Ensuring Visibility and Data Access Control Across Clouds

Written by

The CIO mandate is to support overall business objectives through technology. Sounds simple, right? But as almost anyone in this position knows, accomplishing this goal while ensuring business and technology initiatives are aligned is anything but simple.

Traditionally, CIOs and IT teams have been stuck between the dictated and decentralized approaches to data governance, which complicate things. The dictated approach is a top-down form of centralized governance in which IT determines what tools, policies and data business teams can use. But this approach delays access to data because IT doesn’t have domain knowledge of the governance policies and how businesses use data to make decisions and understand its meaning.

More progressive organizations are going with the decentralized governance approach to fix this specific issue. This method involves a governance board or IT formulating high-level policies while the business has considerable leeway in customizing them, selecting tools and accessing data across clouds and settings. But this leads to conflicting business line policies and various governance tools and platforms used by different business teams.

The solution to these issues is the delegated governance approach that’s a hybrid of the above two. It’s based on IT giving the business a platform for governing data where data stewards in individual business lines configure policies for controlled data access across clouds.

Consequently, everyone operates in a space in which they’re experts. IT provides the tools and systems for governing data, while data stewards that understand data provide access to data for individual business lines. Industry analysts have recommended this approach for self-service analytics and because it reduces time to data use, increases automation, and resolves the CIO dilemma.

Eliminating Manual Processes

The primary CIO advantage of the delegated model is automating access to well-governed data that accelerates the process of faster decision-making by businesses. But because IT was the gatekeeper and the context of the data was not understood, IT was constantly flooded with ticketed requests to access data spread across various cloud services and on-prem repositories. CIOs were frequently blamed for IT not approving requests and providing data quickly enough – especially with requests coming from every business team in business lines across the organization.

The delegated approach obsoletes these manual requests for data in favor of automated methods. It delivers a framework for data stewards to localize requests for data access and expedite – if not automate – them because they understand data and their relevance to business line use cases. IT’s involvement is critical to this framework because it outlines the proper systems and tools for data access, then allows stewards to facilitate that access according to policies configured for business lines. This method reinforces agility and data-driven processes. For instance, marketing teams can quickly access data from numerous sources across cloud services with the delegated approach.

Central Visibility, Local Access

Additionally, this form of governance empowers CIOs by enabling IT to retain control over the governance platform data stewards leverage for local data access to respective business lines. This capability supports centralized visibility into who’s accessing what data and how. Thus, IT can still oversee several functions related to data governance, including auditing governance practices and validating measures for regulatory compliance. This method enables IT to look into how policies have been configured for the finance team, for example, while seeing who’s approving them and which end-user tools are used to access what types of data. The best part is that IT teams no longer approve data access requests or perform policy configuration – stewards are.

CIOs and IT teams' role is now aligned with their competency.  Because IT understands the systems used, they select the right governance platform. Modern offerings in this space complement the delegated governance approach because they’re simple, user friendly, and hide the complexity of managing and enforcing policies for data access. They can also distribute governance policies wherever data resides, which is particularly important given today’s multi-cloud reality. For instance, sales teams can access data across any public or private cloud or tool with full governance. In addition, such platforms implement the logic for data access, controls and PII cataloguing within source systems.

Aligning Technology with Business

The delegated model readily aligns business and technology requirements for CIOs to fulfil their core objectives, allowing them to improve data governance with the proper IT oversight to enforce policies outlined by governance councils locally. CIOs benefit from it because IT is no longer in the path of business users accessing data and receiving inordinate ticket requests. This model also supports self-service automation across clouds while extinguishing manual processes – decreasing time to data.

The governance gains are also significant and include central oversight with a single pane of glass for tools across clouds. This improves visibility for sensitive data while underpinning multi-cloud, distributed policy enforcement for each business unit via data stewards facilitating end-user access.

What’s hot on Infosecurity Magazine?