Data Quality+Security
8 likes3,443 views
The document discusses the interactions between data security and data quality. It argues that poor data quality can threaten data security by compromising confidentiality, integrity and availability. Improving data quality through processes like data governance can benefit data security by providing metrics to evaluate effectiveness and enabling security requirements to be implemented properly. The document then presents models for data quality and data security and argues that integrating the two through a unified data governance strategy can help discover vulnerabilities, engineer better security protections and create organizational awareness of both data quality and security issues.
Data Quality+Security
- 1. Interactions between Data Securityand Data Quality
- 2. Data Quality and Data Security Models Data Governance integrating Data Quality and Data SecurityAgenda Data Quality Maturity Model and Data Security
- 3. Data Quality Issues are a Security ThreatConfidentiality, Integrity and Availability Problems as a result of Poor Data Quality Data Ownership is required to control whether confidentiality is maintained.Data Inconsistency measures are required to control if integrity is maintained.Analysis of Data problems hands confidential data to people that shouldn’t have!“ad hoc” Fixing Data problems is in itself a big threat to data integrity!Data Quality Benefitting Data Security in all StagesQualitative Data Governance provides metrics to observe the effectiveness of Data Security.Data Quality processes are required to effectively implement Data Security Requirements.Data Quality Enables Data Security
- 4. The Data Security ModelIntegrity Modification Tracking
- 6. Data AuthenticityConfidentiality Data Access Controls
- 8. Data AnonymizationAvailability Data Access Mechanisms
- 9. Data Loss Prevention
- 10. Downtime PreventionThe Data Quality ModelDo the IT systems providehigh quality data fortheir purpose?Do the processes provide data suitableto fit their purpose?Fit ForPurposeMeasureAnalyzeImproveControlMeasureAnalyzeImproveControlDataQualityMgt.Which processesutilize the dataand why?Why do the IT systemshandle the data?Data HandlingIT SystemsData UtilizingProcessesMeasureAnalyzeImproveControlDo the systems providedata suitable to the process?What data handling functiondoes the system providefor the process?
- 11. Data Quality CharacteristicsThe Data Quality CharacteristicsConsistentCompleteTransparentRelevantTimelyPreciseAccurate
- 12. The effect of Data Quality on SecurityPoorData QualityDataSecurityThreatsFixingDQProblemsDataSecurityMetricscausesimprovesTimelinessTransparencyConsistencyCompletenessRelevancePrecisionAccuracy
- 13. Data Quality and Data Security Models Data Governance integrating Data Quality and Data SecurityAgenda Data Quality Maturity Model and Data Security
- 14. The Data Quality Maturity ModelEnforcementMetadataMethodsPolicyMetadataManagementInformation Lifecycle Mgt.Data Risk ManagementDataArchitectureDataQualityGovernanceMaturityOrganizationalAwarenessValue CreationAudits &ReportingStewardshipSecurityComplianceData QualityMeasurementCorporateEnvironmentManDQControl
- 15. DQ Governance Benefits for SecurityEnforcementMetadataMethodsCorporateEnvironmentManDQControlOrganizationalAwarenessPolicyValue CreationMetadataManagementInformation Lifecycle Mgt.Audits &Reporting Integrate Data
- 16. Remove Silos
- 17. Definition
- 18. Domain
- 19. Purpose
- 20. Data Governance policies
- 21. Quality Audits
- 22. Quality Reports
- 24. Manage data as a quality asset
- 25. Strategic observation of data valueDQ PerspectiveStewardshipData Risk ManagementSecurityComplianceDataArchitectureData QualityMeasurement Address data quality in design
- 26. Points of Data Entry, Utilization and Decommission
- 27. Inconsistency:Count, Cause, System, Solution
- 28. People in charge
- 29. Common skill set for data issues
- 30. Integrated business processes
- 31. Rational standardsOrganizationalAwarenessPolicyValue CreationMetadataManagementInformation Lifecycle Mgt.Audits &ReportingDiscover soft spots
- 34. Security Levels
- 36. Security Audits
- 37. Security Reports
- 38. Manage data as a valuable asset
- 39. Effective protection for valuable assetsDS PerspectiveStewardshipData Risk ManagementSecurityComplianceDataArchitectureData QualityMeasurement Address data security in design
- 41. Access rules
- 42. Access points
- 43. Integrity threats:Amount, Location, Countermeasures Single Point of enforcement
- 44. Effectiveness of SAR and SFREverybody wins – why not build a synergetic strategy?
- 45. Data Quality and Data Security Models Data Governance integrating Data Quality and Data SecurityAgenda Data Quality Maturity Model and Data Security
- 46. Roadmap to Integrated DQ/DS GovernanceRecognizing data as a corporate asset:Processes, owners, KPI’s + improvement.Documentation,Standardization &Application ofService Processes.ServiceManagementDataManagementIntegrated Data GovernanceDataAdministration ProblemManagementError removal capabilities:Staff, tools, method.Information Model, Documentation, Standardization and Monitoring of Data.
- 47. Service ManagementData Quality Focus in Service ManagementIntegrate Data Services into Service Management ProcessesData-driven SLA’sServiceManagementDataManagementInnovation and technology change based on data capabilityIntegrated Data GovernanceBenefits for Data Security ManagementAll relevant data objects become visible on the radarDataAdminsitrationProblemManagementGaps in data services become obviousPlan security into the design concepts before realizationCorporate learning allows security “best practices” to spread quickerData Service Management is the basis for DS to effectively handle + implement security.
- 48. Problem ManagementData Quality Focus in Problem ManagementEstablish a common body of knowledge and tools for solving data issuesEstablish a central problem management team to tackle data issuesServiceManagementDataManagementEnterprise-wide scope for data problem handlingIntegrated Data GovernanceBenefits for Data Security ManagementCentral unit to track SAR and SFR problemsDataAdministrationProblemManagementSynergies in resolving security issues caused by quality issuesJoint priorities on interdisciplinary issuesEffective handling of corporate issues that only slightly relate to dataData Problem Management is the basis for DS to get rid of security problems at the root.
- 49. Data AdministrationData Quality Focus in Data AdministrationCommon Data ModelsMetadata standardsServiceManagementDataManagementCentral control and clearly defined data accountabilityIntegrated Data GovernanceBenefits for Data Security ManagementStandard method for integrating SAR into metadataDataAdministrationProblemManagementStandard processes for turning SFR into action Standard metrics for tracking SFR implementationSAR realization as “everyone’s” accountabilityData Administration is the basis for DS to touch data threats at the right place.
- 50. Data ManagementData Quality Focus in Data ManagementEstablish rules and procedures for data managementTreat data as a corporate assetServiceManagementDataManagementTrack and improve data KPI’sIntegrated Data GovernanceBenefits for Data Security ManagementIntegrate SARs as standard KPI DataAdministrationProblemManagementMeasurement tools discover integrity violationsCommon knowledge on data-related issues and threatsCorporately aligned strategy for implementing data controlsData Management offers DS the certainty that counters are properly implemented.
- 51. Thank you for your attention