Principles and best practices for data governance in the cloud
Evren Eryurek PhD
Director Product Management, Google Cloud
Group Product Manager - Data Governance, Google Cloud
Today’s businesses both generate and consume data at unprecedented rates. Diversity of data types and sources means that organizations have to grapple with data access, security, governance, and let’s not forget—regulatory compliance. These concerns give some customers pause when they consider moving their sensitive data to the cloud. That’s why we published a white paper that outlines best practices and guidelines to help organizations establish data governance in a cloud-first world. This white paper intentionally takes a platform-agnostic approach that you can use when building out your governance capabilities.
Data governance encompasses the ways that people processes and technology can work together to enable auditable compliance with defined and agreed-upon policies. Ultimately, organizations want their data to work for them and governance is an essential part of making data work for your business.
Every enterprise should think about the entire data governance lifecycle, including data intake and ingestion, cataloging, persistence, retention, storage management, sharing, archiving, backup, recovery, disposition, and removal and deletion. Many organizations find these requirements overwhelming, so the white paper outlines best practices and guidelines for governance in the cloud, including:
- Data discovery and assessment, so that you know what data assets you have
- Profiling and classifying sensitive data, to understand which governance policies and procedures apply to your data
- Maintaining a data catalog that contains structural metadata, data object metadata, and the assessment of levels of sensitivity in relation to your company’s governance directives
- Documenting data quality expectations, techniques, and tools that support the data validation and monitoring process
- Defining identities, groups, and roles, and assigning access rights to establish a level of managed access
- Performing regular audits of the effectiveness of controls in order to quickly mitigate threats and evaluate overall security health
- Instituting additional methods of data protection to ensure that exposed data cannot be read, including encryption at rest, encryption in transit, data masking, and permanent deletion
Using these best practices, enterprises can create an effective data governance strategy and operating model, gaining a path for organizations to establish control and maintain visibility into their data assets. Organizations will likely reap immense benefits as they promote a data-driven culture within their organizations, including :improved decision making, better risk management, and achieving regulatory compliance.