Virtualization Technology News and Information
Article
RSS
Today's most polarizing data management issue: location, location, location!

Article Written by Jean-Michel Franco, Senior Director Product Marketing for Data Governance

Similar to real estate, one of the toughest issues facing data managers today is: location, location, location. From regulatory compliance, to inventory management, to multiple transformations and transfers both on-premises and in the cloud, one of the main issues surrounding the security and confidentiality of customer data is its location, relocation and availability. Here is some advice on nailing down your company's biggest asset: data! 

Companies working across borders are all too familiar with the legal quagmires resulting from conflicting laws between nations. As a result, sometimes they're found guilty in courts no matter what they do. The problem has become so untenable that tech giants are throwing their full support behind a bill called the CLOUD Act, that was recently included by Congress in an Omnibus funding bill negotiated by Congressional leaders of both parties. But even compliance with this new bill hinges on where data is located and whether that location is covered in the international agreement.

Think of the CLOUD Act as sort of the extradition treaty for data. If it resides in a country covered by the treaty, you have to provide the data to law enforcement in the U.S. or elsewhere when summoned. But, if the data resides in a country outside such a treaty, then law enforcement would have to slog through muddied legal waters to get it. But then again, your company would have to make that same slog at considerable expense in defense. 

Whatever the legal scenario your company finds itself in, knowing the location of you data will be tantamount. However, knowing this seemingly simple fact is highly problematic given the complexities of modern data infrastructures and the frequency and speed with which data moves. But the legal horrors don't end there since legislation aiming to regulate data management exist in every country, ranging from individual data privacy to transfer governance and data ownership, just to name a few.

For example, cross border data transfers between the U.S. and the EU are getting more complex and contentious. A recent development casts a heavy shadow on transatlantic data transfers via Standard Contractual Clauses. A complaint was filed with the Irish Data Protection Authority against Facebook's use of Standard Contractual Clauses on the grounds it shares similar flaws with the now-defunct Safe Harbor. The judges sent the case to EU's highest court where it may take as long as two years for a decision to be rendered. Meanwhile, companies are struggling to figure out the best way to handle cross-border transfers. And again, data location is at the center of the equation where the complexities in infrastructure and data movement are obstacles.

While compliance is a huge location-anchored issue unto itself, it's not the only concern companies face when it comes to data. Certainly, security is another major worry, not only in terms of preventing security breaches, but also when it comes to complying emerging security breach laws There are the slew of regulations and laws governing data security breaches, both within and outside the U.S. For example, The National Conference of State Legislatures provides a comparative list of such laws in 48 states. The remaining two, Alabama and South Dakota, have no such laws. But how does a company secure data, or even realize a breach has occurred, if it doesn't know it has that data or where that data resides?

It's not just about the law

Gartner predicts that by 2021, the prevalence of equity analysts placing emphasis on an organization's information portfolios when valuing businesses themselves will spark formal internal information valuation and auditing practices. Indeed, companies are urged on every front to treat data as an asset and work proactively to increase its value.

"Organizations that identify and plan alternative ways to leverage existing information assets are inherently growing their own market value," said Douglas Laney, vice president and distinguished analyst at Gartner. "Enterprises should innovate around information assets which have large gaps between their realized value and potential value. Of course, this first requires that they're able to measure these gaps."

But before companies can even take that recommended first step, they have to know their data inventory. The questions of "what data do we own?" and "where is it?" are the most fundamental questions every company should be focused on answering in high detail. From there, tracking data should be a constant exercise, just as tracking any other asset or transaction is.  

Blockchain vs unified metadata

Technologies such as blockchain are coming up fast as a means to authenticate the quality of data. While prognostications differ on the success of any one of them, the popular distributed ledger included, there is no doubt that data as an asset increases in value as it increases in quality, i.e. trustworthiness.

At its bare essence, blockchain is about tracking and authenticating data. In other words, knowing where the data came from, who added to or changed it, and where it is now. To a large degree, that can be more readily accomplished now with unified metadata management.

Alternatively, with highly specialized metadata management tools, companies can see where data originated and by whose authority, where it is located now and where it was earlier, who is or has accessed the data and why, what processes the data was subjected to, and how the outputs were used.

Think of this degree of granular control over the data as creating a chain of custody, wherein the entire data lifecycle is transparent and accounted for, in a unified manner and therefore free of gaps from data silos.

And just like blockchain is used by banks to track transactions across borders without moving the collateral asset across borders, so too can data be processed for integration and quality controls without moving it or replicating it. By doing so, many of the liability issues and errors in data transfer can be avoided.

Possessing such detailed control over your company data also means it is easier and cheaper to comply with regulations such as the CLOUD Act.

In the end, the real issue in the CLOUD Act and similar regulations is trust. Your company can only trust its data - and can only ask others to trust its data, be they customers or regulators - if there is true transparency and accountability throughout the entire data lifecycle.

##

About the Author

Jean-Michel-Franco 

Jean-Michel Franco is Director of Product Marketing for Data Governance at Talend. He has dedicated his career to developing and broadening the adoption of innovative technologies in companies. Prior to joining Talend, he started out at EDS (now HP) by creating and developing a business intelligence (BI) practice, joined SAP EMEA as Director of Marketing Solutions in France and North Africa, and then lately Business & Decision as Innovation Director. He authored 4 books and regularly publishes articles, presents at events and tradeshows and can be followed on Twitter: @jmichel_franco.

Published Friday, April 20, 2018 7:36 AM by David Marshall
Filed under: ,
Comments
Today's most polarizing data management issue: location, location, location! - EMC VMAX - (Author's Link) - April 20, 2018 8:40 AM
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
Calendar
<April 2018>
SuMoTuWeThFrSa
25262728293031
1234567
891011121314
15161718192021
22232425262728
293012345