highlighted the need for organizations to understand and apply the five pillars of data governance readiness.

All eyes were on Mark Zuckerberg this week as he testified before the U.S. Senate and Congress on Facebook’s recent data drama.

A statement from Facebook indicates that the data snare was created due to permission settings leveraged by the Facebook-linked third-party app ‘thisisyourdigitallife.’

Although the method used by Cambridge Analytica to amass personal data from 87 million Facebook users didn’t constitute a “data breach,” it’s still a major data governance (DG) issue that is now creating more than a headache for the company.

The #DeleteFacebook movement is gaining momentum, not to mention the company’s stock dip.

With Facebook’s DG woes a mainstay in global news cycles, and the General Data Protection Regulation’s (GDPR) implementation just around the corner, organizations need to get DG-ready.

During the past few weeks, the erwin Expert Blog has been exploring the five pillars of data governance readiness. So far, we’ve covered initiative sponsorship and organizational support. Today, we talk team resources.

Facebook and the Data Governance Awakening

Most organizations lack the enterprise-level experience required to advance a data governance initiative.

This function may be called by another name (e.g., data management, information management, enterprise data management, etc.), a successful organization recognizes the need for managing data as an enterprise asset.

Data governance, as a foundational component of enterprise data management, would reside within such a group.

You would think an organization like Facebook would have this covered. However, it doesn’t appear that they did.

The reason Facebook is in hot water is because the platform allowed ‘thisisyourdigitallife’ to capture personal data from the Facebook friends of those who used the app, increasing the scope of the data snare by an order of magnitude.

Pillars of Data Governance; Facebook

For context, it took only 53 Australian ‘thisisyourdigitallife’ users to capture 310,000 Australian citizens’ data.

Facebook’s permission settings essentially enabled ‘thisisyourdigitallife’ users to consent on behalf of their friends. Had GDPR been in effect, Facebook would have been non-compliant.

Even so, the extent of the PR fallout demonstrates that regulatory compliance shouldn’t be the only driver for implementing data governance.

Understanding who has access to data and what that data can be used for is a key use case for data governance. This considered, it’s not difficult to imagine how a more robust DG program could have covered Facebook’s back.

Data governance is concerned with units of data – what are they used for, what are the associated risks, and what value do they have to the business? In addition, DG asks who is responsible for the data – who has access? And what is the data lineage?

It acts as the filter that makes data more discoverable to those who need it, while shutting out those without the required permissions.

The Five Pillars of Data Governance: #3 Team Resources

Data governance can’t be executed as a short-term fix. It must be an on-going, strategic initiative that the entire organization supports and is part of. But ideally, a fixed and formal data management group needs to oversee it.

As such, we consider team resources one of the key pillars of data governance readiness.

Data governance requires leadership with experience to ensure the initiative is a value-adding success, not the stifled, siloed programs associated with data governance of old (Data Governance 1.0).

Without experienced leadership, different arms of the organization will likely pull in different directions, undermining the uniformity of data that DG aims to introduce. If such experience doesn’t exist within the organization, then outside consultants should be tapped for their expertise.

As the main technical enabler of the practice, IT should be a key DG participant and even house the afore-mentioned data management group to oversee it. The key word here is “participant,” as the inclination to leave data governance to IT and IT alone has been a common reason for Data Governance 1.0’s struggles.

With good leadership, organizations can implement Data Governance 2.0: the collaborative, outcome-driven approach more suited to the data-driven business landscape. DG 2.0 avoids the pitfalls of its predecessor by expanding the practice beyond IT and traditional data stewards to make it an enterprise-wide responsibility.

By approaching data governance in this manner, organizations ensure those with a stake in data quality (e.g., anyone who uses data) are involved in its discovery, understanding, governance and socialization.

This leads to data with greater context, accuracy and trust. It also hastens decision-making and times to market, resulting in fewer bottlenecks in data analysis.

We refer to this collaborative approach to data governance as the enterprise data governance experience (EDGE).

Back to Facebook. If they had a more robust data governance program, the company could have discovered the data snare exploited by Cambridge Analytica and circumvented the entire scandal (and all its consequences).

But for data governance to be successful, organizations must consider team resources as well as enterprise data management methodology and delivery capability (we’ll cover the latter two in the coming weeks).

To determine your organization’s current state of data governance readiness, take the erwin DG RediChek.

To learn more about how to leverage data governance for GDPR compliance and an EDGE on the competition, click here.

Take the DG RediChek

Categories
erwin Expert Blog

Data Governance Readiness: The Five Pillars

In light of the General Data Protection Regulation (GDPR) taking effect in just three months, an understanding of data governance readiness has become paramount. Organizations need to make sure they’re ready to meet the world’s most comprehensive data privacy law’s requirements:

  • Understanding all the systems in which personal data is located and all the interactions that touch it
  • Knowing the original instance of the data plus its entire lineage and how it’s handled across the complete ecosystem
  • Ensuring changes, purges or other customer requests are adhered to in a timely manner
  • Notifying customers of a data breach within 72 hours

GDPR becomes effective in an age of rapidly proliferating customer data. For organizations to meet its demands, data governance (DG) must become operational. Done right, it holds great promise not only for regulatory compliance but also for creating data-driven opportunities that drive innovation and greater value.

The 2018 State of Data Governance Report shows that customer trust/satisfaction, decision-making, reputation management, analytics and Big Data are the key drivers of data governance adoption, behind meeting regulatory obligations.

Data Governance Readiness: Data Governance Drivers

A Question of Approach

There’s no question data governance is important and should be the cornerstone of data management to both reduce risks and realize larger organizational results, such as increasing customer satisfaction, improving decision-making, enhancing operational efficiency and growing revenue. The question is how to implement DG, so it does all that.

The boom in data-driven business, as well as new regulatory pressures, have thrust DG into a new spotlight. But the historical approach to DG, being housed in IT siloed from the parties who could use it the most, won’t work in the age of digital power brands like Airbnb, Amazon and Uber.

Data governance done right requires the participation of the entire enterprise and should be measured and measurable in the context of the business. Fortunately, Data Governance 2.0 builds on the principle that everyone in the organization has a role in the initiative, which is ongoing.

IT handles the technical mechanics of data management, but data governance is everyone’s business with stakeholders outside IT responsible for aligning DG with strategic organizational goals.

This creates an environment in which data is treated as an organizational asset that must be inventoried and protected as any physical asset, but it also can be understood in context and shared to unleash greater potential.

The Pillars of Data Governance Readiness

If you accept that data governance is a must for understanding critical data within a business context, tracking its physical existence and lineage, and maximizing its security, quality and value, are you ready to implement it as an enterprise initiative?

We’ve identified what we believe to be the five pillars of data governance readiness.

  1. Initiative Sponsorship

Without executive sponsorship, you’ll have difficulty obtaining the funding, resources, support and alignment necessary for successful DG. 

  1. Organizational Support

DG needs to be integrated into the data stewardship teams and wider culture. It also requires funding.

  1. Team Resources

Most successful organizations have established a formal data management group at the enterprise level. As a foundational component of enterprise data management, DG would reside in such a group.

  1. Enterprise Data Management Methodology

DG is foundational to enterprise data management. Without the other essential components (e.g., metadata management, enterprise data architecture, data quality management), DG will be struggle.

  1. Delivery Capability

Successful and sustainable DG initiatives are supported by specialized tools, which are scoped as part of the DG initiative’s technical requirements.

We’re going to explore these pillars of data governance readiness in future blog posts and through a new, free app to help you build – or shore up – your data governance initiative. By applying them, you’ll establish a solid data governance foundation to achieve the desired outcomes, from limiting the risk of data exposures to growing revenue.

In the meantime, you might want to check out our latest white paper that focuses on the impending GDPR and how to increase DG expertise because no organization with even one customer in the EU is outside its grasp. Click here to get the white paper.

Data Governance and GDPR: GDPR and Your Business Whitepaper

Categories
erwin Expert Blog Data Governance

The Top Five Data Governance Use Cases and Drivers

As the applications for data have grown, so too have the data governance use cases. And the legacy, IT-only approach to data governance, Data Governance 1.0, has made way for the collaborative, enterprise-wide Data Governance 2.0.

In addition to increasing data applications, Data Governance 1.0’s decline is being hastened by recurrent failings in its implementation. Leaving it to IT, with no input from the wider business, ignores the desired business outcomes and the opportunities to contribute to and speed their accomplishment. Lack of input from the departments that use the data also causes data quality and completeness to suffer.

So Data Governance 1.0 was destined to fail in yielding a significant return. But changing regulatory requirements and mega-disruptors effectively leveraging data has spawned new interest in making data governance work.

The 2018 State of Data Governance Report indicates that 98% of organizations consider data governance important. Furthermore, 66% of respondents say that understanding and governing enterprise assets has become more or very important for their executives.

Below, we consider the primary data governance use cases and drivers as outlined in this report.

The Top 5 Data Governance Use Cases

1. Changing Regulatory Requirements

Changing regulations are undoubtedly the biggest driver for data governance. The European Union’s General Data Protection Regulation (GDPR) will soon take effect, and it’s the first attempt at a near-global, uniform approach to regulating the way organizations use and store data.

Data governance is mandatory under the new law, and failure to comply will leave organizations liable for huge fines – up to €20 million or 4% of the company’s global annual turnover. For context, GDPR fines could wipe off two percentage points of revenue from Google parent company, Alphabet.

Although 60% of the organizations surveyed for the State of DG Report indicate that regulatory compliance is the key driver for implementing data governance, only 6% of enterprises are prepared for GDPR with less than four months to go.

But data governance use cases go beyond just compliance.

2. Customer Satisfaction

Another primary driver for data governance is improving customer satisfaction, with 49% of our survey respondents citing it.

A Data Governance 2.0 approach is paramount to this use case and should be strong justification to secure C-level buy-in. In fact, the correlation between effective data governance and customer satisfaction is clear. A 2017 report from Aberdeen Group shows that the user-base of organizations with more effective data governance programs are far happier with:

  • The business’ ability to share data (66% – Data Governance Leaders vs. 21% Data Governance followers)
  • Data systems’ ease of use (64% vs. 24%)
  • Speed of information delivery (61% vs. 18%)

3. Decision-Making

Another data governance use case as indicated by the State of DG Report is improved decision-making. Forty-five percent of respondents identify it as the third key driver, and for good reason.

Data governance success manifests itself as well-defined data that is consistent throughout the business, understood across departments, and used to pull the business in the desired direction. It also improves the quality of the data.

By moving data governance out of its IT silo, the employees responsible for business outcomes are part of its governance. This collaboration makes data both more discoverable, more insightful and more contextual.

The decision-making process becomes more efficient, as the velocity at which data can be interpreted increases. The organization can also better interpret and trust the information it is using to determine course.

4. Reputation Management

In the survey behind the State of DG Report, 30% of respondents name reputation management as a driver for DG’s implementation.

We’ve seen it time and time again with high-profile data breaches inflicting the likes of Equifax, Uber and Yahoo. All were met with costly PR fallout. For example, Equifax’s breach had a price tag of $90 million, as of November 2017.

So the discrepancy between the 60% who cite regulatory compliance as a key driver and the 30% who cite reputation management as DG drivers is interesting. One could argue they are the same; both call for data governance to help prevent or at least limit damaging breaches.

The difference might come down to smaller businesses that believe they have less brand equity to maintain. They, as well as some of their larger counterparts, have taken a reactionary approach to data governance. But GDPR should now encourage more proactive data governance across the board.

In terms of data governance use cases for managing the risk of data breaches, consider that data governance, at a fundamental level, is about knowing where your data is, who’s responsible for it, and what it is supposed to be used for.

This understanding enables organizations to focus security spending on the areas of highest risk. Thus, they can take a more cost-effective but thorough approach to risk management.

5. Analytics and Big Data

Analytics and Big Data also were identified as key drivers for data governance among 27% and 20% of respondents, respectively.

The need for data governance in these cases is largely driven by the amount of data businesses are now tasked with overseeing. In terms of volume, Big Data speaks for itself. Twenty-two percent of respondents in the State of DG Report manage more than 10 petabytes of data, which lines up closely with those who identify Big Data as a key driver.

However, the amount of data the average organization without a Big Data strategy consumes, stores and processes has climbed considerably in recent years.

Research indicates that 90% of the world’s data has been created just in the last two years. Globally, we generate 2.5 quintillion bytes a day. Other studies equate data’s value to that of oil, so clearly there’s a lot of value to be found.

However, the “three Vs of data” (volume, velocity, variety) tend to be positively correlated. When one increases, so do the other two. Higher volumes of data mean higher velocities of data that must be processed faster for worthwhile, valuable insights. It also means an increase in the data types – both structured and unstructured – which makes processing more difficult.

A Strong DG Foundation

A strong data governance foundation ensures data is more manageable, and therefore more valuable.

With Data Governance 2.0, data governance use cases shift from reactionary to proactive with a clear focus on business outcomes.

Although new regulations can be seen as bureaucratic and cumbersome, GDPR actually presents organizations with great opportunity – at least for those that choose to take the evolved Data Governance 2.0 path. They will benefit from an outcome-focused DG initiative that adds value beyond just regulatory compliance.

To learn more, download the complete State of Data Governance Report.

2020 Data Governance and Automation Report