数据治理是一个涵盖多个不同学科和实践的总称,其优先级通常取决于谁在推动工作。首席数据官、隐私官、安全官和风险管理领导者通常关注驱动数据治理计划的隐私、安全和法规。数据科学家、营销人员、devops负责人和业务分析师更可能关注主动的数据治理,包括数据目录、数据集成、数据质量、数据谱系、客户数据概要文件和主数据管理。
在所有的术语、实践和技术中,有很多东西需要解释,而且一些功能和目标是重叠的。Zilliant首席技术官兼高级工程副总裁Shams Chauthani也认为,由于存在多个目标,业务利益相关者、IT和数据团队之间的协作是项目成功的关键。
他说:“数据治理通常被划分开来,主要是作为由IT管理的合规需求。在当今的数字时代,数据是最大的资产,将数据治理视为专门由IT运行的竖井工作对整个组织是一种伤害。对于组织来说,要充分实现利用数据进行更智能决策的承诺,数据治理过程必须在所有利益相关者的参与下不断改进。”
为了撰写本文,我咨询了行业专家,以确定devops领导者和团队应该了解哪些数据治理知识,以及他们如何为实现数据治理目标做出贡献。
一、数据治理是一项重大的组织变革
Redgate Software的devops倡导者Grant Fritchey认为,吸引利益相关者只是一个开始。“数据治理是每个人的责任,”他说。“你不能简单地将数据治理的工作分配给一个人或一个部门,并期望成功。数据治理必须成为IT行业每个人工作的一部分。”
实现所需协作和定义职责的一种方法是将数据治理直接连接到员工工作流。Clear Skye的首席执行官John Milburn说:“数据治理与其说是一种技术功能,不如说是一种人员和流程功能。这就是为什么你的治理解决方案必须与员工现有的工作流程保持一致,否则它注定会失败。”
开发运维团队应该寻找机会来改进数据运维,包括支持数据集成、编目和质量的自动化。Alation的现场CTO John Wills说:“新一代的数据治理是主动的、以目录为主导的治理,这意味着它对所有知识工作者(包括devops和dataops团队)都至关重要,是他们日常工作的一部分。”
二、隐私和数据保护条例
Immuta首席执行官Matthew Carroll分享了自上而下购买数据治理项目的一个关键原因。“我们看到数据管理和治理格局发生了重大转变,越来越多的消费者意识到他们的隐私权,这在很大程度上是由于新的法规。因此,组织正在努力解决如何最好地保护数据资产并遵守隐私法规,同时试图更快地扩展数据并从数据中获得价值,最终推动对更多数字化数据政策和自动化云数据访问和安全的需求。”
Monte Carlo的首席执行官兼联合创始人Barr Moses对此表示赞同。“数据治理比以往任何时候都更加关键,因为公司吸收了更多的数据,并且出台了更严格的数据监管,如GDPR和CCPA。我们可以通过让数据更容易访问、更有意义、更合规和更可靠来应对这些合规逆风,以免它们拖累我们。”
三、领导者在做决策时必须相信数据
在遵从性考虑之外,推动数据治理工作的下一个重要级别是信任数据是准确、及时的,并满足其他数据质量要求。
Moses对技术团队有几个建议。她说:“团队必须对关键的表和报告有可见性,并像一等公民一样对待数据完整性。真正的数据治理需要超越定义和映射数据,真正理解数据的使用。优先考虑数据可观察性的方法可以围绕特定的分析用例提供集体意义,并允许团队优先考虑对业务最重要的数据。”
Collibra数据质量副总裁Kirk Haslbeck分享了几个提高数据整体信任度的最佳实践。他说:“可信数据始于数据可观察性,使用元数据作为上下文,并主动监控数据质量问题。虽然数据质量和可观察性确定了数据适合使用,但数据治理确保了其使用的流线型、安全性和遵从性。数据治理和数据质量需要共同努力,从数据中创造价值。”
四、数据作为竞争差异化
一旦对数据有了基线信任,企业领导者就会希望使用数据、分析和机器学习来改变业务。Haslbeck继续说道:“每个企业都在寻找数据以获得竞争优势,数据治理和数据质量应该是优先考虑的问题。”
数据治理如何创造竞争优势?审计委员会风险和技术高级顾问John Wheeler解释说:“对于寻求新的数字产品和服务以实现增长的组织来说,数据治理现在是一个战略优先事项。因此,数据治理需要首席数据官或首席数字官的强有力领导,他们了解数据一致性、质量、透明度和准确性的需求。”
差异化的一个领域发生在用于管理企业对企业合作模型中的访问的开放数据模型中。例如,开放银行和金融级API旨在确保向开发人员、金融科技供应商和合作伙伴的生态系统交换数据和银行系统的安全。
Cloudentity的首席产品官Brook Lovatt与我分享了开放数据模型的细节。他说:“与封闭的数据治理模型相比,开放数据治理模型有更多的发展和创新机会,但开放模型也需要一套新的安全和合规考虑因素。这些开放数据规范提供了模式和协议,决定了系统之间如何通信,允许数据在应用程序、服务、平台和提供商之间流动。”
五、支持数据治理的Devops实践
数据隐私、安全性、质量和可靠性都是数据治理对数据驱动型组织非常重要的原因。下面是给devops领导者和团队的一些建议。
1、Wills说,devops团队应该在配置和更新数据目录方面发挥积极作用。数据目录是包含相关知识结构的企业引用系统,包括技术资产(如表、列、查询和模型)和非技术资产(如词汇表和度量)。结果是一个丰富的高质量资产和上下文知识的库存,可以信任,并通过强大的搜索、重用、协作和众包来推动生产力。”
2、Redgate Software的devops倡导者Steve Jones建议将数据治理作为“常规工作的一部分,以确保在对模式进行更改时收集新数据,并对数据进行适当的分类和保护。”
3、Milburn建议“将治理解决方案与IT服务管理平台集成在一起,这是企业保护数据的一种聪明方式,同时为员工提供熟悉的用户体验。”
4、Satori Cyber的首席执行官兼联合创始人Eldad Chai表示,数据安全运营应该是数据治理计划的一部分。“随着大数据的发展和多云环境的发展,高增长的公司需要一种非破坏性的、合规的方式来管理他们的技术堆栈和存储在其中的敏感数据。现代数据治理策略,如数据安全操作(datasecops),使公司能够收回控制权,降低风险,保持合规性,并提供对数据的安全访问,以自动、轻松地推动更好的业务决策。”
数据治理,以及持续测试和左移安全实践,是开发团队必须构建到应用程序体系结构和开发流程结构中的关键规程。将这些实践作为次要关注点可能会导致业务风险、技术债务和错失创新机会。
原文:
Data governance is an umbrella term encompassing several different disciplines and practices, and the priorities often depend on who is driving the effort. Chief data officers, privacy officers, security officers, and leaders in risk management usually focus on the privacy, security, and regulations that drive data governance programs. Data scientists, marketers, devops leaders, and business analysts are more likely to focus on proactive data governance, including data catalogs, data integration, data quality, data lineage, customer data profiles, and master data management.
There’s much to unpack in all the terms, practices, and technologies, and some capabilities and objectives overlap. Shams Chauthani, CTO and senior vice president of engineering at Zilliant, agrees that because there are multiple objectives, collaboration between business stakeholders, IT, and data teams is key to successful programs.
“Data governance is often treated in a compartmentalized way, mostly as a compliance requirement managed by IT,” he says. “In today’s digital age, data is the biggest asset, and to treat data governance as a siloed effort run exclusively by IT is a disservice to the entire organization. For organizations to fully deliver the promise of smarter decision-making with data, the data governance process must be continuously improved with engagements from all stakeholders.”
For this article, I consulted with industry experts to identify what devops leaders and teams should know about data governance and how they can contribute to its goals.
Data governance is a major organizational change
Grant Fritchey, devops advocate at Redgate Software, suggests that engaging stakeholders is just the start. “Data governance is everyone’s responsibility,” he says. “You can’t simply assign a person or a department the job of data governance and expect success. Data governance has to become a part of what everyone in IT does as a part of their jobs.”
One way to achieve the required collaboration and define responsibilities is to connect data governance directly to employee workflows. John Milburn, CEO of Clear Skye, says, “Data governance is not so much a technical function as it is a people and processes one. That’s why it’s critical that your governance solution aligns with employees’ existing workflow, or else it’s bound for failure.”
Devops teams should look for opportunities to improve dataops, including automations to support data integration, cataloging, and quality. John Wills, field CTO at Alation, says, “The new generation of data governance is active, catalog-led governance–meaning it’s vital for all knowledge workers including devops and dataops teams and is part of their daily work.”
Privacy and data protection regulations
Immuta CEO Matthew Carroll shares one key reason for top-down buy-in for data governance programs. “We’re seeing a major shift in the data management and governance landscape as more consumers become aware of their privacy rights due in large part to new regulations. As a result, organizations are grappling with how best to protect data assets and adhere to privacy regulations while attempting to scale and derive value from their data faster, ultimately driving a need for more digitized data policies and automated cloud data access and security.”
Barr Moses, CEO and cofounder of Monte Carlo, agrees. “Data governance is more critical than ever before as companies ingest more data and greater data regulation, like GDPR and CCPA, rolls out. We can meet these compliance headwinds before they slow us down by making data more accessible, meaningful, compliant, and reliable.”
Leaders must trust the data for decision-making
Looking one step beyond compliance considerations, the next level of importance that drives data governance efforts is trust that data is accurate, timely, and meets other data quality requirements.
Moses has several recommendations for tech teams. She says, “Teams must have visibility into critical tables and reports and treat data integrity like a first-class citizen. True data governance needs to go beyond defining and mapping the data to truly comprehending its use. An approach that prioritizes observability into the data can provide collective significance around specific analytics use cases and allow teams to prioritize what data matters most to the business.”
Kirk Haslbeck, vice president of data quality at Collibra, shares several best practices that improve overall trust in the data. He says, “Trusted data starts with data observability, using metadata for context and proactively monitoring data quality issues. While data quality and observability establish that your data is fit to use, data governance ensures its use is streamlined, secure, and compliant. Both data governance and data quality need to work together to create value from data.”
Data as competitive differentiation
Once there’s a baseline trust in the data, business leaders want to use data, analytics, and machine learning to transform the business. Haslbeck continues, “Every business is looking for data for a competitive edge, and data governance and data quality should be a priority.”
How does data governance create a competitive edge? John Wheeler, senior advisor for risk and technology at AuditBoard, explains, “Data governance is now a strategic priority for organizations looking for new digital products and services for growth. As such, data governance requires strong leadership from chief data officers or chief digital officers who understand the need for data consistency, quality, transparency, and accuracy.”
One area of differentiation is happening in open data models for managing access in business-to-business partnership models. For example, open banking and the financial-grade API aims to secure the exchange of data and banking systems to an ecosystem of developers, fintech vendors, and partners.
Brook Lovatt, chief product officer at Cloudentity, shared specifics of open data models with me. He says, “There are more opportunities to evolve and innovate in open data governance models than in closed ones, but open models also require a new set of security and compliance considerations. These open data specifications provide patterns and protocols that determine how systems communicate with each other, allowing data to flow between apps, services, platforms, and providers.”
Devops practices that support data governance
Data privacy, security, quality, and reliability are all reasons why data governance is important to data-driven organizations. Here are several recommendations for devops leaders and teams.
Wills says devops teams should take an active role in configuring and updating data catalogs. “The data catalog is an enterprise system of reference containing a fabric of related knowledge, including technical assets such as tables, columns, queries, and models, and nontechnical ones such as glossaries and metrics. The result is a rich inventory of high-quality assets and contextual knowledge that can be trusted and that drives productivity through powerful search, reuse, collaboration, and crowdsourcing.”
Steve Jones, devops advocate at Redgate Software, recommends instituting data governance as “part of regular work to ensure that as changes are made to schemas, new data is collected, and the data is classified and protected appropriately.”
Milburn recommends “integrating your governance solution with your IT service management platform as a smart way for enterprises to protect their data while supporting workers with a familiar user experience.”
Eldad Chai, CEO and cofounder of Satori Cyber, says that data security operations should be part of the data governance plan. “As big data evolves and multicloud environments gain traction, high-growth companies need a nondisruptive, compliant way to manage their tech stacks and the sensitive data stored within them. A modern data governance strategy such as data security operations (datasecops) empowers companies to reclaim control, reduce risk, maintain compliance, and provide secure access to data to drive better business decisions—automatically and easily.”
Data governance, along with continuous testing and shift-left security practices, are key disciplines devops teams must build into the fabric of their application architectures and development processes. Bolting on these practices as a secondary concern can lead to business risks, technical debt, and missed innovation opportunities.
本文由数字化转型网(www.szhzxw.cn)翻译而成,作者:Isaac Sacolick;翻译:数字化转型网宁檬树;翻译审核:数字化转型网默然。
免责声明: 本网站(http://www.szhzxw.cn/)内容主要来自原创、合作媒体供稿和第三方投稿,凡在本网站出现的信息,均仅供参考。本网站将尽力确保所提供信息的准确性及可靠性,但不保证有关资料的准确性及可靠性,读者在使用前请进一步核实,并对任何自主决定的行为负责。本网站对有关资料所引致的错误、不确或遗漏,概不负任何法律责任。
本网站刊载的所有内容(包括但不仅限文字、图片、LOGO、音频、视频、软件、程序等) 版权归原作者所有。任何单位或个人认为本网站中的内容可能涉嫌侵犯其知识产权或存在不实内容时,请及时通知本站,予以删除。
