July 15, 2021
Most businesses today are eager to become data-driven enterprises, reaping maximum benefit from the data they collect. But privacy and regulatory issues, along with governance and compliance of cloud services, are a major source of concern for enterprises. Compliance requirements present a tricky obstacle when it comes to reusing and repurposing data.
Despite compliance becoming evermore complex, there’s good news. With the right strategy and an intelligent data management approach, businesses can achieve their data goals while fully addressing regulatory and governance requirements.
Effectively managing compliance has emerged as one of the key ways to enable safe reuse of data to drive business outcomes. In the session I moderated at HSIF 2021, “Outpace the Rising Tide of Regulations,” (available here) Senior Analyst Christophe Bertrand of ESG offers a deep dive into his research about the benefits of taking steps toward solving the data reuse challenge. In particular, he reveals how addressing compliance issues early in digital transformation can unlock a myriad of additional benefits that support strategic initiatives, including:
It is important to acknowledge the impressive evolution of data management imperatives. Just a few years ago, the pace was confined to the long, slow strides of storage, backup and recovery of a data center. Today, cloud storage is becoming the preferred storage target for data protection because it enables simple, reusable data objects with flat schemas that avoid complex interrelationships and hierarchies. This simpler foundation layer enables scalability and elasticity that is critical to increasing the speed and optimization of backup applications and workloads. The transition from traditional architectures to new cloud and object storage has radically altered the locus and speed required of compliance efforts and data governance in general.
At the same time, huge quantities of unstructured data that were viewed only as costly burdens to be protected at the lowest cost for as long as regulations required are suddenly appreciated as potential gold mines of insight. Companies want to combine previously discrete and siloed data to see what new knowledge and opportunities emerge. But they’re stuck with old compliance processes, a machine seemingly made of gears and levers to be managed by attorneys with a fast-running fee meter. That arrangement no longer matches the pace of business requirements.
The way to overcome the rising tide of regulation is to hardwire compliance and governance into the very DNA of one’s infrastructure. A proactive data management platform provides the ability to store and process huge amounts of structured and unstructured data while also meeting SEC regulations to protect sensitive data from malicious, accidental or premature alteration or deletion. The right platform will support faster automated search and discovery. Accomplishing those means that secondary uses of data become far less risky and costly. Complying with regulations turns out to not be nearly as hard as it once was. The net result will be greater business agility, better cost efficiency and improved operational efficiency.
Businesses face an apparent dichotomy:
Can businesses achieve both?
Yes! The way forward is to adopt the intelligent data management model using a DataOps foundation — a “compliance first” data management approach that is more effective and efficient at delivering both compliance and governance. Digital transformation is real and intelligent data management is the right place to start if one intends data to be at the center of everything. A business cannot confidently reuse and repurpose its data without first knowing what it is, where it is, and that it is protected. DataOps delivers that knowledge faster, cheaper and more affordably.
Intelligent data management is the first place to invest in digital transformation because it is the linchpin that ensures that all data pipelines run true and produce only compliant data. Properly executed through automation enabled by DataOps, intelligent data management can ensure that essential compliance and governance workflows are delivered and provisioned throughout your operations by design.
In practice, a system built on an intelligent data management model will constantly take what it already knows about existing data under its purview and control to enrich incoming data during the onboarding process. It also learns from incoming data during that process to enrich existing data as well. Semantic enrichment can even use artificial intelligence and machine learning to better identify, tag and label data (both incoming and existing) as new insights and patterns emerge from ongoing and never-ending analysis of data holdings.
Tagging will enable the system to automatically track privacy, confidentiality, protection, audit and logging metadata, and, critically, compliance and governance metadata. The system can then watch for and report compliance issues as needed.
Ultimately, intelligent data management means not worrying whether pipelines run in a data center, cloud, hybrid, multicloud or other topology. Organizations can make privacy protection and confidentiality inherent to their systems by taking steps such as tagging data automatically during the onboarding and intake processes. Compliance is baked in at every step, making it easier to free employees to find data, run analysis and use data for application purposes. Intelligent data management is the source of the confidence one needs to reuse and apply data to pursue new opportunities. For much more on this subject, download the e-book “Data Fabric for Dummies“.
Governance is an essential component of compliance, yet it remains a complex set of processes and practices to master. After all, businesses have legitimate reasons for making multiple copies of data. As the past year demonstrated, collaboration is essential. Yet privacy and other regulations mean data can’t be shared haphazardly across the organization, blindly trusting that everyone will handle it with appropriate care and discretion. Some data should never be shared. Other data could be shared if it were masked or anonymized within the bounds of compliance. Comprehensive governance means that data can be replicated and shared to handle urgent problems, such as business continuity and disaster recovery, as well as to protect the business from the perils of ransomware hijackers. Shared data is also crucial for DevOps, which requires access to real datasets to support rapid testing and deployment.
In a compliance-native digital infrastructure, businesses don’t have to second-guess their data choices. Their forward momentum is not restricted by the drag of compliance when they want to deploy a new product, process or analytics tool, and so forth. If you are a large organization with many separate data silos, you’re likely accustomed to driving governance on a silo-by-silo basis. Intelligent data management offers the opportunity to establish a single, central source of truth that makes it possible to automate consistent governance processes. A single methodology that applies governance and compliance to all workflows reduces risk. It also opens the door to highly sought-after operational goals, such as the widespread dispersion of analytics and moving data to the cloud.
When you know your data has been through a standardized, tested compliance process that flags sensitive data, anonymizes when needed, or denies the movement of data, your business can act with confidence. Getting the compliance piece right creates the opportunity to reuse data, to know it is safe, and to validate its business benefits. As Bertrand points out, while there is a lot of talk about being “data first,” the reality is that your business needs to first and always be compliant. Achieve that and regardless of how high the regulatory tide rises, your business will have smooth sailing ahead.
Tanya Loughlin is Director of Product Marketing, Hitachi Content Platform Portfolio at Hitachi Vantara.
Check out more great stories on Insights.