Why Data Security And Data Governance Matter

Chris Hallenbeck

Data security has long since breached the walls of tech blogs and legal briefs as a topic of concern. Thanks to recent revelations and subsequent high-profile apologies and government hearings, data security is having its day around kitchen tables, in classrooms, and, of course, across the vast digital universe of social media. Anyone who was somehow still asleep to the pitfalls and perils of dealing in data and protecting personal information is certainly wide awake now.

Today’s data management and storage landscape, where data entropy and data sprawl are rampant, has wide-reaching consequences that go far beyond data accessibility, interpretability, and ease-of-use for companies. Data security may be on everyone’s minds these days, but it will only continue to become more challenging as data collection and storage becomes more sophisticated.

Many companies are storing significant data in low-structure distributed systems, open source databases, and even unmanaged devices. In these not-uncommon scenarios, how can a user know that a query doesn’t return personal data if they don’t know what is in the data store? And even if the data is in a well-known system, how can administrators be sure that this same personal data isn’t provided to the wrong individuals? In other instances, personal data may need to be shared or placed online, although it must be obfuscated first, but in a way that does not affect its value.

Companies need a new approach to security – new forms of data profiling via heuristics and new technology to ensure the safety of all data, effective masking of personal data, and compliance with new data protection and privacy laws like GDPR (General Data Protection Regulation).

Data security may be a hot topic of the moment, but other, less newsworthy issues are no less important when it comes to data management. No matter how data is being used, governance is crucial. Companies need audit trails of who did what with which data. CIOs live in constant fear of an auditor walking in and asking where a value within a business application comes from and questioning its reliability. Why is this type of dread so prevalent? Enterprises are waking up from the last decade of the “democratization of data” and realizing that they have antiquated governance processes in place – or, worse yet, none at all.

In the past, a company might have rolled out applications at a rate of one per year – across the entire company. Now, each business unit within an organization rolls out one or more applications each month, with little or no tracking of where the data is coming from, who is using it, and where it is going. With no business model, no impact analysis, and no lineage metadata to show any auditor who might come knocking on the door at any time, companies are taking a massive legal risk. This not only keeps executives awake at night, but gives them nightmares should they risk closing their eyes.

It is hard to keep pace with the rate of change within one company, let alone the near-constant changes brought by political regulations and technological advances. Given the potential risks that data security and data governance pose to a company, it is vital that businesses seek out new technology that will equip them to face the security challenges of today and prepare them to meet whatever challenges tomorrow may bring.

It’s not just about you. Learn about The Future of Cybersecurity: Trust as Competitive Advantage.

This article was originally published on the SAP HANA blog and is republished by permission.


Chris Hallenbeck

About Chris Hallenbeck

Chis Hallenbeck is senior vice president, Database & Data Management, Product Management and Go-to-Market, at SAP. In that role, he organizes and integrates product management and user-interaction design teams into agile software development processes, and builds productive relationships with customers, prospects, and engineering teams. He is a graduate of Middlebury College.