Improving Unstructured Data
Governance
Ryan Jancaitis
Product Management
Symantec
Summary
4
Data Protection and Compliance
3
Data Management
2
Overview
1
Unstructured Information Growth Leads to Challenges
4
•Inadequate metadata information
•What is the data
governance structure?
•Pre-requisite for other business initiatives
•Who has accessed the data over time?
•When is the data no longer needed?
•What is the optimal method to store data?
• Contain leakage
• Who should have access?
• Are there gaps in the protection or
entitlements scheme?
Who Owns the Data?
How is the Data
Used?
Protect the Data
Data growth continues unabated… most of the
growth during the next 5 years is unstructured
data – the most difficult to manage from a
process or tool point of view.
”
“
0001010001011 1101101010100 1110010101011 1001101010010 1011010100001 1011001111001 0101010001010 0101010100101 1001010100101 0110101010101 0101010101011 0101010110101 0001010001011 1101101010100 1110010101011 1001101010010 1011010100001 1011001111001 0101010001010
Bridging IT and Business Gap is the Key to
Getting in Control of Runaway Data Growth
• “I know I have millions of files that have not been used for a long time – what do I do with them?”
• “I know there is sensitive
information out there – where is it and how is it being used?”
• “How do I comply with data access guidelines? I am not sure I am the right person to make the call…”
• Business owners are the true ‘custodians’
– How do we identify them? – How do we empower them? • How can we enable them with
– The right reports for visibility – The right recommendations
for decision making – The right automation to
simplify remediation
… that the business owner is in the best position to solve
Runaway unstructured data growth leads to serious challenges for IT…
Applications of Data Governance
6
•Identify stale and orphan data and drive cleanup
•Build a consumption based chargeback model
•Understand usage and consumption patterns
•Manage custodians that need to be engaged in compliance efforts
•Automate data access reviews
•Adhere to data retention guidelines
•Remediate sensitive data Audit historical access,
monitor sensitive data usage
•Find data at greatest risk of exposure and lockdown
Improve Data
Data Management
2
Overview
1
Summary
4
Data Protection and Compliance
3
Data Management
•
Identify data owners
and map to business
•
Promote accountability
through chargeback
•
Identify stale/orphan
data and classify based
on owners
•
Guide cleanup,
archiving and retention
efforts
•
Understand usage and
consumption patterns
•
Streamline data
migration, growth
planning and tiering
3 Steps to Data Governance Automation
Automate Reports
3
Identify Folders
1 2 Assign Custodians
Data Governance Case Study
Efficiency and Cost Reduction
Data Management Policy
• Promote efficient use through consumption-based chargeback • Data retention based on data
ownership classification
• Create accountability for data growth
• Confidently delete or move stale/orphan data
Key Metrics to Data
Management
•
Ownership
–
Inferred
–
Set
•
Consumption
–
User
–
Business Unit
–
Department
•
Age
–
Creation date
–
Last access
•
Usage
–
Frequency
Case Study: Regional Energy Company
Background
Goals
Achievements
•
Lacked visibility into
who owns what data
on shared storage
•
Environment
–
NAS 200 TB
–
Windows 100 TB
Identified data owners and
bill shared resources to
appropriate line of business
Reduced stale data and
chose appropriate storage
for migrations
Investigate issues with legally
protected data being deleted
Evaluated ACLs for Department
of Energy protected data
Chargeback
Storage
Optimization
Data Forensics
Secure
Regulated Data
Data Protection and Compliance
3
Overview
1
Summary
4
Agenda
Data Management
2
Protection and Compliance
For unstructured data…
•
Identify users, notify them and
protect with Data Loss Prevention
•
Identify custodians to engage for
compliance
•
Investigate data breaches; monitor
sensitive data usage
•
Audit activity to data
•
Find data at greatest risk of
exposure and lock it down
•
Review access for compliance
•
Data Owner Identification
•
Data Owner Remediation
Discover
•
Open Share and Risk Score
•
Effective Permissions
Protect
•
Data Monitoring and Access
Alerts
3 Steps to Data Governance Automation
Data Governance Case Study
Regulatory Compliance Risk Reduction
• Review of access permissions to achieve compliance
• Review of activity and alerts to spot inappropriate use; notify owner that data is exposed
• Activity audits to achieve compliance
• Streamline Data Loss remediation
Automate Reports
3
Identify Folders
Key Metrics to Data Protection
•
Ownership
–
Inferred
–
Set
•
Historical access
–
Reads/Writes/Deletes/etc..
–
User/Folder/File/Minute
•
Effective Permissions
–
Share
–
Folder
–
Group
•
Pro-active monitoring
–
Unauthorized
–
Anomalous
–
Overly Permissive Data contents
–
Sensitive
–
Customer Content
Case Study: Regional Healthcare
Company
Background
Goals
Benefits
•
Found sensitive data
–
How to protect it?
–
Who should have
access?
•
Environment
–
10 Data centers/sites
–
NAS (>20K shares)
Identified data owners
and notify to resolve
non-compliance
Located private sensitive data
(i.e. medical records) with
excessive permissions
Accessed activity reports
for audit
Investigated issues with
important folders
disappearing
Reduce loss of
confidential
data
Secure PII
Demonstrate
Compliance
(HIPAA…)
Incident
Response
Summary
4
Overview
1
Agenda
Data Management
2
Data Protection and Compliance
3
Benefits of Understanding Unstructured Data
18
•Target lifecycle
management efforts by identifying data owner, age of data and file type
•Promote accountability through chargeback
•Manage data custodians and enable access reviews
•Enable cleanup and retention efforts with ownership classification
•Enable effective data protection process with Symantec Data Loss Prevention integration
•Limit access to sensitive data to authorized users