Ce diaporama a bien été signalé.
Le téléchargement de votre SlideShare est en cours. ×

Battle the Dark Side of Data Governance

Publicité
Publicité
Publicité
Publicité
Publicité
Publicité
Publicité
Publicité
Publicité
Publicité
Publicité
Publicité
Prochain SlideShare
Modeling Data Governance
Modeling Data Governance
Chargement dans…3
×

Consultez-les par la suite

1 sur 26 Publicité

Battle the Dark Side of Data Governance

Télécharger pour lire hors ligne

On May 25th, 2018, Star Wars fans will enjoy a new movie while organizations world-wide must protect their EU customers’ data or risk the high penalties of non-compliance. Regulations such as SOX, HIPAA, and GDPR bring about specific requirements, rules, and guidelines for data governance that need to be understood and implemented to avoid serious fines. Tackling these will take a team effort - you can’t do this solo. IDERA’s Ron Huizenga will discuss how you can channel the Force for your data architecture with a high-level overview of the impact of industry and government regulations as well as address steps you can take within your data architecture to conquer the regulatory storm-troopers.

On May 25th, 2018, Star Wars fans will enjoy a new movie while organizations world-wide must protect their EU customers’ data or risk the high penalties of non-compliance. Regulations such as SOX, HIPAA, and GDPR bring about specific requirements, rules, and guidelines for data governance that need to be understood and implemented to avoid serious fines. Tackling these will take a team effort - you can’t do this solo. IDERA’s Ron Huizenga will discuss how you can channel the Force for your data architecture with a high-level overview of the impact of industry and government regulations as well as address steps you can take within your data architecture to conquer the regulatory storm-troopers.

Publicité
Publicité

Plus De Contenu Connexe

Diaporamas pour vous (20)

Similaire à Battle the Dark Side of Data Governance (20)

Publicité

Plus par DATAVERSITY (20)

Plus récents (20)

Publicité

Battle the Dark Side of Data Governance

  1. 1. 1© 2018 IDERA, Inc. All rights reserved. BATTLE THE DARK SIDE OF DATA GOVERNANCE FEBRUARY 27, 2018 Ron Huizenga Senior Product Manager, Enterprise Architecture & Modeling @DataAviator
  2. 2. 2© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential. 2© 2018 IDERA, Inc. All rights reserved. IN A GALAXY NOT SO FAR AWAY …  It is a dark time for all citizens of the galaxy.  The data that we generate is growing more quickly than our ability to manage and control it, yet we have an unquenchable thirst for more.  The dark forces continue to strike through breaches and misuse, threatening our privacy and well-being.  Criminals pursue and steal our identities, with malicious intent.  Other breaches are simply through errors, due to lack of awareness.  The lawmakers regulate in an attempt to control, levying financial penalties, which penalizes offenders but still fails to protect the innocent.  We must channel the force, maximizing the knowledge at our disposal.  A project or program addressing a specific regulation will not suffice. We need to establish a culture of data awareness and prevention that is part of how we conduct ourselves, each and every day...
  3. 3. 3© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential. 3© 2018 IDERA, Inc. All rights reserved. DISCUSSION TOPICS  Data Security and Privacy Regulations  Implications  The Dark Side • How do we address it?  Channeling the Force • Enterprise Architecture • Models • Integrated Metadata Repository • Collaboration  Examples  Summary  Q&A
  4. 4. 4© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential. 4© 2018 IDERA, Inc. All rights reserved. DATA SECURITY AND PRIVACY  Examples • Global Data Protection Regulation (GDPR) • Health Insurance Portability & Accountability Act (HIPAA) • Sarbanes Oxley (SOX)  Some GDPR Imperatives: • May 25, 2018 (less than 3 months away) • Huge fines • Applies globally • Any/All organizations holding EU citizen’s data • Law requires “privacy by design and default” • 2 categories of personal data • Standard personal data − Names, addresses, web audit data • Special personal Data − Private data (ID’s like SSN, credit card info,bank account info etc) − Biometric, genetic, racial/ethnic origin …
  5. 5. 5© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential. 5© 2018 IDERA, Inc. All rights reserved. HOW AND WHAT DATA IS COLLECTED? * Business Process Diagram created using ER/Studio Business Architect
  6. 6. 6© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential. 6© 2018 IDERA, Inc. All rights reserved. PRIVACY IMPLICATIONS  Where is the data?  What is it? • Which privacy laws could affect it? • Requires classification!  Who has access to it? • Access requirements • Permissions • Data masking
  7. 7. 7© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential. 7© 2018 IDERA, Inc. All rights reserved. SOME INSIGHT INTO THE DARK SIDE  Fear is the path to the dark side…fear leads to anger…anger leads to hate…hate leads to suffering  Comply not – pay huge fines you will.  Do. Or do not. There is no try!  A Jedi uses the Force for knowledge and defense
  8. 8. 8© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential. 8© 2018 IDERA, Inc. All rights reserved. ADDRESSING OUR OWN DARK SIDE  Unaware: “The regulation doesn’t apply to us.” • Are you sure about that?  Procrastination: “Nobody is ready. They will push the compliance date back.” • No, they won’t.  Lack of full understanding: Assuming minimal safeguards will suffice. • There are complex implications to regulatory requirements such as • The right to be forgotten • A person’s right to full disclosure and review of information that is being tracked about them  Many regulatory requirements (but not all) should come as no surprise. They represent practices that we should be following anyway, even without the regulations. • Just like seat belt laws don’t make us safer when driving. Wearing the seatbelts makes us safer, with or without a law.  We need to be “proactive” rather than “reactive” in establishing governance policies and procedures.
  9. 9. 9© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential. 9© 2018 IDERA, Inc. All rights reserved. HOW TO CHANNEL THE FORCE: ENTERPRISE ARCHITECTURE Enterprise Enablement ApplicationArchitecture BusinessArchitecture TechnicalArchitecture Data Architecture Governance
  10. 10. 10© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential. 10© 2018 IDERA, Inc. All rights reserved. SOME QUESTIONS MODELING CAN ANSWER  To understand organizational data • What’s important? • Where is it? (can be may places) • Where did it come from? • How is it used (business processes)? • What is the chain of custody? • What are the business rules?  Governance • How do I identify private information? • How long should I keep the information? • Master Data Management classification • Data quality • Is it fit for purpose? • What changed and why?
  11. 11. 11© 2018 IDERA, Inc. All rights reserved. APPROACH AND UNDERLYING ARCHITECTURE ARE EVERYTHING!  Metadata Repository only • Metadata import • Metadata Catalog (without visual models) • Text search & lookup • Like the “Flat Earth Society”  Fully integrated metadata and visual models (ER/Studio) • Global perspective & focal point for: • Data Models, Business Process Models • Visual Data Lineage • Metadata, Policies, Reference Data
  12. 12. 12© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential. 12© 2018 IDERA, Inc. All rights reserved. INTEGRATED MODELING, ENTERPRISE ARCHITECTURE, GOVERNANCE COLLABORATION PLATFORM Enterprise Data Dictionaries Logical & Physical Data Models Dimensional Models Visual Data Lineage Conceptual Data Models Business Process Models Goals & Strategies Applications Business Units Business Rules Stewards Business Glossaries Business Concepts Reference Data Sets Policies Alerts & Notifications Security Follow Capability Discussion Threads Data Sources
  13. 13. 13© 2018 IDERA, Inc. All rights reserved. HOW WE ACCOMPLISH THIS WITH ER/STUDIO ENTERPRISE TEAM EDITION  Glossary + Terms • Classification + member • Business Glossary & Terms • Policies and Rules • Reference Data Sets − Internally defines − Externally defined • Limitless hierarchy • Limitless associations to • Other instances (terms) • Model elements • Custom Attributes  Data Dictionary • Published from ER/Studio Models • Data Architect • Data Models • Lineage • Enterprise Data Dictionary • Business Architect • Business Rules • Organization Structure  Collaboration • Discussions • Streams  Stewardship • Assigned responsibilities • Permissions  Privacy and Security • Define policies and associate • Attachments • Security properties • Notifications  Full integration and visualization of • Data Models • Conceptual, Logical, Physical Data Models • Business Process Diagrams • Data Lineage/Transformations
  14. 14. 14© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential. 14© 2018 IDERA, Inc. All rights reserved. GOVERNANCE POLICY HIERARCHY
  15. 15. 15© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential. 15© 2018 IDERA, Inc. All rights reserved. SPECIFIC REGULATION (GDPR)
  16. 16. 16© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential. 16© 2018 IDERA, Inc. All rights reserved. GDPR: SPECIFIC POLICY STATEMENTS
  17. 17. 17© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential. 17© 2018 IDERA, Inc. All rights reserved. SPECIFIC REGULATION (HIPAA)
  18. 18. 18© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential. 18© 2018 IDERA, Inc. All rights reserved. HIPAA: SPECIFIC POLICY STATEMENTS
  19. 19. 19© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential. 19© 2018 IDERA, Inc. All rights reserved. HIPAA: PATIENT INFORMATION
  20. 20. 20© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential. 20© 2018 IDERA, Inc. All rights reserved. HIPAA: RELATED POLICY STATEMENTS FOR THE OBJECT
  21. 21. 21© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential. 21© 2018 IDERA, Inc. All rights reserved. LINKED MODEL DIAGRAM
  22. 22. 22© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential. 22© 2018 IDERA, Inc. All rights reserved. REFERENCE DATA SET LIBRARY
  23. 23. 23© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential. 23© 2018 IDERA, Inc. All rights reserved. SPECIFIC REFERENCE DATA SETS (LINK TO SOURCE)
  24. 24. 24© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential. 24© 2018 IDERA, Inc. All rights reserved. REFERENCE DATA: LINKED WORKBOOK EXAMPLE
  25. 25. 25© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential. 25© 2018 IDERA, Inc. All rights reserved. SUMMARY  Organizations must establish governance to address multiple data privacy regulations with varying complexity and impact  Conquer the dark side using integrated enterprise architecture • Data Modeling • Process Modeling • Data Lineage • Metadata collaboration  Channel your inner “data Jedi” to establish a proactive data culture  We need to establish a culture of data awareness and prevention that is part of how we conduct ourselves, each and every day...  Do. Or do not. There is no try!
  26. 26. 26© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential. 26© 2018 IDERA, Inc. All rights reserved. THANKS! Any questions? You can find me at: ron.huizenga@idera.com @DataAviator

×