Toggle Menu

Security & Data Governance

Get the Best Results from Your AI Solution

AI models, modern analytics, and data visualizations all rely on having access to quality data and assurance that data complies with security requirements. Defining your organizational approach to data governance, including data security, addresses this complex ecosystem of challenges—and we’re here to help guide your efforts. 

All organizations make decisions about data and seek to maximize their enterprise data assets. A formal data governance framework promotes active planning and management of data assets and provides multiple benefits to data users across an organization. These benefits include increased data consistency, formalizing and enforcing data access rules, defining privacy and security policies, monitoring data quality, and tracking data usage.  

What is Data Governance?

“Data governance is a collection of components—data, roles, processes, communications, metrics, and tools—that help organizations formally manage and gain better control over data assets. As a result, organizations can best balance security with accessibility and be compliant with standards and regulations while ensuring data assets go where the business needs them most.” Dataversity.

A data governance framework goes beyond the technical and security requirements of managing and protecting information. Data users need tools, defined processes, and effective education to ensure the right people have access to the information they need at the right time. A good data governance framework also ensures that nefarious actors are barred from accessing data systems.

Goals of Data Governance

Determining goals for data governance will shape how you proceed with developing your framework. Common goals include:

Improving data quality to increase user confidence in AI and analytics results
Reducing costs and eliminating duplication

Enabling data led decision making

Ensuring compliance with quality and security standards
Making data easier to locate and use

Key Components of a Successful Governance Strategy

Our approach is embedded in our modern analytics and AI work. We strengthen data governance and security efforts within an organization by using proven practices, adopting Agile principles, and shifting left on security to build in these considerations from the start. Our experienced data practitioners support our clients’ missions and objectives—from crafting strategies to successful execution. Our approach comprises multiple stages, outlined below.

Direction

Start with identifying the ‘why’ for the organization

Teams identify shared goals that address existing challenges related to trust, privacy, cost, compliance, and security. We start with a shared understanding of the key pain points regarding how data is managed, aggregated, and used. Beginning from a shared ‘why’ increases the buy-in of the value of data governance. The ‘why’ will also be instrumental in designing operational metrics to demonstrate progress made towards those goals.

Discovery

Begin with an assessment of the environment

It’s important to understand the existing organizational structures, processes, documentation, flows, and technology available. We meet organizations wherever they are in their data governance journey and iterate on their current framework. The first step is to identify roles such as an executive sponsor (e.g., Chief Data Officer or Chief Information Officer), a data governance committee, security and privacy support personnel, and data stewards. These accountable and invested individuals are critical to creating a working governance structure, securing data and systems, and providing ongoing monitoring.

Document

Develop a shared view of information assets

To effectively govern and secure data, you need to know all the data and sources your organization has. Start with the initial list of the data stores to assemble an inventory of data elements, business context, metadata, and data relationships. Taking advantage of automation tools, such as intelligent data catalogs, eases this process. For security and compliance purposes, it is critically important to identify the organizational standards and policies that apply to each piece of data. Standards and regulations that apply to the information system such as SOX, HIPAA, GDPR, FISMA, etc., can determine the process for your data governance approach. This includes data retention, network and data storage options, encryption schemes, and business processes regarding the right to be forgotten.

Align

Ensure a shared understanding of how data is collected, and metrics defined 

A common pain point is inconsistent use of metrics across teams, or different ways of calculating a metric. This inconsistency can lead to confusion, unhelpful analytics, and other problems. Integrating the use of an easily accessible data catalog and educating users to promote adoption are steps to alleviate this problem. Additionally, where there is a business need for different versions of a metric across organizational units, the data catalog can provide insight into the options and the differences between them.

Operationalize

Execute and monitor compliance with policies and strategies

Example actions may include:

Introducing processes to maintain and evolve the data catalog as the definitive knowledge source for data users to identify data assets, support search, and facilitate appropriate access.

Working to seamlessly integrate organization security policies and tools into data access and use. For example, using role-based access controls to protect information from unauthorized access.

Maintaining data integrity by taking steps to ensure that information cannot be changed without proper authorization.

Investing in platforms and tools to ensure data availability aligns with user group needs.

Auditing processes to ensure that governance and security approvals and workflows are followed.

Assess and Iterate

Continually review and improve

It is important to include metrics into the process to validate how the system is meeting the goals set out when establishing the data governance program. Building out a robust data governance strategy is an iterative journey. Using an Agile approach, we start with foundational components and balance documentation with actions to deliver results quickly and evolve rapidly with changing business environments.

Avoid A Common Pitfall

In our experience, we’ve continually found that successful data governance program adoption must be business-led. Data governance adds process and additional work to daily operations across the organization. Most data users come from organizational departments outside of IT. These same departments must have responsibility and accountability for governance success—a stake in the game. When inter-departmental collaboration is achieved, the processes introduced are sensitive to data users’ needs and concerns, while meeting governance and security objectives.

Related Reading

ML Model Security – Preventing The 6 Most Common Attacks
Security is an essential part of any machine learning (ML) model, especially when it comes to the inherent risks associated with AI.
The Data Governance Journey
How would you answer the following? I trust the accuracy of data I use in my job. Yes or no? The data I use and the results I publish are consistent with the rest of the organization’s metrics. Yes or no? If you answered ’No’ to either one, here’s a follow-on question - is data inconsistency a pain…
The Importance of Effective Data Literacy
Data literacy isn’t all that different from literacy in any other sense. A data literate individual understands what has been communicated in the data they are reading, and they know how to communicate that data in the context of their own work.

Contact Our Experts

Claire Walsh
VP, Engineering and Services
Amanda Makulec
Senior Data Visualization Capability Lead
Brian Rodrigue
Data Engineering Technical Lead