Data Governance has today become a fundamental consideration for every organisation.
This can take many forms but all are centred around the fundamental pillars of:
Visibility of where data is held
Protection of data from unauthorised access or loss
Trust that data will only be used for agreed and appropriate purposes.
Performance against these pillars directly impacts relationships with customers, partners, investors and regulators.
The cost implications of poor data governance and protection can be immense in terms of both mitigating or recovering from a governance violation.
As a result a majority of organisations have rapidly increased the level of information technology automation in support of data governance to better align with these pillars in a cost effective manner.
of data breaches included customer personal information
average global cost of a data breach
of data breaches due to vulnerable third party software or misconfigured cloud
The SaaS Dilemma and Data Governance
However the overwhelming shift to remotely-accessed Cloud apps (or SaaS) is rapidly undermining the gains from better Data Governance.
With SaaS, you no longer have total control over your software and place greater trust in your SaaS vendor to ensure you can govern your data effectively.
Do you really know what your users are doing with SaaS applications and your data?
Do you really know all the SaaS that is in use within your organisation?
At Ampliphae we find that the majority of organisations do not know about all the SaaS Cloud apps in use, as these have generally been pulled into the organisation by users from outside of the IT team.
This Shadow IT allows data to flow out of the organisation and into the Cloud undermining the mechanisms used to align your existing IT architecture with the Data Governance pillars.
The benefit you accrue from adopting SaaS may well be more than offset by the risk to your reputation or your ability to maintain compliance with legislation and standards.
Do you need to maintain compliance with any of the following?
Automatically Understand the Scale & Size of your Data Governance Problem
Discover all your SaaS vendors – not just the ones your IT team knows about.
Discover and collate all your SaaS vendor security certifications.
Understand the geo-residency for all your data as handled by SaaS vendors.
Understand limitations in how vendors protect your data such as using inadequate encryption.
Drive your Data Governance Programme
Understand where SaaS poses a risk to your Data Governance posture.
Understand how your users are really using SaaS through detailed traffic analysis.
Act to control how specific SaaS is used within your organisation, such as restricting its use in areas where inadequate data governance is a concern.