Battle the Dark Side of Data Governance

2. 2© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential. 2© 2018 IDERA, Inc. All rights reserved. IN A GALAXY NOT SO FAR AWAY …  It is a dark time for all citizens of the galaxy.  The data that we generate is growing more quickly than our ability to manage and control it, yet we have an unquenchable thirst for more.  The dark forces continue to strike through breaches and misuse, threatening our privacy and well-being.  Criminals pursue and steal our identities, with malicious intent.  Other breaches are simply through errors, due to lack of awareness.  The lawmakers regulate in an attempt to control, levying financial penalties, which penalizes offenders but still fails to protect the innocent.  We must channel the force, maximizing the knowledge at our disposal.  A project or program addressing a specific regulation will not suffice. We need to establish a culture of data awareness and prevention that is part of how we conduct ourselves, each and every day...

3. 3© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential. 3© 2018 IDERA, Inc. All rights reserved. DISCUSSION TOPICS  Data Security and Privacy Regulations  Implications  The Dark Side • How do we address it?  Channeling the Force • Enterprise Architecture • Models • Integrated Metadata Repository • Collaboration  Examples  Summary  Q&A

4. 4© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential. 4© 2018 IDERA, Inc. All rights reserved. DATA SECURITY AND PRIVACY  Examples • Global Data Protection Regulation (GDPR) • Health Insurance Portability & Accountability Act (HIPAA) • Sarbanes Oxley (SOX)  Some GDPR Imperatives: • May 25, 2018 (less than 3 months away) • Huge fines • Applies globally • Any/All organizations holding EU citizen’s data • Law requires “privacy by design and default” • 2 categories of personal data • Standard personal data − Names, addresses, web audit data • Special personal Data − Private data (ID’s like SSN, credit card info,bank account info etc) − Biometric, genetic, racial/ethnic origin …

5. 5© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential. 5© 2018 IDERA, Inc. All rights reserved. HOW AND WHAT DATA IS COLLECTED? * Business Process Diagram created using ER/Studio Business Architect

6. 6© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential. 6© 2018 IDERA, Inc. All rights reserved. PRIVACY IMPLICATIONS  Where is the data?  What is it? • Which privacy laws could affect it? • Requires classification!  Who has access to it? • Access requirements • Permissions • Data masking

7. 7© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential. 7© 2018 IDERA, Inc. All rights reserved. SOME INSIGHT INTO THE DARK SIDE  Fear is the path to the dark side…fear leads to anger…anger leads to hate…hate leads to suffering  Comply not – pay huge fines you will.  Do. Or do not. There is no try!  A Jedi uses the Force for knowledge and defense

8. 8© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential. 8© 2018 IDERA, Inc. All rights reserved. ADDRESSING OUR OWN DARK SIDE  Unaware: “The regulation doesn’t apply to us.” • Are you sure about that?  Procrastination: “Nobody is ready. They will push the compliance date back.” • No, they won’t.  Lack of full understanding: Assuming minimal safeguards will suffice. • There are complex implications to regulatory requirements such as • The right to be forgotten • A person’s right to full disclosure and review of information that is being tracked about them  Many regulatory requirements (but not all) should come as no surprise. They represent practices that we should be following anyway, even without the regulations. • Just like seat belt laws don’t make us safer when driving. Wearing the seatbelts makes us safer, with or without a law.  We need to be “proactive” rather than “reactive” in establishing governance policies and procedures.

9. 9© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential. 9© 2018 IDERA, Inc. All rights reserved. HOW TO CHANNEL THE FORCE: ENTERPRISE ARCHITECTURE Enterprise Enablement ApplicationArchitecture BusinessArchitecture TechnicalArchitecture Data Architecture Governance

10. 10© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential. 10© 2018 IDERA, Inc. All rights reserved. SOME QUESTIONS MODELING CAN ANSWER  To understand organizational data • What’s important? • Where is it? (can be may places) • Where did it come from? • How is it used (business processes)? • What is the chain of custody? • What are the business rules?  Governance • How do I identify private information? • How long should I keep the information? • Master Data Management classification • Data quality • Is it fit for purpose? • What changed and why?

11. 11© 2018 IDERA, Inc. All rights reserved. APPROACH AND UNDERLYING ARCHITECTURE ARE EVERYTHING!  Metadata Repository only • Metadata import • Metadata Catalog (without visual models) • Text search & lookup • Like the “Flat Earth Society”  Fully integrated metadata and visual models (ER/Studio) • Global perspective & focal point for: • Data Models, Business Process Models • Visual Data Lineage • Metadata, Policies, Reference Data

12. 12© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential. 12© 2018 IDERA, Inc. All rights reserved. INTEGRATED MODELING, ENTERPRISE ARCHITECTURE, GOVERNANCE COLLABORATION PLATFORM Enterprise Data Dictionaries Logical & Physical Data Models Dimensional Models Visual Data Lineage Conceptual Data Models Business Process Models Goals & Strategies Applications Business Units Business Rules Stewards Business Glossaries Business Concepts Reference Data Sets Policies Alerts & Notifications Security Follow Capability Discussion Threads Data Sources

13. 13© 2018 IDERA, Inc. All rights reserved. HOW WE ACCOMPLISH THIS WITH ER/STUDIO ENTERPRISE TEAM EDITION  Glossary + Terms • Classification + member • Business Glossary & Terms • Policies and Rules • Reference Data Sets − Internally defines − Externally defined • Limitless hierarchy • Limitless associations to • Other instances (terms) • Model elements • Custom Attributes  Data Dictionary • Published from ER/Studio Models • Data Architect • Data Models • Lineage • Enterprise Data Dictionary • Business Architect • Business Rules • Organization Structure  Collaboration • Discussions • Streams  Stewardship • Assigned responsibilities • Permissions  Privacy and Security • Define policies and associate • Attachments • Security properties • Notifications  Full integration and visualization of • Data Models • Conceptual, Logical, Physical Data Models • Business Process Diagrams • Data Lineage/Transformations

25. 25© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential. 25© 2018 IDERA, Inc. All rights reserved. SUMMARY  Organizations must establish governance to address multiple data privacy regulations with varying complexity and impact  Conquer the dark side using integrated enterprise architecture • Data Modeling • Process Modeling • Data Lineage • Metadata collaboration  Channel your inner “data Jedi” to establish a proactive data culture  We need to establish a culture of data awareness and prevention that is part of how we conduct ourselves, each and every day...  Do. Or do not. There is no try!

Battle the Dark Side of Data Governance

Vous êtes en train de lire un aperçu.

Consultez-les par la suite

Battle the Dark Side of Data Governance

Plus De Contenu Connexe

Diaporamas pour vous (20)

Similaire à Battle the Dark Side of Data Governance (20)

Plus par DATAVERSITY (20)

Plus récents (20)