4 Data Governance Best Practices

Emily Heaslip
January 27, 2022
4 Data Governance Best Practices4 Data Governance Best Practices
Emily Heaslip
January 27, 2022
On this page

Data governance is the principled approach to managing data during its life cycle — from the moment you generate or collect data to its disposal. Good data governance ensures that data is kept private, accurate, usable, and most of all: secure. 

Data governance is a broad term, and as a result, good data governance encompasses everything from user behavior to technology to policies and compliance regulations. Here are a few best practices for enterprise data governance that can help keep your data safe.

Map out the entire data lifecycle

In order to practice strong data governance, you must understand how data moves through your organization.

“Data doesn’t exist in a single point in time. It’s created by a source, cleansed, updated, stored, analyzed, transmitted, backed up, deleted, and so on,” wrote the experts at CIO. “There are potential touch points every step of the lifecycle, and governing the data well through the various stages requires having policies and procedures in place for each stage.” 

Good data governance starts by recognizing that data is not stagnant. Map out how data is used throughout your business processes. Where is it collected? Where is it being stored? Who is accessing it, and on what devices? Consider some of these key areas when mapping out the data lifecycle

  • Data architecture: How data is structured as part of the enterprise architecture
  • Data design and modeling: The analysis, design, building, testing and maintenance of data throughout key business functions
  • Data storage: including physical servers and devices, cloud storage, and storage management
  • Data security: The programs, tools and platforms that keep data secure and confidential
  • Data warehousing: Managing how data is stored and analyzed for business intelligence and reporting
  • Mapping structured and unstructured data: Content management of documents and other content for indexing and integration 
  • Data quality: Understanding how data is defined, monitored and maintained for accuracy and integrity

Data governance begins with a thorough understanding of the organization’s data flows, storage, and security. From there, IT teams can take a layered approach to enterprise data governance. 

Create a layered approach

Next, create a structure that determines which teams are responsible for which aspects of data governance. Forbes recommends layering your approach to data governance as such: 

  1. Layer 1: IT Administration: The IT team should provide the foundation for good data governance by overseeing direct access to various tools and technologies that use data. The IT team is responsible for implementing strong IAM policies, determining which tools and SaaS platforms each team can use, and creating a linear flow of data across the organization.
  2. Layer 2: Data Engineering: This layer aims to ensure that data is accurate and consistent. Those responsible for data engineering make sure the way data is used is transparent across the organization and that the same definitions and standards are shared between business operations. 
  3. Layer 3: The “Human Layer”: The human layer refers to commitment on behalf of all members of the enterprise to adhere to the policies, tools, and security measures set forth by the IT team and data engineering experts. 

The human layer is one of the most difficult data governance aspects to get right. “Ultimately, the tools, technologies and systems that IT and data engineering teams set up only work if they are used and maintained as intended,” wrote Forbes. As a result, adding security tools as a failsafe to insider threat is an important data governance best practice. 

Deploy cloud DLP

Cloud programs complicate data governance by adding a new level of risk. Enterprise IT teams worry that employees may share data in a public cloud, or that native security configurations in cloud platforms like Slack are not sufficient to protect against theft or exposure. Likewise, enterprises that need to comply with GDPR, CCPA, PCI DSS, or HIPAA regulations need tools to stay compliant when sharing and using data in the cloud. 

Cloud DLP tools help IT teams simultaneously address these concerns and maintain strong data governance. Organizations that deploy cloud DLP are able to ensure that sensitive data is encrypted before it is transferred to cloud platforms, as well as trust that sensitive information is only sent to authorized cloud systems. 

Nightfall is a unique cloud DLP tool that leverages AI and machine learning to scan structured and unstructured data. Nightfall can help IT teams discover and classify PII, PHI, and PCI that must be protected and take immediate steps to remediate issues by notifying admins or quarantining or deleting data.

Go beyond data classification

Many enterprises stop data governance at the point of classifiying data: Simply knowing what data is used, rather than who has access to it and what data is valuable. 

Strong data governance requires performing due diligence to go deeper past the “what” and into the “who”, “why”, and “how” – 

  • Who has access to what information? 
  • How valuable is the data to the organization, employees, customers and partners?
  • Why do those who have access, need access?

“If an organization does not go deep enough in the data governance process, they run the risk of overengineering or even under-engineering the protection, availability, and recovery of the foundation of their business — information,” one security expert told CIO.

Nightfall is the first step in going deep with data governance. Because Nightfall can automatically identify a range of sensitive information — including patient names, addresses, medical record numbers, social security numbers, as well as a number of industry codes like ICD, FDA, DEA, NPI, DOB, and more — IT teams can focus on high value-add data governance tasks, such as IAM and pen testing

And, Nightfall can filter data streams to restrict suspicious or unidentified activity, log data for incident response and auditing, and pull everything together to save IT teams’ time.   

Check out our resources for developers to learn more about implementing cloud DLP for your business. And, to learn more about Nightfall, set up a demo using the calendar below. 

Nightfall Mini Logo

Getting started is easy

Start protecting your data with a 5 minute agentless install.

Get a demo