The cloud has become one of the most popular hosting destinations for businesses, thanks to the decentralized provision of modern, cost-effective computing resources. In particular, there has been a sharp rise in cloud-based data warehousing, due to the abundant storage capacity and easy scalability of these server instances.
Despite these benefits, there is still a requirement for comprehensive data governance in the cloud. Effective data governance requires you to have a thorough understanding of the interactions made between employees/customers and your existing datasets. This includes how your current policies and processes may affect compliance, and constant re-analysis of said policies as laws and regulations change over time.
Let’s discuss some best practices for your cloud data governance policy.
Proper analysis and categorization of information can significantly reduce the risks associated with the storage of sensitive data. This process involves understanding the relationships between your datasets and modeling them in a way that improves your ability to extract insight. As a minimum, you should ascertain key qualitative attributes such as:
Both the owner and creator of the data
The creation date
The size of the data asset
How sensitive the asset is
Understanding this information will allow you to improve the relevance of query results, and determine the best place for storage of these datasets on your network. When categorizing the asset by sensitivity, you can also restrict access to specific employees, reducing the risk of information being mishandled internally.
With GDPR and CCPA, knowing the owner and storage location can significantly improve your response times to freedom of information requests. This also simplifies adherence to data deletion requests, as you can quickly pinpoint where the information is and who owns it.
Consumers pay less attention to the accuracy of data during input when compared to internal staff. This could be as simple as using the upper-case on names, but regularly includes incorrect address formatting and the omission of area codes on phone numbers.
Proper data quality governance can help you maintain accurate and useful records against customers. This will require you to create specific validation controls aligned with your industry demands.
You should pay close attention to:
Accuracy – Is the data current? Does the customer still have this phone number, address, etc?
Consistency – Is there a discrepancy between differing stored datasets? Does Jane Doe live at X address in both your customer service and finance department databases?
Conclusive – Are you fully populating all relevant data fields on this person, to maximize insight?
Compare – How does your data quality compare when measured against pre-established standards like ISO 9000:2015?
Validation – Does the address contain a zip code, state? Does your phone number contain letters? Be sure to validate your datasets to maximize their potential, and avoid errors.
Hiding access to sensitive information behind a specific user account is not enough in the current IT landscape. There are many ways in which data can be compromised online, and you need to take a multi-faceted approach to cybersecurity when dealing with sensitive information.
Encryption At Rest – This is typically aimed at archived storage, and requires that proper security protections are in place to protect dormant datasets. The best way to achieve this is full disk-based encryption, so even in the event of physical theft, your data is obfuscated without knowledge of the correct password.
Encryption In Transit – This is particularly important during financial transactions or transmission of identity documents like passports. In the past, it has been possible to intercept network traffic containing sensitive information, resulting in a data breach. Using standards like Transport Layer Security (TLS), Secure Socket Layer (SSL) and Hypertext Transfer Protocol Secure (HTTPS) will encrypt all information going in and out of your network, protecting you and your customers from attackers. Do note: Google has been penalizing websites that don’t use HTTPS since 2017, displaying a security warning before you can access the site—a considerable deterrent for potential customers!
Trianz is a leading IT consultancy firm specialized in Data Governance management. We have decades of experience working with clients to create security-focused IT strategies, both on-premises and in the cloud.
The stakes have never been higher when it comes to data protection. Your finances, reputation, and customers are on the line. That’s why we work with you to identify and implement industry-leading solutions that guarantee adherence to regulations like GDPR, CCPA, HIPAA, and PCI-DSS.
Get in touch with our consulting team, and find out how you can secure your Data Governance strategy today!
Contact Us Today
What Is an SQL Query Engine? SQL query engine architecture was designed to allow users to query a variety of data sources within a single query. While early SQL-based query engines such as Apache Hive allowed analysts to cut through the clutter of analytical data, they found running SQL analytics on multi-petabyte data warehouses to be a time-intensive process that was difficult to visualize and hard to scale.Explore
A Winning Base for Successful Digital Transformations When it comes to developing a successful digital strategy, it is not just corporations planning to maximize the benefits of data assets and technology-focused initiatives. The Government of Western Australia recently unveiled four key priorities for digital reform in its new Digital Strategy for 2021-2025.Explore
Engage Your Workforce with a Modern Employee Intranet Solution The employee intranet has changed significantly since it was first introduced in the early 1990s. What started as HTML-based static portals have now evolved into intuitive communication tools complete with search engines, user profiles, blogs, event planners, and more. Today, many organizations are taking a second look at employee intranets to bridge gaps between teams, build company culture, centralize information, increase productivity, and improve workflow.Explore
Adopting emerging cloud technologies, consolidating resources, and improving processes is the key. “IT no longer just supports corporate operations as it traditionally has but is fully participating in business value delivery. Not only does this shift IT from a back-office role to the front of business, but it also changes the source of funding from an overhead expense that is maintained, monitored, and sometimes cut, to the thing that drives revenue,” said John-David Lovelock, research vice president at Gartner.Explore
Deliver Powerful Insights Instantaneously with Federated Queries - No Matter Where Your Data Resides The concept of federated queries isn’t new. Facebook PrestoDB popularized the idea of distributed structured query language (SQL) query engines in 2013. Over the years, AWS, Google, Microsoft, and many others in the industry have accelerated the adoption of a distributed query engine model within their products. For example, AWS developed Amazon Athena on top of the Presto code base, while Google’s BigQuery is based on Cloud SQL.Explore
What is Unstructured Data? Almost 80% of the data that enterprises and organizations collect is unstructured - data without a set record format or structure. Unstructured data includes data such as emails, web pages, PDFs, documents, customer feedback, in-app reviews, social media, video files, audio files, and images.Explore