Data governance

Developments that will define data governance and operational security in 2022

Satori shared his forecast for the near future of cloud-based transformation, detailing three major developments to watch in the world of data governance and operational security during 2022.

As cloud adoption accelerates across industries and business intelligence and analytics shift from cutting edge luxury to basic necessities, many businesses find themselves at a crossroads. With the movement of more data to the cloud, new opportunities arise as data can be easily connected to various cloud-based services including BI, analytics, and AI, thus providing richer insights. data scientists, analysts and business users.

On the other hand, move sensitive data such as personally identifiable information (PII), personal health information (PHI) and financial data to the cloud increase the risk of a data breach. It is in this context that data managers (CDO), data platform owners and other data professionals are thinking about big decisions and preparing for big changes in the coming year.

“To stay competitive in today’s data-driven economy, companies are investing more and more capital to make their data analytics operations smarter, faster and more agile than those of their competitors, and moving data to the cloud is part of this strategy, ”said Eldad Chai, CEO of Satori.

“But in doing so, many overlook the most essential ingredients for large-scale data operations: security and governance. Too often, business leaders make the mistake of viewing data governance as a constraint and policies as obstacles to understanding and innovation. In reality, security doesn’t have to slow you down. In fact, with the right tools and the right operational framework, governance holds the secret to boosting growth by facilitating the democratization of data. This is especially true when accompanied by a cloud-based transformation, which enables business analysts and data scientists to access the data they need in minutes rather than days. Data engineers and platform owners can streamline secure access to sensitive PII, PHI, or financial data to eliminate manual processing and errors.

DataSecOps will become a new standard

In a recent survey of C-Suite executives, researchers found that while 99% of companies actively invest large sums in big data initiatives, only 24% of those surveyed felt they had created an organization and / or a culture. data-driven. So despite countless calls for the democratization of data over the past year and a half, and no shortage of funding, it appears that at least 75% of companies have yet to realize the democratization dream. However, there is hope. With recent advances in AI and the introduction of data mesh architecture, a solution is on the horizon.

With a focus on decentralization and data consumer empowerment, data mesh is an obvious candidate for the framework supporting democratization. However, for data mesh to function without degradation of data security, organizations will need to practice DataSecOps principles and processes.

DataSecOps seeks to make security an ongoing part of the data mining process, rather than an afterthought. And in a mesh model, where more teams and stakeholders engage with data, the understanding of the importance of data security must be shared by virtually everyone in the organization.

Its implementation will force organizations to adopt a collaborative framework, in which security is not only an issue for only security teams, but a concern for all. In 2022, this streamlined DataSecOps solution, integrated with an intelligent data mesh architecture, will enable the democratization of data to be implemented on a large scale.

Too privileged employees

The rapid adoption of the cloud and disruptive business models have led Unicorns to experience unprecedented growth in revenue and customer acquisition, especially in Fintech, Healthtech, and Internet Services. Data operations have grown to meet demand, however, data security has not kept pace.

A prime example is the data breach at Robinhood, in which an unknown third party used social engineering to glean information from a customer service representative over the phone. The bad faith actor was able to gain access to sensitive customer support data, ultimately affecting more than five million customers.

Obviously, the customer service employee was too privileged, meaning they had access to more data than needed to do their jobs efficiently. Startups, especially rapidly growing ones like Robinhood, often start with trust-based data access policies, where employees have broad access to the data, which initially speeds up decision making.

Going forward, these startups will need to adopt more rigorous processes and tools to implement data security at the heart of their data operations. In doing so, they will ensure that employees only have access to the data they need to do their jobs, while limiting and tracking access to sensitive data to minimize the risk of a data breach.

More sensitive personal data will migrate to the cloud

Leaders in analytics and AI seek to build and deploy next-generation solutions by leveraging cloud-based services in combination with sensitive personal data. The trend is driven by cloud-based AI and analytics platforms, in combination with data stores such as Snowflake, Amazon Redshift, Google BigQuery, Databricks, and Microsoft Azure Synapse.

Adoption is accelerating in organizations of all sizes. This begs an important question: “Is sensitive personal data secure in my cloud-based data warehouse, data mart, analytics, or machine learning solution of my choice?” Leaders in analytics, AI and machine learning must figure out how to navigate and answer this question with confidence and to the satisfaction of information security, privacy and compliance teams. With the help of process improvements and new data access tools such as DataSecOps, sensitive data will be managed in the cloud securely, fueling BI, analytics and machine learning projects for faster information.

Attackers target data through analytics and AI service providers

Hardly a week goes by without a high-profile data breach putting user data security at risk. Data breaches aren’t going to go away anytime soon. But we’ll see more data breaches targeting third parties – data, analytics, artificial intelligence and machine learning service providers who are entrusted with massive amounts of sensitive data along with personal, PHI and financial information. . The massive misuse of the personal data of more than 87 million Facebook users by third-party analytics provider Cambridge Analytica in 2018 is a prime example of this type of risk.

Organizations of all sizes are leveraging cloud-based services for data, analytics, AI, and machine learning. This trend drives innovation, but can lead to the misuse of sensitive data, especially if the service provider has the right processes and tools to manage the security and privacy of that data. In order to responsibly evolve into explosive growth, providers of data, analytics, AI, and machine learning services will need data governance platforms that are smart and robust enough to mitigate data errors. occasional judgment of data consumers.

All it takes is a dash of frustration, impatience, or worry for an employee to ignore, overlook or forget a practice or policy that leaves sensitive data exposed. A smart political platform, on the other hand, never gives up its vigilance. In 2022, those who have the necessary security measures will make their way against the competition, while those who do not will make the headlines.

No matter what lies ahead in 2022, we can be sure of one thing: DataOps will undergo significant changes. With so much upheaval in 2021, it’s almost inevitable that organizations will change their operations. Whether it is democratization via smart data meshing or the implementation of an intelligent data platform to guard against exposure, CDOs will take action in 2022. And those who do not will surely not be left behind.