Data Quality+Security

3,445 views

Published on

A short summary of the interactions between Data Quality and Data Security.

See my other presentations on the topic for more details.

Published in: Business, Technology
0 Comments
4 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
3,445
On SlideShare
0
From Embeds
0
Number of Embeds
19
Actions
Shares
0
Downloads
0
Comments
0
Likes
4
Embeds 0
No embeds

No notes for slide

Data Quality+Security

  1. 1. Interactions between Data Securityand Data Quality<br />
  2. 2. Data Quality and Data Security<br /> Models<br /> Data Governance integrating <br /> Data Quality and Data Security<br />Agenda<br /> Data Quality Maturity Model and<br /> Data Security<br />
  3. 3. Data Quality Issues are a Security Threat<br />Confidentiality, Integrity and Availability Problems as a result of Poor Data Quality <br />Data Ownership is required to control whether confidentiality is maintained.<br />Data Inconsistency measures are required to control if integrity is maintained.<br />Analysis of Data problems hands confidential data to people that shouldn’t have!<br />“ad hoc” Fixing Data problems is in itself a big threat to data integrity!<br />Data Quality Benefitting Data Security in all Stages<br />Qualitative Data Governance provides metrics to observe the effectiveness of Data Security.<br />Data Quality processes are required to effectively implement Data Security Requirements.<br />Data Quality Enables Data Security<br />
  4. 4. The Data Security Model<br />Integrity<br /><ul><li> Modification Tracking
  5. 5. Data Accountability
  6. 6. Data Authenticity</li></ul>Confidentiality<br /><ul><li> Data Access Controls
  7. 7. Data Encryption
  8. 8. Data Anonymization</li></ul>Availability<br /><ul><li> Data Access Mechanisms
  9. 9. Data Loss Prevention
  10. 10. Downtime Prevention</li></li></ul><li>The Data Quality Model<br />Do the IT systems provide<br />high quality data for<br />their purpose?<br />Do the processes <br />provide data suitable<br />to fit their purpose?<br />Fit For<br />Purpose<br />Measure<br />Analyze<br />Improve<br />Control<br />Measure<br />Analyze<br />Improve<br />Control<br />Data<br />Quality<br />Mgt.<br />Which processes<br />utilize the data<br />and why?<br />Why do the IT systems<br />handle the data?<br />Data Handling<br />IT Systems<br />Data Utilizing<br />Processes<br />Measure<br />Analyze<br />Improve<br />Control<br />Do the systems provide<br />data suitable to<br /> the process?<br />What data handling function<br />does the system provide<br />for the process?<br />
  11. 11. Data Quality Characteristics<br />The Data Quality Characteristics<br />Consistent<br />Complete<br />Transparent<br />Relevant<br />Timely<br />Precise<br />Accurate<br />
  12. 12. The effect of Data Quality on Security<br />Poor<br />Data <br />Quality<br />Data<br />Security<br />Threats<br />Fixing<br />DQ<br />Problems<br />Data<br />Security<br />Metrics<br />causes<br />improves<br />Timeliness<br />Transparency<br />Consistency<br />Completeness<br />Relevance<br />Precision<br />Accuracy<br />
  13. 13. Data Quality and Data Security<br /> Models<br /> Data Governance integrating <br /> Data Quality and Data Security<br />Agenda<br /> Data Quality Maturity Model and<br /> Data Security<br />
  14. 14. The Data Quality Maturity Model<br />Enforcement<br />Metadata<br />Methods<br />Policy<br />Metadata<br />Management<br />Information Lifecycle Mgt.<br />Data Risk Management<br />Data<br />Architecture<br />Data<br />Quality<br />Governance<br />Maturity<br />Organizational<br />Awareness<br />Value Creation<br />Audits &<br />Reporting<br />Stewardship<br />Security<br />Compliance<br />Data Quality<br />Measurement<br />Corporate<br />Environment<br />Man<br />DQ<br />Control<br />
  15. 15. DQ Governance Benefits for Security<br />Enforcement<br />Metadata<br />Methods<br />Corporate<br />Environment<br />Man<br />DQ<br />Control<br />Organizational<br />Awareness<br />Policy<br />Value Creation<br />Metadata<br />Management<br />Information Lifecycle Mgt.<br />Audits &<br />Reporting<br /><ul><li> Integrate Data
  16. 16. Remove Silos
  17. 17. Definition
  18. 18. Domain
  19. 19. Purpose
  20. 20. Data Governance policies
  21. 21. Quality Audits
  22. 22. Quality Reports
  23. 23. Executive support
  24. 24. Manage data as a quality asset
  25. 25. Strategic observation of data value</li></ul>DQ Perspective<br />Stewardship<br />Data Risk Management<br />Security<br />Compliance<br />Data<br />Architecture<br />Data Quality<br />Measurement<br /><ul><li> Address data quality in design
  26. 26. Points of Data Entry, Utilization and Decommission
  27. 27. Inconsistency:Count, Cause, System, Solution
  28. 28. People in charge
  29. 29. Common skill set for data issues
  30. 30. Integrated business processes
  31. 31. Rational standards</li></ul>Organizational<br />Awareness<br />Policy<br />Value Creation<br />Metadata<br />Management<br />Information Lifecycle Mgt.<br />Audits &<br />Reporting<br /><ul><li>Discover soft spots
  32. 32. Engineer security
  33. 33. Assigned Responsibilities
  34. 34. Security Levels
  35. 35. Security policies
  36. 36. Security Audits
  37. 37. Security Reports
  38. 38. Manage data as a valuable asset
  39. 39. Effective protection for valuable assets</li></ul>DS Perspective<br />Stewardship<br />Data Risk Management<br />Security<br />Compliance<br />Data<br />Architecture<br />Data Quality<br />Measurement<br /><ul><li> Address data security in design
  40. 40. Modification rules
  41. 41. Access rules
  42. 42. Access points
  43. 43. Integrity threats:</li></ul>Amount, Location, Countermeasures<br /><ul><li> Single Point of enforcement
  44. 44. Effectiveness of SAR and SFR</li></ul>Everybody wins – why not build a synergetic strategy?<br />
  45. 45. Data Quality and Data Security<br /> Models<br /> Data Governance integrating <br /> Data Quality and Data Security<br />Agenda<br /> Data Quality Maturity Model and<br /> Data Security<br />
  46. 46. Roadmap to Integrated DQ/DS Governance<br />Recognizing data as a corporate asset:<br />Processes, owners, KPI’s + improvement.<br />Documentation,<br />Standardization &<br />Application of<br />Service Processes.<br />Service<br />Management<br />Data<br />Management<br />Integrated Data Governance<br />Data<br />Administration <br />Problem<br />Management<br />Error removal capabilities:<br />Staff, tools, method.<br />Information Model, Documentation, Standardization and Monitoring of Data.<br />
  47. 47. Service Management<br />Data Quality Focus in Service Management<br />Integrate Data Services into Service Management Processes<br />Data-driven SLA’s<br />Service<br />Management<br />Data<br />Management<br />Innovation and technology change based on data capability<br />Integrated Data Governance<br />Benefits for Data Security Management<br />All relevant data objects become visible on the radar<br />Data<br />Adminsitration<br />Problem<br />Management<br />Gaps in data services become obvious<br />Plan security into the design concepts before realization<br />Corporate learning allows security “best practices” to spread quicker<br />Data Service Management is the basis for DS to effectively handle + implement security.<br />
  48. 48. Problem Management<br />Data Quality Focus in Problem Management<br />Establish a common body of knowledge and tools for solving data issues<br />Establish a central problem management team to tackle data issues<br />Service<br />Management<br />Data<br />Management<br />Enterprise-wide scope for data problem handling<br />Integrated Data Governance<br />Benefits for Data Security Management<br />Central unit to track SAR and SFR problems<br />Data<br />Administration<br />Problem<br />Management<br />Synergies in resolving security issues caused by quality issues<br />Joint priorities on interdisciplinary issues<br />Effective handling of corporate issues that only slightly relate to data<br />Data Problem Management is the basis for DS to get rid of security problems at the root. <br />
  49. 49. Data Administration<br />Data Quality Focus in Data Administration<br />Common Data Models<br />Metadata standards<br />Service<br />Management<br />Data<br />Management<br />Central control and clearly defined data accountability<br />Integrated Data Governance<br />Benefits for Data Security Management<br />Standard method for integrating SAR into metadata<br />Data<br />Administration<br />Problem<br />Management<br />Standard processes for turning SFR into action <br />Standard metrics for tracking SFR implementation<br />SAR realization as “everyone’s” accountability<br />Data Administration is the basis for DS to touch data threats at the right place.<br />
  50. 50. Data Management<br />Data Quality Focus in Data Management<br />Establish rules and procedures for data management<br />Treat data as a corporate asset<br />Service<br />Management<br />Data<br />Management<br />Track and improve data KPI’s<br />Integrated Data Governance<br />Benefits for Data Security Management<br />Integrate SARs as standard KPI <br />Data<br />Administration<br />Problem<br />Management<br />Measurement tools discover integrity violations<br />Common knowledge on data-related issues and threats<br />Corporately aligned strategy for implementing data controls<br />Data Management offers DS the certainty that counters are properly implemented.<br />
  51. 51. Thank you for your attention<br />

×