The adage that “we are a software company” is quickly becoming “we are a data company.” In today’s world, software is only as good as the data within it – and the ability to deploy it.
As the wave of organizations leveraging cloud data platforms like Snowflake and Databricks continues to build, enterprises must facilitate the business insights these platforms unlock, while ensuring effective data governance, compliance, and privacy. It is this very balance between data utility and security that many organizations struggle with – particularly when both the volume of data, and employee access to that data, grow rapidly.
Beyond the technical considerations, gaining organizational buy-in – which is a necessity in order to effectively strike the utility-security balance – can be a hurdle in its own right. Having worked with leading companies across every industry, I’ve identified some of the biggest barriers and opportunities when preparing to implement a cloud data governance strategy.
Firstly, a company needs to weigh the risks and rewards of collecting and disseminating data. Some questions that can be helpful in this exercise are:
Of course, highly regulated industries like healthcare and financial services have no choice in the matter – data use and compliance with strict laws are absolute industry mandates. And, companies with customers or operations in certain data jurisdictions (GDPR in the EU, for example), also have varying degrees of inherent data privacy obligations. In general, the regulatory landscape is both broadening and deepening, with increased and more specific regulations being introduced on regional, national, and local levels.
With this context in mind, it behooves any business to establish a cloud data governance strategy. However, you should not be blind to the organizational change management challenges (technology, people, and process) that you will need to overcome to successfully execute on the strategy. Here, we will dig into some of these key challenges and how to navigate them.
As with most strategic initiatives, success requires strong executive support. However, since data governance impacts many functions and lines of business, it is often critical to gain consensus across the enterprise (e.g., C-Suite, line of business leaders, technology org).
Since these stakeholders have differing priorities, you’ll need to build a compelling business case that resonates with each of them. This should demonstrate a firm understanding of the business impact and technical dependencies (more on this below) of a cloud data governance strategy. For instance, citing the Federal Trade Commission’s willingness to hold executives liable for inadequate data security measures in the event of a breach, may instill a sense of urgency that creates consensus.
Once you have firm executive and cross-functional support, ensure that leaders are continually engaged in execution in order to overcome organizational inertia during execution.
Before embarking on the journey, it is important to assess whether you have the right in-house expertise, and the requisite governance and privacy technology stack. This may trigger the need to hire, engage a consultancy/systems integrator, and/or engage vendors to fill knowledge or skills gaps.
Some technologies that are critical to effective cloud data governance include sensitive data discovery, cataloging, marketplace, and data access control. This is also a good time to determine what is a must-have to start, and which capabilities or skills you may need as you scale operations.
Taking an inventory of your data is an essential aspect of effective governance. Identifying where sensitive data is housed and access patterns to that data (where, who, how often, why?) will help you understand how far and wide your framework will have to extend, as well as who must be involved in order to ensure it’s fully adopted and running effectively.
This exercise will also be helpful in assessing risk (another component of a compelling business case) and building relationships with data owners and consumers. Knowing what type of data you have and where it lives provides insight into where you may have potential security gaps, and who you must work with to ensure data is properly managed and secured.
Technical dependencies – and a lack of understanding about them – are often where enterprises get hung-up when executing data governance initiatives. Without the right people and technologies working together seamlessly, even best laid plans will not pan out.
Enterprise data management has many facets, ranging from architecture to integration to analytics. There are myriad engineering and business processes in between, which will need to be mapped in order to ensure your data governance framework is sufficiently robust. This helps align the right people, processes, and tools into systematic workflows, and also yields the opportunity to build relationships and gain buy-in across the organization.
Even with strong executive backing, data engineers, owners, and consumers will need to buy in to governance. As noted above, it is paramount that these stakeholders have a seat at the table.
It is equally important to formulate a communication strategy that emphasizes the “why” behind governance. Human behavior is often the most difficult aspect of change, and effectively telling the story of why your strategy benefits the company and individuals alike will go a long way toward influencing behaviors and attitudes.
Effective data governance can no longer be an afterthought – it is imperative in the face of business transformation and increasing regulatory scrutiny. While overcoming change management challenges around data governance may seem daunting, putting in the foundational work and building organizational consensus will not only ensure an effective execution of the strategy, but will also unlock enterprise value.
To hear data leaders’ perspectives about the role of change management in operationalizing complex data architectures, check out this blog.
Schedule a call with us to make sure your governance strategy and organizational change management are stress-free.
