Don’t Be Intimidated By Data Governance

Don’t Be Intimidated By Data Governance

Data Governance

Data governance, the understanding of the raw data of an organization is an area IT departments have historically viewed as a lose-lose proposition. Not doing anything means organizations run the risk of data loss, data breaches and data anarchy – no control, no oversight – the Wild West with IT is just hoping for the best. On the flipside, opening the hood and checking if policies or regulations are being respected means you have to do something about it: define new policies and enforce them everywhere you have data, a months long process that involves people’s time, money, developing new skills, external experts and a lot of pain for IT.

Content Governance is about understanding the unknowns when it comes to your content and answering questions: what do we know about our content? Is it encrypted and stored at the right location? Are the right people is accessing it? Is this file subject to regulations or is it confidential and protected accordingly? What will be the business impact if it is accidentally deleted? It’s a holistic look at the sum of what is produced by your business.

data-policy

The reality is that all businesses content needs to be governed. In my interactions with customers, Chief Information Officers (CIOs), Chief Data Officers (CDOs) and other peers there are several recurring themes or myths that come up, here’s a look at them and some suggestions for tackling the issues:

1. A content governance solution is long and costly to install. We need experts.

Historically this has been the case with on-premises solutions that require a lot of servers. The more data to analyze the more servers you needed. In addition, running perpetual license software meant organizations needed costly professional services experts to deploy it. By the time an organization was ready to update its content governance policies IT would usually find siloed, inconsistent and outdated systems – a patchwork solution that had been ignored.

This problem is solved with a software-as-a-service (SaaS) content governance solution. No additional hardware, no experts needed. It’s like a whole team of data scientists working for you in the cloud.

2. There is no one size fits-all solution; I need many content governance solutions to cover all my content repositories

This one is actually not a myth. To date, most solutions are very specific, working only for email or only for Microsoft SharePoint and others. These solutions do not play nice across repositories and leave IT in a bind where there are specialty solutions for each type of repository and no single source of the truth.

The fix here is to look to a solution that is open and supports a broad variety of repositories and when it does not support the one you need natively, ensure the solution has a software developer tool kit (SDK) so you or your content repository vendor can integrate with it. This type of solution removes the silo effect and creates a single source of the truth in an agnostic way allowing customization of policies and the ability to apply them across the board all at once.

3. For my cloud content the only option is to rely on the vendors native content governance solution

It’s true that the majority of data governance solutions are mainly focused on on-premises content. Also the cloud is quite new and there is no “cloud standard” for content. As a result, a lot of cloud content applications have their own governance tool. The problem is these solutions are limited (you can’t be an expert at everything) and it means for every app you need to use a different tool, limiting your visibility and control and making your content governance quality dependent on each provider.

The fix here is to abstract the content layer (where the data lives) from the governance logic (how the data is managed) so the policies can applied to any content and the implementation of these policies are translated for each repository. Such an overlay solution will have to be hybrid and unify views across repositories with a consistent level of control.

4. Most content governance solutions are biased and encourage an upsell of their own back-up, archiving or disaster recovery solutions

Historically, content governance has been an adjacent market for data storage vendors with archiving, disaster recovery or back-up solutions leaving customers wondering if the classification telling them which data was mission-critical (typically a huge amount) and had to be duplicated was not a self-fulfilling prophecy to cross-sell solutions. How can you trust a content governance recommendation when interests are not aligned?

Going back to our key of being open, the solution to busting this myth is to look for a vendor that is content repository and data storage agnostic, independent and open. This will allow you to separate the vendor from the solution, the action of the recommendation versus the recommendation. No matter what the recommendation for managing your content, the goal should be to separate the solution from the vendor and ensure the vendor you select can work agnostically across repositories.

5. If my organization deploys a content governance solution, the usability and productivity of users will be impacted

Introducing content governance means monitoring all activities around your content and making the best decision on how to protect it. Solutions designed with IT in mind often ignore usability for non-IT employees. If it takes a knowledge worker more time to look for content on a repository or to even access it there will be dissatisfaction and business productivity loss – users will be driven towards so-called ‘shadow IT’.

The key to avoiding this is to select a vendor that has collaboration expertise and understands content workflow – how information moves throughout the enterprise. The goal should be to control the content not the apps or the users.

At its core a content governance solution allows businesses to understand more about their data, create and enforce policies to govern it and use this information for business insight and decision-making. The goal is to be open, collaborative and supportive of multiple repositories while still supporting contractual and regulatory requirements. To be more productive, users will select their preferred apps regardless of attempts by IT to control them. Instead IT should focus on the content and how it is being access by these users (not the apps).

The Win-Win: users can interact across repositories in an agnostic way and IT can sleep at night.

By Isabelle Guis, Chief Strategy Officer, Egnyte

Isabelle-GuidIsabelle Guis is the Chief Marketing and Strategy Officer at Egnyte, overseeing all global marketing as well as product and go-to-market strategies. She previously served as EMC’s vice president of Marketing for the Public Cloud Solutions Group and Enterprise Storage Division, driving cloud buyer and service provider segmentations, as well as messaging, product positioning and go-to-market strategies for the company’s core storage solutions.

Isabelle has also held leadership positions at Avaya, Big Switch Networks, Cisco Systems, and Nortel Networks. She holds a Master of Science in Electrical Engineering and Computer Science from Supelec (France), and an MBA from Harvard Business School.

About CloudTweaks

Established in 2009, CloudTweaks is recognized as one of the leading authorities in connected technology information and services.

We embrace and instill thought leadership insights, relevant and timely news related stories, unbiased benchmark reporting as well as offer green/cleantech learning and consultive services around the world.

Our vision is to create awareness and to help find innovative ways to connect our planet in a positive eco-friendly manner.

In the meantime, you may connect with CloudTweaks by following and sharing our resources.

View All Articles

Sorry, comments are closed for this post.

Comics
How To Overcome Data Insecurity In The Cloud

How To Overcome Data Insecurity In The Cloud

Data Insecurity In The Cloud Today’s escalating attacks, vulnerabilities, breaches, and losses have cut deeply across organizations and captured the attention of, regulators, investors and most importantly customers. In many cases such incidents have completely eroded customer trust in a company, its services and its employees. The challenge of ensuring data security is far more…

Data Breaches: Incident Response Planning – Part 1

Data Breaches: Incident Response Planning – Part 1

Incident Response Planning – Part 1 The topic of cybersecurity has become part of the boardroom agendas in the last couple of years, and not surprisingly — these days, it’s almost impossible to read news headlines without noticing yet another story about a data breach. As cybersecurity shifts from being a strictly IT issue to…

Through the Looking Glass: 2017 Tech and Security Industry Predictions

Through the Looking Glass: 2017 Tech and Security Industry Predictions

2017 Tech and Security Industry Predictions As we close out 2016, which didn’t start off very well for tech IPOs, momentum and performance has increased in the second half, and I believe that will continue well into 2017. M&A activity will also increase as many of the incumbents will realize that they need to inject…

The Fully Aware, Hybrid-Cloud Approach

The Fully Aware, Hybrid-Cloud Approach

Hybrid-Cloud Approach For over 20 years, organizations have been attempting to secure their networks and protect their data. However, have any of their efforts really improved security? Today we hear journalists and industry experts talk about the erosion of the perimeter. Some say it’s squishy, others say it’s spongy, and yet another claims it crunchy.…

The Five Rules of Security and Compliance in the Public Cloud Era

The Five Rules of Security and Compliance in the Public Cloud Era

Security and Compliance  With technology at the heart of businesses today, IT systems and data are being targeted by criminals, competitors and even foreign governments. Every day, we hear about how another retailer, bank or Internet company has been hacked and private information of customers or employees stolen. Governments and oversight organizations are responding to…

Are Cloud Solutions Secure Enough Out-of-the-box?

Are Cloud Solutions Secure Enough Out-of-the-box?

Out-of-the-box Cloud Solutions Although people may argue that data is not safe in the Cloud because using cloud infrastructure requires trusting another party to look after mission critical data, cloud services actually are more secure than legacy systems. In fact, a recent study on the state of cloud security in the enterprise market revealed that…

Connecting With Customers In The Cloud

Connecting With Customers In The Cloud

Customers in the Cloud Global enterprises in every industry are increasingly turning to cloud-based innovators like Salesforce, ServiceNow, WorkDay and Aria, to handle critical systems like billing, IT services, HCM and CRM. One need look no further than Salesforce’s and Amazon’s most recent earnings report, to see this indeed is not a passing fad, but…

Maintaining Network Performance And Security In Hybrid Cloud Environments

Maintaining Network Performance And Security In Hybrid Cloud Environments

Hybrid Cloud Environments After several years of steady cloud adoption in the enterprise, an interesting trend has emerged: More companies are retaining their existing, on-premise IT infrastructures while also embracing the latest cloud technologies. In fact, IDC predicts markets for such hybrid cloud environments will grow from the over $25 billion global market we saw…