by Angela Guess
In a recent article Rajan Chandras discusses the importance of data architecture, noting, “Much of the discussion around protecting against data breaches has traditionally centered on two important aspects: perimeter security (e.g. firewalls) and data encryption (in situ, and in transit). But there’s another, often overlooked, aspect to protecting your data that’s much less sexy, but no less effective: data architecture.”
Chandras continues, “Data architecture is many things to many people, but typically includes data security (e.g. encryption, addressed above), metadata management, data obfuscation, data modeling, data distribution, and–depending on your perspective–data governance. How can data architecture help protect your data? Here’s a sample series of measures you can take using different components of data architecture. First, work with your data governance and information security teams to define attribute sensitivity, such as private health information or PII. Update the attributes in your data models to reflect this sensitivity. Then, export this information from your models into your metadata management system, which helps standardize the sensitivity information. Next, propagate it into your other metadata environments, such as your business intelligence tools. Ensure that your analytics and reporting teams are aware of attribute sensitivity when presenting information to users.”
He goes on, “Now you’ll want to use this information to architect your databases appropriately. Let creative thinking and wisdom guide your data architects and modelers into creating data models that separate sensitive attributes from others. Use query federation techniques in your SQL or application layer to pull this dispersed data together without significant sacrifice in performance. That brings us back to your BI and reporting tools, which is one such place for query federation. Use data governance policies, driven by common sense, to restrict the proliferation of data across multiple environments. Work with your developer community to define standard operating procedures and techniques, such as data obfuscation that allow for testing application code with ‘real’ data without compromising sensitivity.”
photo credit: leeannzieboo
