Is Data Governance a Missing Link in Your Data Resiliency Strategy?

Just like your company needs processes, policies, and standards to make it run in an orderly, secure, and compliant fashion, the same is true for your data. It’s called data governance. Yet there’s not much talk about it in the market today. Most backup products and vendors don’t address the fundamental need for comprehensive governance over data. Instead, they tend to focus on specific security features, which are nice to have but don’t provide the overall data discipline organizations require.

What is data governance?

Data governance is the responsible management of data throughout its lifecycle. It is about applying data discipline to every aspect and process around data ... and being able to demonstrate that that data discipline was enforced.

Data governance is about being a good steward over your data during its entire lifecycle, from its creation or acceptance to its deletion.

The components of data governance include:

• Data integrity – As data is accessed, transferred, stored, or otherwise used, you must ensure that it has not been changed. Cyclic redundancy checks (CRCs) and checksums are proven techniques for guaranteeing data integrity in some backup, storage, and networking products.
• Data and metadata immutability – Similar to data integrity, data immutability is about ensuring that data cannot be changed. Data immutability is an important security characteristic of some storage products. It is also important to note that data often has associated metadata that is essential for use of that data (eg, inode information for Unix file systems or a backup catalog for backup data). This metadata also needs to be protected. If data is immutable but its associated metadata is lost, the immutable data may become useless. As an example, a company with immutable backup storage recently lost all its backups when a hacker destroyed the backup metadata catalog that was required to access that backup data.
• Data protection and security – Companies should create copies (including off-site copies) of valuable data in case the data is damaged or destroyed. In addition, data must be secured against unauthorized viewing or access. Data security includes the ability to encrypt data when in flight or at rest.
• Data access controls – Access to data should be restricted only to those users or processes with a business need. And those with a valid business requirement for access must be properly authenticated.
• Enforceable policy management – Business policies for managing data must be established and enforced consistently.
• Enforceable data locality – There are many regulations, such as the European Union’s General Data Protection Regulation (GDPR), that require controls and enforcement of where data may reside geographically or politically.
• Comprehensive auditing – Even for businesses that are implementing some of the data governance disciplines above, being able to document and prove it for data is a huge, additional challenge.

Why do you need data governance? / Why is data governance so important

Data is the driving resource for most companies today. Proper management of that data is essential for business success and efficiency. And being able to recover that data if it is lost may mean the difference between the survival or collapse of a business. In addition, there are many, many government regulations that impose significant penalties for the mismanagement of particular types of data.

How automated backup can support data governance

Backup operations are an important aspect of data governance. Data backups implement some of the data governance requirements, such as data protection and security. In addition, as a holder of most, if not all, of a company’s data, backup operations themselves must completely adhere to all disciplines of data governance described above.

Why is data governance a challenge for organizations?

Data management and backup vendors tend to focus on specific features and functions of their products. Tracking all of the many touchpoints of data with company applications, tools, processes, and personnel can be a daunting task. To make matters worse, most data applications and products (e.g., backup products) don’t provide adequate instrumentation with which to administer such data discipline.

Choose the right tools and strategy to achieve seamless data governance - even in the backup environment

While it does not manage primary data or its governance, Compass® from Cobalt Iron does provide comprehensive data protection and data governance for a company’s entire backup landscape and operations.

From the moment data is ingested into Compass® to when it is deleted based on enforced retention policies, Compass® applies the highest levels of data discipline.

• Data integrity is always guaranteed with block- and object-level checksums and CRCs, including at data ingest and recovery.
• All Compass backup data is immutable by default and cannot be accessed or changed.  Compass backup catalogs also cannot be accessed or changed.
• Compass® provides multiple copies of data, including off-site copies, to ensure data protection. Data security is ensured with end-to-end encryption, both in-flight and at rest.
• One of the most unique aspects of Compass® is its architecture, which removes most of the need for anyone to access the backup infrastructure. Thus, Compass® not only adheres to data access controls but completely eliminates the need for them for most components of the Compass® solution. In cases when data access control is necessary (eg, to manage business policies, run reports, recover data, and monitor operations), Compass® has robust authentication controls.
• Compass® is driven by customer policies and service levels. Enforcement of these policies is automated and monitored by Compass®. Any exceptions to policies automatically initiate notifications to proper personnel and systems. In addition, Compass® policy management is not just enforced, it is provable.
• Data locality, likewise, is part of enforced Compass® policies. When Compass® is configured to guarantee data locality rules, adherence to those rules is enforced and provable.
• Finally, as we discussed in the blog post “Can You Prove What’s Happening in Your Backup Environment,” Compass® provides complete audit readiness that can prove you’ve adhered to policies, rules, and data governance processes for all aspects of the backup data, environment, and operations.

Secure and auditable backup operations are a critical aspect of a company’s overall data governance. It’s not just about a nice security feature or two. Comprehensive data governance involves many features and techniques, but it is about end-to-end stewardship and discipline over data throughout its lifecycle.

Ensure you are implementing and exercising enterprise-class data discipline to your company’s backup data and operations. Be a good data steward with Compass®. Learn more about data protection with Compass®. Download the technical brief by the independent analyst, ESG: