Rethinking Data Availability and Governance in a Mobile World

Grab some coffee and enjoy the pre-show banter

before the top of the

hour!

The Briefing Room

Rethinking Data Availability and Governance in a Mobile World

Twitter Tag: #briefr The Briefing Room

Welcome

Host: Eric Kavanagh

[email protected] @eric_kavanagh


  Reveal the essential characteristics of enterprise software, good and bad

  Provide a forum for detailed analysis of today’s innovative technologies

 Give vendors a chance to explain their product to savvy analysts

  Allow audience members to pose serious questions... and get answers!

Mission


Topics

June: INNOVATORS

July: SQL INNOVATION

August: REAL-TIME DATA


Resistance is Futile

Ø Workers are mobile

Ø  BYOD is here to stay

Ø  End point security matters


Analyst: Malcolm Chisholm

Malcolm Chisholm has over 25 years experience in data management, and has worked in a variety of sectors, with a concentration on finance. He is an independent consultant specializing in data governance, master/reference data management, metadata engineering, and the organization of Enterprise Information Management. Malcolm has authored the books: Managing Reference Data in Enterprise Databases; How to Build a Business Rules Engine; and Definitions in Information Management. He was awarded the DAMA International Professional Achievement Award for contributions to Master Data Management. He holds an M.A. from the University of Oxford and a Ph.D. from the University of Bristol.


Druva

Druva offers converged data protection, which includes backup, availability and data governance to the mobile workforce

  Its products include inSync for mobile devices and Phoenix for remote offices

Druva leverages its Elastic Cloud Platform to deliver a scalable and secure service to archive, discover and serve information


Guest: Dave Packer

Dave has more than 20 years of experience influencing products in the enterprise technology space, primarily focused on information management and governance. As a member of the Druva team, Dave leads Product Marketing, which serves an integral role leading product definition and direction. Prior to joining Druva, Dave has held executive positions at Autonomy Corp., Interwoven Inc., and Silicon Graphics. He was also instrumental in the product and market definition of the first widely deployed mobile device, Tablet PC, while at Uppercase, Inc., (acquired by Microsoft in 2000).

RETHINKING DATA AVAILABILITY AND GOVERNANCE IN A MOBILE WORLD

June 2015

11

“Druva has been a phenomenal answer to Dell for protecting our data”

ABOUT DRUVA

Company •  Fastest growing data protection company •  Headquartered in Silicon Valley •  Backed by Sequoia and EMC

Ranked #1 by two years running

Brad Hammack IT Emerging Technologies

12

TRUSTED BY 3,000+ GLOBAL ENTERPRISES

13

YOUR ENTERPRISE IS CHANGING

2x Growth of corporate data

every 14 months (Source: Gartner)

2000 2015

Data Center 85%

Endpoints 7%

Remote Sites 8%

Data Center 56%

Endpoints 28%

Remote Sites 10%

Cloud 6%

14

CONFIDENCE & CONTROL NO LONGER EXIST

•  High risk of permanent data loss •  Business continuity & end user productivity impact •  Lost visibility for compliance & legal requirements

8% Enterprise devices

lost per year

26% Litigation includes data

from mobile devices

60% Enterprises’ will have half of their infrastructure in

the cloud by 2018

15

DRUVA: DATA CENTER CLASS AVAILABILITY & GOVERNANCE FOR THE MOBILE WORKFORCE

User Produc+vity Corporate Control

LEVERAGING THE POWER OF AWS

ITAR

FIPS 140-2 MPAA ISO 27001

SOC 1,2,3 ISAE 3402

PCI DSS

HIPAA

FISMA Moderate

Security & Compliance Global Reach

Selectable Storage Regions

Certified cloud operations

17

THE DRUVA DIFFERENCE •  Natively built on cloud technologies

99.999% data durability with guaranteed availability and access

•  Patented deduplication engine

80% bandwidth and storage reduction

•  Single data store for multiple enterprise workloads

100% elastic, proven scalability beyond a million+ devices

•  Advanced cloud security & privacy

Multi-layer security model, with zero vendor data access

Data Governance

Data Availability

Druva Elastic Cloud

File Classification & Analytics Auditing

eDiscovery Integration

Data Backup & Collection

Data Recovery

Data Loss Prevention

Data Archival

File Sharing

Data Access

Global Deduplication

Engine

Single Instance Storage

Time- Indexed Metadata

S3/Glacier (Storage)

DynamoDB (Database)

EC2 (Compute)

Security & Privacy Fram

ework

Device Refresh

18

CONVERGED DATA PROTECTION FOR THE MOBILE WORKFORCE

for Endpoints

for Remote Office Servers

19

ADDRESSING NEEDS OF THE GLOBAL ENTERPRISE

Endpoint Backup A non-intrusive solution to ensure mobile data is protected from loss

Endpoint Lifecycle Manage ongoing device refreshes, enforcement of BYOD policies and protection of data on endpoints

Enterprise Mobility Centralized IT control over file-sharing that is secure and policy managed

eDiscovery Enablement Collect and preserve data for eDiscovery with less time consuming and inexpensive processes

20

KEY REQUIREMENTS OF MOBILE DATA GOVERNANCE

Time-indexed Data Collection

Geo-location and fencing

Federated Search

Long-term retention

eDiscovery Enablement

Legal Hold

Data Segrega+on

Audit trails & activity streams

21

DRUVA DATA GOVERNANCE TODAY

•  Legal hold policy and management o  Provides data collection, hold management console o  Preserves data ‘in place’, no additional storage o  Direct connect for eDiscovery platforms

•  Compliance / Regulation support o  Tamper proof & extensive audit trails o  Regional data privacy policy configuration o  HIPAA compliant (KPMG audited) o  ISAE-3000 certified

22

LEARN MORE •  Experience Druva – Free Trial

o  druva.com/trial

•  Read Analyst Reports, White Papers, Case Studies & more o  druva.com/resources

•  Learn about data availability & governance – Blog o  druva.com/blog

The Leader in Converged Data Protection

druva.com


Perceptions & Questions

Analyst: Malcolm Chisholm

Framing the Challenge of End User Compu+ng Data Governance

June 9, 2015 Presented by Malcolm Chisholm

[email protected]

© AskGet.com Inc 2015

The Challenge of Data Governance

Data Stewardship Data Policies

Data Security Legal, Privacy & Compliance

Informa+on Knowledge Mgmt.

Data Architecture & Modeling

Data Life Cycle

Change Management Data Content Management

Primary Accountable is IT Primary Accountable is Opera+ons

Other Primary Accountable

Primary Accountable is Data Governance

•  Data Governance is a set of disciplines, each with its own special set of concerns and techniques •  Some of these disciplines are “pure” Data Governance; others involve working with some part of the

business that has primary responsibility for the discipline •  The Data Governance disciplines are each different and fairly self-‐contained •  To do Data Governance well we need to master all of the disciplines relevant to our enterprise •  Some of these disciplines are emerging, and that makes them difficult


The Endpoint Data Challenge

•  Because of its close rela+onships with IT and Opera+ons, Data Governance tends to focus on corporate systems.

•  However, many enterprises have segments of their workforce that are mobile and/or dispersed from central offices. These staff are crea+ng data at their endpoints that is not captured in corporate systems.

•  Even staff in corporate centers are doing work on their PC’s that is not captured by corporate systems. •  Leaving aside discussion of Cloud for now, which has added even more complexity.

IT Opera+ons Data Governance

Corporate Systems Mobile, Dispersed, Self-‐enabling

Segments of Workforce

?


End-‐User Compu+ng

•  Endpoints are where data is at, but what is going on at the endpoints? •  Answer: End-‐User Compu+ng (EUC) •  Much – but far from all – the types of data management that we see in corporate systems are going on in

EUC •  It is very rare to find any staff who have received training on EUC Data Governance (“EUC Governance”),

and this is not a tradi+onal area of focus of Data Governance. •  Hence, the quality of data management is unknown, but can be guessed to be at low maturity – which is

risky.

Data Acquisi+on

File Transfer

Analysis

Communica+on

Repor+ng

Reports

Models

Files

Contracts

Publica+ons …


Why Is EUC Governance Needed?

•  Employees go away – some+mes suddenly.

•  What happens to the data they have been working with?

GAME OVER

Termina+on

New Job

Other Reasons

Stolen

Destroyed

Lost

•  Endpoint devices go away – some+mes suddenly.

•  What data has gone missing, what are the consequences, and can the data be recovered?

•  There are some obvious reasons why EUC governance is needed •  Here are a couple – there are a lot more


The Challenge of EUC Governance: 1 – No Close Partner

•  We saw before that for some Data Governance disciplines there are natural partners.

•  IT is a partner with EUC Governance, but has a rela+vely narrow focus, and may not understand the Data Governance aspects

•  Legal and HR could be other partners

•  The end users themselves can be resistant to Data Governance, but ul+mately need to be enrolled

•  CONCLUSION: Data Governance must lead in this area

GAM EOVER

Termination

New Job

Other Reasons

Stolen

Destroyed

Lost



Information Knowledge Mgmt.


Data Life Cycle


Primary Accountable is IT Primary Accountable is Operations






Information Knowledge Mgmt.


Data Life Cycle


Primary Accountable is IT Primary Accountable is Operations



The Challenge of EUC Governance: 2 – Complexity

•  EUC Governance is composed of many (but not all) of the disciplines of Data Governance

•  EUC Governance may have some special characteris+cs that also make it its own discipline

•  It is up to Data Governance to figure this out, and come up with conceptual frameworks for EUC Governance

•  CONCLUSION: Data Governance must lead in this area

GAM EOVER

Termination

New Job

Other Reasons

Stolen

Destroyed

Lost

*

* * *

*

*


1. You have shown us a number of capabilities that Druva has. I understand that IT is a natural partner for meeting the data backup and recovery use cases. However, who is the natural partner in the enterprise for the Data Governance use cases you have described? Data Governance units are often highly aligned to supporting IT and Operations, rather than the mobile dispersed workforce. Given this, will Data Governance be ready to drive adoption of Druva? Does Data Governance need to be more mature to deal with what Druva offers?

2. You demonstrated the Data Availability layer in your architecture. A big problem for enterprises today is uncontrolled use of personal file sharing capabilities, like Dropbox. In your file sharing capability, can you control who is sharing what within the enterprise? Sometimes, one organizational unit must not be allowed to see what another is doing.

3. This is a follow up to the previous question. How should Data Governance go about figuring out what the rules are for permitted file sharing? This would not only include who can see what files, but what they are allowed to do with them (e.g., use the data to derive further data).

4. The environment you provide is essentially another production environment. Do you have recommendations about how to prevent it being used in manner that drives chaos? For instance, who can do eDiscovery, under what circumstances, and what do they do with the results? Who decides if a legal hold can be placed, what it covers, and when it can be released? In the past great technological advances (like ETL) have actually enabled poor data management practices that have indeed driven chaos.

5. The environment that Druva creates seems like a natural point of ingestion for Big Data projects. Do you see the data in the Druva environment being used in this way, and do you know anything of the use cases involved?

6. Closely related to the previous question, some segments of the work force are dealing with customers. Could I use the Druva environment to pull in data for analysis to ultimately update a Customer MDM hub, both for Customer static information and Customer propensity information?

7. You have file classification and auditing. Can this be extended to profiling? Suppose I need to find unprotected Social Security Numbers in the endpoints? Or can I find copies of contracts or other legal agreements (like NDA’s) that are on people’s endpoints?

8. Suppose that Data Governance finds in the Druva environment that Person X has sensitive data on their PC that should not be there. Other than Excel and email, how can Data Governance alert Person X, and track their actions to purge the sensitive data?

9. What are the latencies involved? Suppose Person Y loads an unencrypted copy of a hospital’s patient list onto their PC, and they are not really supposed to do this. How long would it be before I could reasonably detect this in the Druva environment? Would I have to have thought of this use case in advance, or would something alert me?



Upcoming Topics

www.insideanalysis.com

June: INNOVATORS

July: SQL INNOVATION

August: REAL-TIME DATA


THANK YOU for your

ATTENTION!

Some images provided courtesy of Wikimedia Commons and http://en.memory-alpha.wikia.com/wiki/File:Borg_2366.jpg

Date post:	27-Jul-2015
Category:	Technology
Upload:	inside-analysis
View:	36 times
Download:	4 times

Rethinking Data Availability and Governance in a Mobile World

Technology