1. "Enterprise Architecture ‐ Building in Privacy,
Security, Master Data Management and Data
Governance from the beginning"
Orest Roman Swystun, CEA
Enterprise Architect, Hewlett Packard Enterprise,
Analytics and Data Management

2. Privacy, Security, Master Data Management and Data
Governance go hand in hand and represent a foundational
support structure that supports each other. Without one of
these you create risks and gaps that exposes the other four, and
most importantly your data, your clients data.
Author ‐ Orest Roman Swystun, 30 years working with data,
Unisys, Oracle, SAIC, BAH, BiDC, EDS, HP and currently.
Developer, Designer, Trainer, Presenter, Architect
“Building in Privacy, Security and Master Data
Management and Data Governance from the
beginning"

3. The Digital Disruption(Revolution)
Has Already Happened
• World’s largest taxi company owns no taxis (Uber)
• Largest accomadation provider owns no real estate (Airbnb)
• Largest phone companies own no telco infra (Skype, WeChat)
• Worlds most valuable retailer has no inventory (Alibaba)
• Most popular media owner creates no content (Facebook)
• Fastest growning banks have no actual money (SocietyOne)
• Worlds largest movie house owns no cinemas (Netflix)
• Largest software vendors don’t write the apps (Apple & Google)
• MORE TO COME! IT ISN’T OVER YET!
• 3d printing saved RAF over 1.2 million pounds!

4. • Topics include:
– What is the best way to understand and document Master Data
Management, Data Governance, Privacy and Security?
– How does Master Data Management, Data Governance, Security and
Privacy relate?
– Where can we make a difference?
– Who are the people that make up these roles currently in your
organization?
– When do we start relating (integrating) this information?
– Why should an Enterprise try to relate Master Data Management,
Data Governance, Privacy and Security?
“Building in Privacy, Security and Master Data
Management and Data Governance from the
beginning"

5. • Historically these activities have been seen as “enabling” the
mission or business
• While that is true the current acquisition/implementation
(contract) process is fractured, so it becomes less of an
enterprise solution and more of a local solution (supporting a
specific program or activity)
• The result? No cohesive, integrated or holistic solution. This
hinders change, adaptation and evolution and effects mission
or business performance
“Building in Privacy, Security and Master Data
Management and Data Governance from the
beginning"

6. • “Data is a constant state of flux”
• “Decisions are only as good as the information upon
which they are based”
• Information is processed Data
• Master Data Management is the act of Data Processed
in a manner that makes information that is reliable,
relevant, usable and then sharable
• “You either govern your Data or your Data will govern
you” ‐ ORS
“DATA”

7. Data Quality Challenges
• Data Proliferation (servers, labtops, systems…)
• Data Completeness (pieces of …)
• Data Redundancy (Duplication) (repeated)
etc..
• Data Obsolescence (Old, Unused or Obsolete)
• Data Anarchy (Absence of Management or
Governance)

8. The Four Noble Truths of Data
Governance
• That there is suffering
• That suffering has a cause
• That there is a cessation of suffering
• There is a path to such freedom

9. Data, Big Data
The Expectation – A Clean
Data Lake
The Reality – A Data
Cesspool or Data Swamp

10. Data, Big Data
The Hope – An
Organized Data Attic The Reality – The Data Hoarder

11. How do you keep the Data Lake
clean, the Data Hoarder organized?
• According to Gartner Research Director Nick
Heudecker, “Data lakes typically begin as ungoverned
data stores. Meeting the needs of wider audiences
requires curated repositories with governance,
semantic consistency, and access controls.”
• It’s important not to overly constrain the data, but
without sensible governance, users soon will find
that accessing what they have stored is surprisingly
challenging. Idle and overgrown, the data lake
quickly will become a stagnant data swamp.

12. Forbes Report
• A Forbes report on the 2012/2013 NewVantage Partners big data survey, of
Fortune 1000 companies, shows that over 68% of respondents are investing
more than 1 million dollars in big data this year, while 91% of C‐suite
executives polled indicated that a big data initiative was either planned, or in
progress.
• By contrast, the 2012/2013 Steria survey of 650 participants shows that only
7% of European companies rate big data as “very relevant” to their business.
• Where the US companies are seeing significant value, predominantly in the
area of advanced analytics, European companies are struggling to get past the
challenges associated with poor data quality.
• Data governance has not been a focus for European firms, with 70%
identifying a lack of data governance and BI strategy as key contributor to
poor quality data.
• [Poor] Data quality and the lack of an enterprise view are cited as significant
barriers to big data entry.

13. 2015 Trends (from ZDNet)
• More Magic
• Datafication
• Multipolar Analytics
• Fluid Analysis
• Community
• Analytic Ecosystems
• Data Privacy
2015 will be a wonderful
year for analytics, just like it
has been for the last
quarter‐century‐‐as long as
we remember that great
power brings great
responsibility, and that we
must also strive to adapt our
information culture and
processes.

14. 2016 Trends (Global Big Data
Conference – Innovation Enterprise)
• Quantum Computing to Grow
• AI and Machine Learning
• Improved Security Scrutiny
• Big Data to become Small [Data]
• Analytics To Be Simplified and Outsourced
• Data in the Hands of the Masses

15. “Building in Privacy, Security and Master Data
Management and Data Governance from the
beginning"
• Privacy
• Security
• Master Data Management
• Data Governance

16. What is Privacy?
Private ‐ yes But not necessarily Secure
Physically Private – but not
audible or olfactory private

17. What is Security?

18. What is Master Data
Management?
• Definition
– “Master Data Management is
the act of Data Processed in a
manner that makes
information that is reliable,
relevant, usable and then
sharable”
• Issues
• Solutions
• Transmission of Master Data

19. What is Data Governance?
• Definition
• Overview
• Data Knowledge Drivers
• Data Governance Initiatives
• Implementation
• Data Governance Tools
• Data Governance Organizations
• Data Governance Conferences

20. Data Governance ‐ Definition
• Data Management International
(DAMA, www.dama.org), a nonprofit
organization for data management
professionals, defines data
governance as follows:
– The exercise of authority and control
over the management of data assets. It
is the planning, supervision and control
over data management and use.

21. Data Governance ‐ Overview
• DAMA’s guide to the data management body of
knowledge identifies the following core data
management functions that are overseen by EDG:
– Data Security management (which comprises data security and
privacy, as well as related regulatory compliance requirements)
– Data Architecture management
– Data Base Operations management
– Master Data and Meta Data management
– Data Quality management
– Data Warehousing and
Business Intelligence management
– Data Development
– Document and Content management

22. What is the best way to understand
and document the Enterprise?
Gartner
• proactively and holistically leading
enterprise responses to disruptive
forces by identifying and analyzing
the execution of change toward
desired business vision and
outcomes. Deliver value by
presenting business and IT leaders
with signature‐ready
recommendations for adjusting
policies and projects to achieve
target business outcomes that
capitalize on relevant business
disruptions.
Zachman International
• set of descriptive representations
relevant for describing a complex
object (actually, any object) such that
an instance of the object can be
created and such that the descriptive
representations serve as the baseline
for changing an object instance
(assuming that the descriptive
representations are maintained
consistent with the instantiation).

24. How do these relate?

25. Are they Technical Issues? Or are they
Business Issues? Are they Cultural Issues?
• They have technical “tools” – but are they the
solution?
– With tools comes training, governance, cost
• Why does the technical team become “in charge”?
– Usually the first to notice
– Usually they have the skillset to help define the problem

26. Biggest Challenge your organization faces for
adopting and implementing data governance?
• Obtaining Executive Support
• Overcoming Organizational Culture
• Inability to make a business Case
• Lack of communication among teams
• Lack of technology and tools
• Inconsistent data definitions / terminology
• Identifying value or quality of data
• Other barriers /I don’t know
• 12.7%
• 35.2%
• 9.9%
• 8.5%
• 2.8%
• 14.1%
• 8.5%
• 8.5%
• Trillium Software – Best Practices for Data Governance and Data Quality Tools.
Herald Smith – Director of Product Management Trillium Software
• Best Practices becomes a “Framework”

27. What are the Common Obstacles?
• The number one obstacle is: Politics, Culture
– _______ participants not understanding the organization’s political
and management culture
– Not a clear vision for _________
• No one person or group is responsible for the enterprise
________. Therefore no one is accountable
• Costs too much takes too long to do _________
• Perception: _____ office not presenting problems and issues
in a way that highlights the value of addressing them and
provides a clear win for the participants
• Too little support or understanding of _________

28. • If these are “Business Issues” why does the IT
department own the solution?
• Business Culture, IT Culture both may have to
change
• They can’t own the solution, but they can
help, assist and facilitate. In the end it has to
be a Business Administrators Decision (CIO,
CDO, CFO or someone else will make the
decision)
Are they Technical Issues? Or are they
Business Issues? Are they Cultural Issues?

29. How do we start?
• No one does “_________” for the sake of
“___________”
– Privacy
– Security
– Master Data Management
– Data Governance
– Enterprise Architecture

30. How do we start?
• Each is done with sound Business Analysis, Executive
Sponsor and owner
• Vision, a purpose, a strategy
– Business Process Analysis
– Risk Assessment
– Compliance
– And others in the “context” of the business or organization
NOTE: just like data without context can lead to a data
cesspool or data swamp a program without context will
have its own challenges.

31. Where can we make a difference?
• Every aspect of the business can “reap” the
benefits
• Sometimes a business is driven by “tactical
forces” aka by responding to fires
• Designing and Implementing a “strategy” is
not simple or easy, but it is straightforward.
– Aligning it to business plans is critical

32. Who are the people involved?
• Executive Sponsors – the people who care about the
“capability” ‐ see notes – note measurable
• Everyone in the enterprise that has to “touch” the
data (everyone) Customers, Vendors benefit from a
better program
• The people involved in a specific working group are
the ones that are vested with the problem or
challenge – solve problems with the people most
directly affected

33. When do we start to relate these
issues / challenges?
• The sooner the better
– Getting in on the ground floor while an solution
(whether Developed, COTS or Open Source) is
being considered is paramount to successful
program implementation
– Implementation and Maintenance are two
different animals
– Highlighting the benefits of addressing these
challeges for executive sponsors IN THEIR TERMS,
solve problems

34. Why should we care? – The
motivation
• Reduce overhead
• Lower costs
• Reduce time to
market
• Increase revenue
• Improve analytics
• Reduce risk
• Maintain compliance
• Protect your business
• Increase ROI
• Increase User /
Application
Acceptance

35. • Topics include:
– What is the best way to understand and document Master Data
Management, Data Governance, Privacy and Security?
– How does Master Data Management, Data Governance, Security and
Privacy relate?
– Where can we make a difference?
– Who are the people that make up these roles currently in your
organization?
– When do we start relating (integrating) this information?
– Why should an Enterprise try to relate Master Data Management,
Data Governance, Privacy and Security?
“Building in Privacy, Security and Master Data
Management and Data Governance from the
beginning"

36. Conclusion
• Tying the program to a business
function/mission is critical. As over time, as
the business function/mission changes or is
affected by change, having an understanding
of how that application system supports the
business function/mission will determine the
Application Business Environmental Technical
Landscape

37. • Analytics and Data Management (Master Data Management, Data
Governance)
• Apps Services and Program Excellence
• Business Process Services
• Enterprise Security (Privacy and Security)
• Industry Solutions
• Mobility and Workplace Solutions
• Workload and Cloud Solutions

38. Thank You
• www.hpe.com
• Orest Roman Swystun
• orest.swystun@hpe.com
• office phone 703 456 2424

39. Enterprise Security
• Advanced Threat Protection from HPE and FireEye
– Advanced Compromise Assessment from HPE and
Mandiant, a FireEye Company
– Global Incident Response from HPE and Mandiant, a
FireEye Company
– Managed Advanced Threat Protection Services from
HPE and FireEye Practice certified: bronze
• Identity and Access Management Services
– Identity and Access Management Services Practice
certified: silver
• Identity Governance and Administration Services Practice
certified: bronze
• Privileged Account Management Service Practice certified:
bronze
• Managed Security Services
– Data Loss Prevention Services Practice certified: bronze
– Distributed Denial of Service (DDoS) Protection
Services Practice certified: silver
– Managed Endpoint Security Services Practice certified:
bronze
– Managed Network Security Services Practice certified:
bronze
– Vulnerability Management Services Practice certified:
silver
• Security Consulting
– Data Protection and Privacy Consulting Services
Practice certified: silver
– Infrastructure and Network Security Consulting
Services Practice certified: silver
– Security Intelligence and Incident Response Consulting
Services Practice certified: silver
• Cyber Situational Awareness and Defense (CSAD) Services
Practice certified: bronze
– Security Strategy and Risk Management Consulting
Services Practice certified: bronze
– Threat and Vulnerability Management Consulting
Services Practice certified: bronze
• Threat Defense Services
– Managed SIEM Service Practice certified:
bronze
– Security Alerting Services
– Security Monitoring Services

40. Analytics and Data
Management
• Advisory Services
– Business Intelligence Modernization Strategy and
Planning Services Practice certified: bronze
– Business Intelligence Modernization Workshop Services
Practice certified: bronze
• Analytic Solutions
– Analytic Consulting Services Practice certified: bronze
– Customer Analytic Services Practice certified: gold
– Foresight Situational Awareness Solution Practice
certified: bronze
– Interactive Media Command Center (IMCC) Solution
Practice certified: gold
• Business Intelligence Modernization Services
– Business Intelligence Modernization Services Practice
certified: silver
• Consumption‐based Platform Services
– As a Service Solution for Hadoop Practice certified:
bronze
– Haven As a Service Practice certified: silver
– Vertica As a Service Practice certified: bronze
• Data Discovery Services
– Big Data Discovery Experience Services Practice
certified: silver
– Data Discovery Environment Implementation Services
• Hybrid Data Management Services
– Analytics Workload Optimization with Vertica Practice
certified: gold
– Hybrid Data Management Architecture Services
• Information Governance Services
– Archiving Services Practice certified: bronze
– Classification Services
– Portals and Collaboration Services
– Records Management As a Service Practice certified:
bronze
– Records Management Services Practice certified:
bronze
• Integration and Implementation Services
– Content Management Services
– Enterprise Data Warehousing Services
– Master Data Management Services
• Managed Services
– Managed Analytic Services Practice certified: bronze

41. Hewlett Packard Enterprise Data Protection
and Privacy (DPP) Consulting Services

42. Hewlett Packard Enterprise
Security Services

43. Hewlett Packard Enterprise Master
Data Management Framework
• Master Data
Management Services
– HPE Master Data
Management Services
are a strong portfolio
of service offerings
including Master Data
Management (MDM)
strategy, tools
assessment, proof‐of‐
concept MDM
deployment, and post‐
solution
implementation
support

44. Hewlett Packard Enterprise Master
Information Governance Model
• Archiving Services
• Classification Services
• Portals and
Collaboration Services
• Records Management
as a Service
• Records Management
Services