June 15, 2020 By Ron Reuben 4 min read

In today’s digital world, there is a guiding principle when it comes to enterprise information management – data privacy. Every regulation builds around it and CIOs consider it a common-sense business practice that is built into the fiber of their IT systems. Let’s think about the daunting challenges posed by the need for data privacy and why businesses go to such lengths to adopt it. Data privacy provides a measure of trustworthiness that ensures clients can be confident their sensitive information is safeguarded. With the explosion of data that the digital economy has ushered in, data privacy has become an ever-growing problem that modern day enterprises CxOs have to constantly contend with, at scale.

In any enterprise IT ecosystem, there can be no data privacy without a solid information security practice. Only then can a business truly start governing data to stay compliant with regulations. Both information governance and information security go hand in hand. We see these two critical practices fitting in as shown in fig 1 below.

Figure 1: Information Governance & Security – tightly coupled practices within the enterprise

While most organizational leaders subscribe to this point of view, streamlining information governance and security is not easy by any means. One might attribute the challenge to:

  • Constantly changing industry regulations and data security vectors that make it hard to react in an agile fashion, leaving organizations to play never ending ‘catch-up’.
  • Security and Governance teams that are built in silos, thinking and operating in silos. Leading to duplication of work and requiring further investment to rationalize.
  • Disparate tools are hard to integrate for use by security and governance teams, leading to ineffective collaboration.
  • The lack of a uniform plane of glass in which teams can collaborate, to help governance and security teams work together. Increasing risk of errors and reducing overall team effectiveness.
  • Processes being created in silos. Leading to inadequate.

There is definitely a lot of room for enhanced efficiency in these processes, which in turn will help reduce overall costs. IBM Cloud Pak for Data, an end-end data and AI platform can help reduce these costs in two distinct ways.

Integrating information governance and security within a platform

Cloud Pak for Data has been designed to include information governance and security in the foundation. The platform can help enhance workforce efficiency and effectiveness, tackling the challenges discussed above by:

  1. Facilitating collaboration between the data steward and the data security officer – allowing the data steward to add a newly discovered sensitive asset to an external (Guardium) data security appliance. This would be done during a data discovery operation by a data steward as part of the data governance operations within the enterprise. See figure 2 below.

Fig 2 – Enabling collaboration between the Data Steward and Security Officers

  1. Providing a global policy management service through Watson Knowledge Catalog that can:
    • Document policies and rules that are both governance and data security related.
    • Enforce certain data privacy oriented rules that are similar in nature to data security rules one might apply when considering privacy from the data security lens.
  2. Offering the option to monitor databases hosted within Cloud Pak for Data through external data security solutions such as IBM Security Guardium.
  3. Workflows that can be customized to allow data governance personnel and data security personnel to collaborate across enterprise wide policies and rules.

Mitigate risks

As a data platform, Cloud Pak for Data is designed to help manage the risk of the unknown using sophisticated information governance services available. Cloud Pak for Data mitigate risks by helping organizations:

  1. ‘Understand what they don’t know’ – Cloud Pak for Data offers the ability to run data discovery processes on both structured and unstructured data sources, eliminating dark data and identify ‘risky’ data. With the ‘InstaScan’ capability, Cloud Pak for Data empowers organizations to run a discovery process over file systems, allowing them to build trust in unstructured data.
  2. Stay compliant with industry regulations – Cloud Pak for Data provides the essential controls needed to stay compliant across many common industry regulations, from data lineage and access controls, to user management and integration.

Now, let’s turn our attention to another sticky problem CDOs are tasked with – enabling a ‘self-service’, data driven workforce. It is no surprise that this is a huge challenge given the many silos of data within most enterprises today. These come at a huge cost to the business and manifest through workforce productivity loss and suboptimal outcomes:

  1. Productivity loss – Getting access to clean, well-understood and curated data can take up to 12 weeks in some organizations. This leads to inordinate amount of time spent by data workers getting access to contextually appropriate data for their tasks at hand
  2. Suboptimal outcomes – Data workers using partial or incomplete data within their analysis leads to suboptimal and potentially incorrect decisions.

Breaking down these data silos meaningfully is a daunting task, but if successfully implemented, it can translate to a major cost savings for the business.

Enabling a governed, secure, self-service plane of data across the enterprise

Cloud Pak for Data delivers a governed, secure, self-serve enterprise data plane through in four key facets:

  1. Data Governance included as an enabler of the self-sufficient data workforce.
  2. Offering a Data Quality service that can be used to assess and enforce data quality standards as data is being discovered and cataloged.
  3. Security that is built into the core of the platform and expandable in the ecosystem.
  4. Data Virtualization as the single plane of glass for all data to come together within the enterprise, effectively elevating the silos of data to one data plane.

In conclusion, information governance and security do not need to need to be at odds with each other within the typical enterprise. Streamlining the two is a distinct possibility with Cloud Pak for Data, which in turn can also enable the safe, governed, self-service enterprise data plane. Give IBM Cloud Pack for Data a try today with our no cost trial.

Accelerate your journey to AI.

Was this article helpful?

More from Cloud

The history of the central processing unit (CPU)

10 min read - The central processing unit (CPU) is the computer’s brain. It handles the assignment and processing of tasks, in addition to functions that make a computer run. There’s no way to overstate the importance of the CPU to computing. Virtually all computer systems contain, at the least, some type of basic CPU. Regardless of whether they’re used in personal computers (PCs), laptops, tablets, smartphones or even in supercomputers whose output is so strong it must be measured in floating-point operations per…

A clear path to value: Overcome challenges on your FinOps journey 

3 min read - In recent years, cloud adoption services have accelerated, with companies increasingly moving from traditional on-premises hosting to public cloud solutions. However, the rise of hybrid and multi-cloud patterns has led to challenges in optimizing value and controlling cloud expenditure, resulting in a shift from capital to operational expenses.   According to a Gartner report, cloud operational expenses are expected to surpass traditional IT spending, reflecting the ongoing transformation in expenditure patterns by 2025. FinOps is an evolving cloud financial management discipline…

IBM Power8 end of service: What are my options?

3 min read - IBM Power8® generation of IBM Power Systems was introduced ten years ago and it is now time to retire that generation. The end-of-service (EoS) support for the entire IBM Power8 server line is scheduled for this year, commencing in March 2024 and concluding in October 2024. EoS dates vary by model: 31 March 2024: maintenance expires for Power Systems S812LC, S822, S822L, 822LC, 824 and 824L. 31 May 2024: maintenance expires for Power Systems S812L, S814 and 822LC. 31 October…

IBM Newsletters

Get our newsletters and topic updates that deliver the latest thought leadership and insights on emerging trends.
Subscribe now More newsletters