Archive

Archive for October, 2014

Data Governance in the Cloud


It has been a quite a while since I’ve written about Data Governance and quite a lot has changed over the past few years.  From the rise of cloud computing to the unfortunate increase in data breaches, the landscape of data has changed swiftly over time.  Today I wanted to talk a little bit about how data governance is changing and evolving in this new age of cloud computing.

Regulation Mandates

There are regulatory mandates that come into play once a company decides to place data in the cloud, outside of their private server farm.  Depending on the industry, the cloud service provider may be required to have different certifications in place or adhere to specific industry standards.  While this isn’t an issue with the big players such as Amazon Web Services or Microsoft Azure, the smaller players who may be more flexible to meet your needs might not have the required certifications.

Security Consideration

While security is not typically in the domain of data governance, putting data in the cloud means that the data governance team needs to understand the tokenization and encryption in place. No private data should be stored in the cloud in plain-text, but rather it should be replaced with either a token value or strongly encrypted.  This security needs to be noted in the data governance documentation. Because of data governance’s involvement in cloud computing, cloud security firms now have data governance-specific options to help with this securitization and documentation process.

API Management

The cloud makes it easy to launch an API which will allow other enterprise software to easily integrate data into other apps.  In the old days, it would take large teams months of works and stacks of documentation to integrate systems, but now spinning up an API can be done in a week.  Cloud services make this data sharing easy, but API access also means the data can end up in other places and updated by third-parties.  Because of this, APIs and their access rights need to be clearly documented by the data governance team.

The cloud is exciting and is changing the way we all work, mostly for the better.  Because the cloud is almost a given for IT now, strong Data Governance processes and procedures need to be in place to ensure that the valuable data in an organization isn’t mismanaged or abused.