Increased awareness of data privacy has led to the implementation of data control measures. Used correctly, these safeguards can work to ensure security without impeding business agility. However, controlling access to data sources, both on-premises and cloud, while enabling business agility and competitive advantage has proven to be a challenge. Primarily, this is due to a lack of understanding of policies, data, and systems by the various personas involved in the enterprise data governance processー namely policy drivers, policy implementers, and data consumers.
Policy drivers, such as centralized governance boards, understand privacy regulations and policies, but not how these policies are implemented in IT systems or how data is used to make business decisions. Policy implementers, largely composed of data infrastructure teams in IT, are experts in systems and policy implementation, but they don’t have a good understanding of privacy regulations or data’s impact on business decisions. Similarly, data consumers, such as data scientists and business analysts, understand how data can be used to drive business decisions and gauge organizational performance, but they lack an understanding of privacy regulations and system implementation. Consequently, enterprises often struggle to construct data governance ecosystems that facilitate authorized access to data, enable compliance with privacy and industry regulations and can keep pace with the business’s need to share data internally and externally.
Over the years, businesses have tried a number of different approaches to strike a balance between the interests of policy drivers, implementers, and data consumers. However, to be truly effective, organizations have been applying a delegated approach to data governance to offer greater flexibility in aligning the interests of each persona with their respective competencies. Using a delegated approach, a centralized data governance board defines corporate-wide access governance policies, but provides each business unit the flexibility to enforce policies based on their unique needs. Other aspects of a delegated data governance approach involve IT selecting and implementing the governance technology, but the enforcement of access control policies using the technology is delegated to the business units through data stewards, who are part of each business unit. As a result of this alignment, data consumers can gain faster access to authorized and trusted data.
To achieve further alignment, it is much more effective to think of data as domain-specific groups rather than thinking of data in terms of discrete sets spread across cloud services and on-premises data sources. Enterprises can aggregate sales, marketing, or other organizational data from the cloud and on-premises data sources into logical groupings. We call these logical groups Data Domains. Data Domains are much more conducive to sharing data with internal and external consumers because data owners in an enterprise can list their Data Domains in a catalog, which data consumers can browse through and request access to the datasets they need. Another important aspect of Data Domains is the role that IT plays in creating specific access policies, while aggregating data into Data Domains.
Data owners can now share their Data Domains with data consumers with the confidence that they are protected by policies based on the requirements of their business units. This framework works equally well for internal as well as external audiences. For data scientists and analysts in functional areas such as sales, marketing, and finance, the process of getting access to data becomes more streamlined as they no longer have to search for domain-specific data spread across a number of on-premises and cloud services. This is because the data has already been aggregated into Data Domains for them. Companies that are part of an ecosystem such as manufacturers, suppliers, and retailers are more likely to generate higher returns by sharing data externally with the confidence that their data will only be accessed by authorized personnel.
A delegated data governance model, combined with the concept of Data Domains, aligns the organization’s need to share data internally and externallyー with authorized accessibility, visibility, and business agility. More importantly, it takes into account the competencies of the various data governance personas. A modern data access governance platform maximizes the value of enterprise data by providing agile and secure access to the users at a petabyte scale across open cloud and on-premises services.