We continued our data governance series on June 22 with the topic Data Governance in the Cloud. Our moderator, Rashesh Jethi of Amadeus North America, was joined by panel members: Michael Lemire of QuickBase, Samir Mehra of CloudHealth Technologies, and Shawne Robinson of Pegasystems.
While governance is substantially easier to manage on premise, the fact is most companies are migrating to the cloud. The panel began with identifying the drivers of data governance in the cloud:
- Regulatory compliance
- Contractual obligations with your customers
- Risk assessment: what are the data types and classification
For CloudHealth, their main driver is about providing visibility for the user and setting up automated governance plans based upon need and usability. For many of their customers it is not only an accessibility issue - the right people with the right access - but also about optimizing their cloud use.
All panelists agreed that governing data in the cloud is complicated but there are general guidelines. Michael made mention of 10 generally accepted privacy principles that were released by the AICPA. And Rashesh spoke about technological advancements in machine learning that allow for better automation and detection to ensure that governance rules are being followed properly.
Shawne suggests for companies that are skittish about moving to the cloud to start small. Move those data sets that are not as critical and secure as a way to build and test your strategies.
Inevitably more data is going to be stored, accessed, and processed in the cloud. Companies and service providers must work together to create policies that make it safe and cost effective.