• No results found

Improving Unstructured Data Governance. Ryan Jancaitis Product Management Symantec

N/A
N/A
Protected

Academic year: 2021

Share "Improving Unstructured Data Governance. Ryan Jancaitis Product Management Symantec"

Copied!
20
0
0

Loading.... (view fulltext now)

Full text

(1)
(2)

Improving Unstructured Data

Governance

Ryan Jancaitis

Product Management

Symantec

(3)

Summary

4

Data Protection and Compliance

3

Data Management

2

Overview

1

(4)

Unstructured Information Growth Leads to Challenges

4

•Inadequate metadata information

•What is the data

governance structure?

•Pre-requisite for other business initiatives

•Who has accessed the data over time?

•When is the data no longer needed?

•What is the optimal method to store data?

• Contain leakage

• Who should have access?

• Are there gaps in the protection or

entitlements scheme?

Who Owns the Data?

How is the Data

Used?

Protect the Data

Data growth continues unabated… most of the

growth during the next 5 years is unstructured

data – the most difficult to manage from a

process or tool point of view.

(5)

0001010001011 1101101010100 1110010101011 1001101010010 1011010100001 1011001111001 0101010001010 0101010100101 1001010100101 0110101010101 0101010101011 0101010110101 0001010001011 1101101010100 1110010101011 1001101010010 1011010100001 1011001111001 0101010001010

Bridging IT and Business Gap is the Key to

Getting in Control of Runaway Data Growth

• “I know I have millions of files that have not been used for a long time – what do I do with them?”

• “I know there is sensitive

information out there – where is it and how is it being used?”

• “How do I comply with data access guidelines? I am not sure I am the right person to make the call…”

• Business owners are the true ‘custodians’

– How do we identify them? – How do we empower them? • How can we enable them with

– The right reports for visibility – The right recommendations

for decision making – The right automation to

simplify remediation

… that the business owner is in the best position to solve

Runaway unstructured data growth leads to serious challenges for IT…

(6)

Applications of Data Governance

6

•Identify stale and orphan data and drive cleanup

•Build a consumption based chargeback model

•Understand usage and consumption patterns

•Manage custodians that need to be engaged in compliance efforts

•Automate data access reviews

•Adhere to data retention guidelines

•Remediate sensitive data Audit historical access,

monitor sensitive data usage

•Find data at greatest risk of exposure and lockdown

Improve Data

(7)

Data Management

2

Overview

1

Summary

4

Data Protection and Compliance

3

(8)

Data Management

Identify data owners

and map to business

Promote accountability

through chargeback

Identify stale/orphan

data and classify based

on owners

Guide cleanup,

archiving and retention

efforts

Understand usage and

consumption patterns

Streamline data

migration, growth

planning and tiering

(9)

3 Steps to Data Governance Automation

Automate Reports

3

Identify Folders

1 2 Assign Custodians

Data Governance Case Study

Efficiency and Cost Reduction

Data Management Policy

• Promote efficient use through consumption-based chargeback • Data retention based on data

ownership classification

• Create accountability for data growth

• Confidently delete or move stale/orphan data

(10)

Key Metrics to Data

Management

Ownership

Inferred

Set

Consumption

User

Business Unit

Department

Age

Creation date

Last access

Usage

Frequency

(11)

Case Study: Regional Energy Company

Background

Goals

Achievements

Lacked visibility into

who owns what data

on shared storage

Environment

NAS 200 TB

Windows 100 TB

Identified data owners and

bill shared resources to

appropriate line of business

Reduced stale data and

chose appropriate storage

for migrations

Investigate issues with legally

protected data being deleted

Evaluated ACLs for Department

of Energy protected data

Chargeback

Storage

Optimization

Data Forensics

Secure

Regulated Data

(12)

Data Protection and Compliance

3

Overview

1

Summary

4

Agenda

Data Management

2

(13)

Protection and Compliance

For unstructured data…

Identify users, notify them and

protect with Data Loss Prevention

Identify custodians to engage for

compliance

Investigate data breaches; monitor

sensitive data usage

Audit activity to data

Find data at greatest risk of

exposure and lock it down

Review access for compliance

Data Owner Identification

Data Owner Remediation

Discover

Open Share and Risk Score

Effective Permissions

Protect

Data Monitoring and Access

Alerts

(14)

3 Steps to Data Governance Automation

Data Governance Case Study

Regulatory Compliance Risk Reduction

• Review of access permissions to achieve compliance

• Review of activity and alerts to spot inappropriate use; notify owner that data is exposed

• Activity audits to achieve compliance

• Streamline Data Loss remediation

Automate Reports

3

Identify Folders

(15)

Key Metrics to Data Protection

Ownership

Inferred

Set

Historical access

Reads/Writes/Deletes/etc..

User/Folder/File/Minute

Effective Permissions

Share

Folder

Group

Pro-active monitoring

Unauthorized

Anomalous

Overly Permissive Data contents

Sensitive

Customer Content

(16)

Case Study: Regional Healthcare

Company

Background

Goals

Benefits

Found sensitive data

How to protect it?

Who should have

access?

Environment

10 Data centers/sites

NAS (>20K shares)

Identified data owners

and notify to resolve

non-compliance

Located private sensitive data

(i.e. medical records) with

excessive permissions

Accessed activity reports

for audit

Investigated issues with

important folders

disappearing

Reduce loss of

confidential

data

Secure PII

Demonstrate

Compliance

(HIPAA…)

Incident

Response

(17)

Summary

4

Overview

1

Agenda

Data Management

2

Data Protection and Compliance

3

(18)

Benefits of Understanding Unstructured Data

18

•Target lifecycle

management efforts by identifying data owner, age of data and file type

•Promote accountability through chargeback

•Manage data custodians and enable access reviews

•Enable cleanup and retention efforts with ownership classification

•Enable effective data protection process with Symantec Data Loss Prevention integration

•Limit access to sensitive data to authorized users

Increase Operational

(19)

Thank You!

(20)

References

Related documents

15,16 According to the Medical Advisory Board of the National Multiple Sclerosis Society, treatment with disease-modifying agents should continue indefinitely, as indicated,

Data Governance Overview Data Governance Data Architecture  Management Data  Development Data Operations  Management Data Security  Management Reference & 

Similarly, case studies that examine the experiences of students who have decided not to enroll in music courses after elementary school could provide insight into why students

Scoring  and  Alerting Batch Hybrid Analytics Unstructured Data Realtime Data Transactions   /   Events Applications Data  Governance Meta-­data   management   Data  lineage

Source: Rand Mutual (2006: 11,24) Guide to the Compensation for Occupational Injuries and Diseases Act, No 130 of 1993, As Amended (updated with calculations by

 Provides unstructured information archiving from various data sources, leveraging Content Collector and enabling Information Lifecycle Governance (including Records Management and

With an audit trail, data classification technology, and access control information, organizations can identify active and stale data, data that is considered sensitive,

According to the international experience, federal authorities can carry out six groups of functions for support of mechanisms of development of innovative