Data governance

Data governance in IT has long been a critical function, and its essential nature existed long before the cloud. Creating and ensuring adherence to common data models, providing extensibility where
needed, managing changes, ensuring regular and controlled taxonomy updates, use of master and
reference data, data classification, formal processes around data retention and destruction: all of these
activities have been part of the IT governance function for decades.

The cloud, however, adds some new dimensions to data governance. First, many countries have, or are developing, laws governing where information about their citizens can reside. This is called data
sovereignty, and the concerns are, in a nutshell, that if your data leaves your country, it will be easier
for foreign government agencies to obtain it. To be clear, as of this writing the legal elements of data
sovereignty are still evolving, but nevertheless it is important to design an appropriate governance
strategy.

To address these concerns, know what data your applications are keeping in the cloud, and know as
well what the laws of your country are with regard to data sovereignty. Some potential actions you
might want to take include the following:

 Not placing any individual or customer data in the cloud
 Encrypting key PII such as email addresses or physical addresses prior to moving data to the cloud
 Disabling geo-replication to other geographies

Much has been written on this topic and (as we have mentioned) the laws continue to evolve, so it is a
best practice to stay on top of the emerging legislation and case studies.

Now that applications are in the cloud, additionally, it is far easier to access Internet-resident data
sources. Many governments now place very large quantities of data in the cloud (in the United States,
for example, at http://www.data.gov; in the United Kingdom, http://www.data.gov.uk;
http://data.gouv.fr in France; and so on). Other companies make data available over the web for a fee,
and such data, for example, can augment or even replace on-premises master data sources or can
provide additional marketing insights. Use of such data, including analyses of their semantics to
ensure alignment with enterprise data sources, should be governed by the data governance
organization.

Source of Information : Microsoft Enterprise Cloud Strategy

No comments:

Cloud storage is for blocks too, not just files

One of the misconceptions about cloud storage is that it is only useful for storing files. This assumption comes from the popularity of file...