Data is the viral sensation crashing the data governance capacity. Use of data is disrupting industries, economies, even some government elections. Unlocking the secrets data holds is the number one challenge in every single company regardless of the size or industry.
However, organizations are facing a challenge: having the framework is key. And yet, execution, as related to the individual silos, has become more and more difficult. Why?
Data’s Increasing Value
For one thing, if proper controls are not in place, the organization may incur significant fines from one of the regulators involved with ensuring and enforcing data privacy. Under Gramm Leach Bliley Act (GLBA), penalties for non-compliance can include fines of up to $100,000 per violation, with fines for officers and directors of up to $10,000 per violation. As if these fines are not significant enough, provisions include criminal penalties of up to five years in prison, and the revocation of licenses. Beyond the risk of fines and therefore reputation, the consolidation of data governance tools still poses a great challenge to most organizations today.
This report created and conducted by Precisely and Drexel University’s LeBow Center for Business Analytics (LeBow) found that only 64% of organizations surveyed had an ongoing data governance program in place. Only 43% said they had software in place, meaning that the majority of companies operate on ‘tribal knowledge’ at best.
On the flip side, 83% of the organizations with mature data governance programs saw value increase because they had federated access to their data, which improved business outcomes. It is clear that data governance is critical to the success of companies in today’s economic climate. However, the value is not derived from the data governance itself, but because these data-driven companies are able to provide their data analysts controlled and compliant access to more data. They can travel further ‘past the gate’ so to speak.
The desired outcome for data governance is to know instantly who has access to what data, for what purpose, according to which internal policy or external regulation, during what time, what was done with the data, where is the data now that it’s been transformed into something else, and then repeating again…but the execution falls short here. Why?
Today’s Data Governance Challenges
Here are the top reasons data governance cannot be maintained:
- Tools & Policies: Evaluation of tools, selection of tools, purchase of tools, onboarding of tools, and if not tools, the documentation explaining everything and the continual education of those policies takes time, and effort, not to mention that each silo may require its own tool.
- People: Employment, especially with the mass migration these past few years, is extremely fluid. Most enterprise companies hiring in data governance have 15% or more openings (per current LinkedIn job openings). With constant internal changes, there is a lot of effort with removing and changing permissions. Couple that with new software being added which will require more manpower for administrative setup and maintenance.
- Manual Effort: The majority of the process today in requesting and then gaining approval to access data in a controlled, compliant manner is currently manual (and unsustainable).
- Some data analysts do not have access to the applications they want the data from because it may take significant time and approval is not guaranteed. Most software is licensed by User so there may be additional cost involved from a software license perspective.
- “Data Policy” for the application may not exist on paper, it might be very general, or it may be too strict to provide access to the data sets that contain sensitive information.
- Data from multiple systems may be required, increasing the amount of time to retrieve, analyze, and prescribe insight such that the data becomes obsolete for its purpose.
- Putting the data set in a separate place to ensure governance proliferates the cost of storage and computation for technology departments.
- Once data is transformed, it takes effort to maintain consistent governance over what it has become.
Data governance is the gatekeeper of data today. The most prolific word said by the gatekeeper? “No.” i.e. No thanks. No access. Thus, the battle between value that could be there and actually getting to it continues, with “Access Denied” the common result of a request to access data. Data is the most vital asset in an organization today because within it lies the secret to improving revenue, reducing cost, compliance, and mitigating risk. The shortage of personnel, the need to access and utilize data, compounded with the difficulty in doing so. requires innovation, leaving a gap that Artificial Intelligence has the potential to fill.
The Future of Data Access Governance: AI
How? Below lists the top 6 ways AI can enable organizations to compliantly control access to data and encourage businesses to use more of its most critical asset.
- Understand Use Cases: The critical input for a system to self-learn is the purpose behind it. AI complements the input to categorize the uses, compare it to existing internal rules, understand what needs to be done to maintain compliance from a regulatory standpoint (ever changing external rules), match up with other systems of record and rules, and provide logs of all events that have taken place.
- Understand People: Active Directory, LDAP, SSO, and Individual Application Permissions are all manually configured input systems that maintain identities and characteristics of the user. Using AI to learn the many different roles and permissions that exist for individual users across an organization can be matched to the use cases as described above. That coupled with AI, allows for AI to determine access by request and as related to internal rules (policies) and external rules (regulatory requirements)
- Compliance Recommendations: If the use case, internal rules, external rules and the person are understood, the AI can make recommendations as to how to ensure compliance on the request.
- Compliance Execution: Execution on these recommendations can be done through AI, however, it is likely a human element is required for overseeing and accountability. AI could automatically execute actions perhaps if certain defined conditions or thresholds are met.
- Policy Recommendations and Maintenance: There are more and more data projects being launched every day because of the value created by insightful analysis. New use cases often require annotations or exceptions to the existing data policies that are in place. Different policies exist for many different applications. Maintaining policy against the increasing need for data can be solved using AI that automatically builds exceptions into policy, maintaining them across the enterprise dynamically. A policy engine connected to underlying databases of applications would enable access to data without requiring access to the application itself.
- Data Opportunity Recommendations: AI can introduce a specific data set that was previously unknown. By learning use cases, understanding people, recommending, and executing compliance, updating data policies automatically, the system can learn what users are looking for and deliver it to them before they request it.
In summary, for companies that want to make use of their most valuable asset in today’s economy, look to deploy artificial intelligence in your data governance process to address challenges of today and opportunities of tomorrow. AI is a future happening all around us today made clear when a challenging situation requires it. Using AI in Data Governance can be an enabler of opportunity and success.