CONTACT
Joey D'Antoni Joey D'Antoni

The Data Governance Dream Team

Data governance is never the sexiest topic, but when it comes to IT challenges like managing data security, understanding business metrics, and even powering Artificial Intelligence solutions like retrieval augmented generation (RAG), understanding your data and its definition is critical.

The biggest challenge of data governance is that it isn't just a problem that an information technology team can solve—it's a challenge that needs to be driven by the business. 

The biggest challenge of data governance is that it isn't just a problem that an information technology team can solve—it's a challenge that needs to be driven by the business. The IT organization can facilitate a governance effort by providing tools and frameworks. Still, the company needs to provide funding and data expertise from different parts of the business.

While an IT organization has lots of technical information about databases and servers in their environment, understanding the data within those systems lies within the business. IT isn't going to know who the current vendor for raw materials for key products is or how accounting is going to handle various financial changes. At the same time, a technology org can help those business operations by providing automation, and easier ways to glean insight into their data. Let's focus on the roles you need for a proper data governance organization.

The Data Governance Players

Data Governance dream teamData Owner: A senior executive is typically responsible for a specific data set's overall quality and integrity and allocates resources to ensure proper usage and compliance.

Data Steward:  The functional leader of a data governance program, who defines data quality data standards and collaborates with data custodians to maintain domain data quality. This person will typically act as a liaison between the IT org and the business. 

Data Custodian:  Primarily focused on the technical aspects of data security and storage, helping to ensure proper access controls, data loss prevention, and backups.

Data Governance Council:  A collection of data leaders (possibly all data stewards) who work together to create standards around data management, prioritize data projects, and develop a taxonomy and change management plans. This council usually has a blend of functional members and IT data leaders.

While this is not an all-encompassing list of the roles associated with a data governance project, it is a good overview of how to get started. It is important to note that a data governance effort must occur across the organization (thus the executive sponsor) and is ongoing. Data quality isn't something you can do once and forget it, as your data and the systems you connect with. are ever-changing.  There are many positives that can come out of a data governance project.

Benefits of a High-Functioning Data Governance Project

Data governance in the cloudConsistent and High-Quality Data: By ensuring proper master data and adding data quality checks to analytics and transactional systems, you can improve your business decision-making, close out end-of-period operations sooner, and be more confident.

Data Security: An underappreciated part of data governance is its relevance to security. Organizations can't function if they were to protect all of their data at the highest levels. And they risk data breaches if they don't protect sensitive data carefully. Understanding what data is sensitive and what is not helps balance security with functionality. 

Better Credibility: While data breaches or errors can lead to fines from various regulators, more important is credibility—providing clean, consistent data allows organizations to feel confident in their reports and the information they share with partners, stakeholders, and customers.
Data Governance and Data Security

Data Security: Take a Balanced Approach

Much like disaster recovery, security is a finite resource with financial and functional costs.  Every time you implement a security control; you are making your users less productive.

Much like disaster recovery, security is a finite resource with financial and functional costs.

Every time you implement a security control; you are making your users less productive. What this means is to take a reasoned approach to security, you have to have different tiers of data and align security controls to each tier.

Customer and employee data is typically treated as the highest tier of security, for example having data loss protection services, network controls, and additional layers of data protection. 

web-design-87A structured approach like this allows for balanced security, which balances frustrations with proper controls. Knowing where your data lives and how you control that data enables you to identify any stolen data if a breach occurs quickly. This knowledge can be highly beneficial, as many regulations and fines, like GDPR, are tied to the amount of data stolen. A good example was when British Airways was initially fined £163 million for a data breach but showed that the breach only affected a limited amount of data, reducing the fine to ‹£20 million.

Data Governance Requires Buy-In

Data governance is never the sexiest topic—it's not high-tech or AI, and the payback period is unclear. However, it gives your organization more confidence in your data, providing better security and maybe even disaster recovery. The big challenge is that data governance requires the buy-in of IT and the entire organization.

Joey D'Antoni is Principal Cloud Architect at DesignMind. He is a Microsoft Data Platform MVP. Joey blogs about technology of all kinds at joeydantoni.com and writes a monthly column for Redmond Magazine.