Security and governance payback with Cloud Pak for Data
In today’s digital world, there is a guiding principle when it comes to enterprise information management – data privacy. Every regulation builds around it and CIOs consider it a common-sense business practice that is built into the fiber of their IT systems. Let’s think about the daunting challenges posed by the need for data privacy and why businesses go to such lengths to adopt it. Data privacy provides a measure of trustworthiness that ensures clients can be confident their sensitive information is safeguarded. With the explosion of data that the digital economy has ushered in, data privacy has become an ever-growing problem that modern day enterprises CxOs have to constantly contend with, at scale.
In any enterprise IT ecosystem, there can be no data privacy without a solid information security practice. Only then can a business truly start governing data to stay compliant with regulations. Both information governance and information security go hand in hand. We see these two critical practices fitting in as shown in fig 1 below.
Figure 1: Information Governance & Security – tightly coupled practices within the enterprise
While most organizational leaders subscribe to this point of view, streamlining information governance and security is not easy by any means. One might attribute the challenge to:
- Constantly changing industry regulations and data security vectors that make it hard to react in an agile fashion, leaving organizations to play never ending ‘catch-up’.
- Security and Governance teams that are built in silos, thinking and operating in silos. Leading to duplication of work and requiring further investment to rationalize.
- Disparate tools are hard to integrate for use by security and governance teams, leading to ineffective collaboration.
- The lack of a uniform plane of glass in which teams can collaborate, to help governance and security teams work together. Increasing risk of errors and reducing overall team effectiveness.
- Processes being created in silos. Leading to inadequate.
There is definitely a lot of room for enhanced efficiency in these processes, which in turn will help reduce overall costs. IBM Cloud Pak for Data, an end-end data and AI platform can help reduce these costs in two distinct ways.
Integrating information governance and security within a platform
Cloud Pak for Data has been designed to include information governance and security in the foundation. The platform can help enhance workforce efficiency and effectiveness, tackling the challenges discussed above by:
- Facilitating collaboration between the data steward and the data security officer – allowing the data steward to add a newly discovered sensitive asset to an external (Guardium) data security appliance. This would be done during a data discovery operation by a data steward as part of the data governance operations within the enterprise. See figure 2 below.
Fig 2 – Enabling collaboration between the Data Steward and Security Officers
- Providing a global policy management service through Watson Knowledge Catalog that can:
- Document policies and rules that are both governance and data security related.
- Enforce certain data privacy oriented rules that are similar in nature to data security rules one might apply when considering privacy from the data security lens.
- Offering the option to monitor databases hosted within Cloud Pak for Data through external data security solutions such as IBM Security Guardium.
- Workflows that can be customized to allow data governance personnel and data security personnel to collaborate across enterprise wide policies and rules.
As a data platform, Cloud Pak for Data is designed to help manage the risk of the unknown using sophisticated information governance services available. Cloud Pak for Data mitigate risks by helping organizations:
- ‘Understand what they don’t know’ – Cloud Pak for Data offers the ability to run data discovery processes on both structured and unstructured data sources, eliminating dark data and identify ‘risky’ data. With the ‘InstaScan’ capability, Cloud Pak for Data empowers organizations to run a discovery process over file systems, allowing them to build trust in unstructured data.
- Stay compliant with industry regulations – Cloud Pak for Data provides the essential controls needed to stay compliant across many common industry regulations, from data lineage and access controls, to user management and integration.
Now, let’s turn our attention to another sticky problem CDOs are tasked with – enabling a ‘self-service’, data driven workforce. It is no surprise that this is a huge challenge given the many silos of data within most enterprises today. These come at a huge cost to the business and manifest through workforce productivity loss and suboptimal outcomes:
- Productivity loss – Getting access to clean, well-understood and curated data can take up to 12 weeks in some organizations. This leads to inordinate amount of time spent by data workers getting access to contextually appropriate data for their tasks at hand
- Suboptimal outcomes – Data workers using partial or incomplete data within their analysis leads to suboptimal and potentially incorrect decisions.
Breaking down these data silos meaningfully is a daunting task, but if successfully implemented, it can translate to a major cost savings for the business.
Enabling a governed, secure, self-service plane of data across the enterprise
Cloud Pak for Data delivers a governed, secure, self-serve enterprise data plane through in four key facets:
- Data Governance included as an enabler of the self-sufficient data workforce.
- Offering a Data Quality service that can be used to assess and enforce data quality standards as data is being discovered and cataloged.
- Security that is built into the core of the platform and expandable in the ecosystem.
- Data Virtualization as the single plane of glass for all data to come together within the enterprise, effectively elevating the silos of data to one data plane.
In conclusion, information governance and security do not need to need to be at odds with each other within the typical enterprise. Streamlining the two is a distinct possibility with Cloud Pak for Data, which in turn can also enable the safe, governed, self-service enterprise data plane. Give IBM Cloud Pack for Data a try today with our no cost trial.