Grab some coffee and enjoy the pre-show banter
before the top of the
hour!
The Briefing Room
Rethinking Data Availability and Governance in a Mobile World
Twitter Tag: #briefr The Briefing Room
Reveal the essential characteristics of enterprise software, good and bad
Provide a forum for detailed analysis of today’s innovative technologies
Give vendors a chance to explain their product to savvy analysts
Allow audience members to pose serious questions... and get answers!
Mission
Twitter Tag: #briefr The Briefing Room
Topics
June: INNOVATORS
July: SQL INNOVATION
August: REAL-TIME DATA
Twitter Tag: #briefr The Briefing Room
Resistance is Futile
Ø Workers are mobile
Ø BYOD is here to stay
Ø End point security matters
Twitter Tag: #briefr The Briefing Room
Analyst: Malcolm Chisholm
Malcolm Chisholm has over 25 years experience in data management, and has worked in a variety of sectors, with a concentration on finance. He is an independent consultant specializing in data governance, master/reference data management, metadata engineering, and the organization of Enterprise Information Management. Malcolm has authored the books: Managing Reference Data in Enterprise Databases; How to Build a Business Rules Engine; and Definitions in Information Management. He was awarded the DAMA International Professional Achievement Award for contributions to Master Data Management. He holds an M.A. from the University of Oxford and a Ph.D. from the University of Bristol.
Twitter Tag: #briefr The Briefing Room
Druva
Druva offers converged data protection, which includes backup, availability and data governance to the mobile workforce
Its products include inSync for mobile devices and Phoenix for remote offices
Druva leverages its Elastic Cloud Platform to deliver a scalable and secure service to archive, discover and serve information
Twitter Tag: #briefr The Briefing Room
Guest: Dave Packer
Dave has more than 20 years of experience influencing products in the enterprise technology space, primarily focused on information management and governance. As a member of the Druva team, Dave leads Product Marketing, which serves an integral role leading product definition and direction. Prior to joining Druva, Dave has held executive positions at Autonomy Corp., Interwoven Inc., and Silicon Graphics. He was also instrumental in the product and market definition of the first widely deployed mobile device, Tablet PC, while at Uppercase, Inc., (acquired by Microsoft in 2000).
RETHINKING DATA AVAILABILITY AND GOVERNANCE IN A MOBILE WORLD
June 2015
11
“Druva has been a phenomenal answer to Dell for protecting our data”
ABOUT DRUVA
Company • Fastest growing data protection company • Headquartered in Silicon Valley • Backed by Sequoia and EMC
Ranked #1 by two years running
Brad Hammack IT Emerging Technologies
12
TRUSTED BY 3,000+ GLOBAL ENTERPRISES
13
YOUR ENTERPRISE IS CHANGING
2x Growth of corporate data
every 14 months (Source: Gartner)
2000 2015
Data Center 85%
Endpoints 7%
Remote Sites 8%
Data Center 56%
Endpoints 28%
Remote Sites 10%
Cloud 6%
14
CONFIDENCE & CONTROL NO LONGER EXIST
• High risk of permanent data loss • Business continuity & end user productivity impact • Lost visibility for compliance & legal requirements
8% Enterprise devices
lost per year
26% Litigation includes data
from mobile devices
60% Enterprises’ will have half of their infrastructure in
the cloud by 2018
15
DRUVA: DATA CENTER CLASS AVAILABILITY & GOVERNANCE FOR THE MOBILE WORKFORCE
User Produc+vity Corporate Control
LEVERAGING THE POWER OF AWS
ITAR
FIPS 140-2 MPAA ISO 27001
SOC 1,2,3 ISAE 3402
PCI DSS
HIPAA
FISMA Moderate
Security & Compliance Global Reach
Selectable Storage Regions
Certified cloud operations
17
THE DRUVA DIFFERENCE • Natively built on cloud technologies
99.999% data durability with guaranteed availability and access
• Patented deduplication engine
80% bandwidth and storage reduction
• Single data store for multiple enterprise workloads
100% elastic, proven scalability beyond a million+ devices
• Advanced cloud security & privacy
Multi-layer security model, with zero vendor data access
Data Governance
Data Availability
Druva Elastic Cloud
File Classification & Analytics Auditing
eDiscovery Integration
Data Backup & Collection
Data Recovery
Data Loss Prevention
Data Archival
File Sharing
Data Access
Global Deduplication
Engine
Single Instance Storage
Time- Indexed Metadata
S3/Glacier (Storage)
DynamoDB (Database)
EC2 (Compute)
Security & Privacy Fram
ework
Device Refresh
18
CONVERGED DATA PROTECTION FOR THE MOBILE WORKFORCE
for Endpoints
for Remote Office Servers
19
ADDRESSING NEEDS OF THE GLOBAL ENTERPRISE
Endpoint Backup A non-intrusive solution to ensure mobile data is protected from loss
Endpoint Lifecycle Manage ongoing device refreshes, enforcement of BYOD policies and protection of data on endpoints
Enterprise Mobility Centralized IT control over file-sharing that is secure and policy managed
eDiscovery Enablement Collect and preserve data for eDiscovery with less time consuming and inexpensive processes
20
KEY REQUIREMENTS OF MOBILE DATA GOVERNANCE
Time-indexed Data Collection
Geo-location and fencing
Federated Search
Long-term retention
eDiscovery Enablement
Legal Hold
Data Segrega+on
Audit trails & activity streams
21
DRUVA DATA GOVERNANCE TODAY
• Legal hold policy and management o Provides data collection, hold management console o Preserves data ‘in place’, no additional storage o Direct connect for eDiscovery platforms
• Compliance / Regulation support o Tamper proof & extensive audit trails o Regional data privacy policy configuration o HIPAA compliant (KPMG audited) o ISAE-3000 certified
22
LEARN MORE • Experience Druva – Free Trial
o druva.com/trial
• Read Analyst Reports, White Papers, Case Studies & more o druva.com/resources
• Learn about data availability & governance – Blog o druva.com/blog
The Leader in Converged Data Protection
druva.com
Twitter Tag: #briefr The Briefing Room
Perceptions & Questions
Analyst: Malcolm Chisholm
Framing the Challenge of End User Compu+ng Data Governance
June 9, 2015 Presented by Malcolm Chisholm
© AskGet.com Inc 2015
The Challenge of Data Governance
Data Stewardship Data Policies
Data Security Legal, Privacy & Compliance
Informa+on Knowledge Mgmt.
Data Architecture & Modeling
Data Life Cycle
Change Management Data Content Management
Primary Accountable is IT Primary Accountable is Opera+ons
Other Primary Accountable
Primary Accountable is Data Governance
• Data Governance is a set of disciplines, each with its own special set of concerns and techniques • Some of these disciplines are “pure” Data Governance; others involve working with some part of the
business that has primary responsibility for the discipline • The Data Governance disciplines are each different and fairly self-‐contained • To do Data Governance well we need to master all of the disciplines relevant to our enterprise • Some of these disciplines are emerging, and that makes them difficult
© AskGet.com Inc 2015
The Endpoint Data Challenge
• Because of its close rela+onships with IT and Opera+ons, Data Governance tends to focus on corporate systems.
• However, many enterprises have segments of their workforce that are mobile and/or dispersed from central offices. These staff are crea+ng data at their endpoints that is not captured in corporate systems.
• Even staff in corporate centers are doing work on their PC’s that is not captured by corporate systems. • Leaving aside discussion of Cloud for now, which has added even more complexity.
IT Opera+ons Data Governance
Corporate Systems Mobile, Dispersed, Self-‐enabling
Segments of Workforce
?
© AskGet.com Inc 2015
End-‐User Compu+ng
• Endpoints are where data is at, but what is going on at the endpoints? • Answer: End-‐User Compu+ng (EUC) • Much – but far from all – the types of data management that we see in corporate systems are going on in
EUC • It is very rare to find any staff who have received training on EUC Data Governance (“EUC Governance”),
and this is not a tradi+onal area of focus of Data Governance. • Hence, the quality of data management is unknown, but can be guessed to be at low maturity – which is
risky.
Data Acquisi+on
File Transfer
Analysis
Communica+on
Repor+ng
Reports
Models
Files
Contracts
Publica+ons …
© AskGet.com Inc 2015
Why Is EUC Governance Needed?
• Employees go away – some+mes suddenly.
• What happens to the data they have been working with?
GAME OVER
Termina+on
New Job
Other Reasons
Stolen
Destroyed
Lost
• Endpoint devices go away – some+mes suddenly.
• What data has gone missing, what are the consequences, and can the data be recovered?
• There are some obvious reasons why EUC governance is needed • Here are a couple – there are a lot more
© AskGet.com Inc 2015
The Challenge of EUC Governance: 1 – No Close Partner
• We saw before that for some Data Governance disciplines there are natural partners.
• IT is a partner with EUC Governance, but has a rela+vely narrow focus, and may not understand the Data Governance aspects
• Legal and HR could be other partners
• The end users themselves can be resistant to Data Governance, but ul+mately need to be enrolled
• CONCLUSION: Data Governance must lead in this area
GAM EOVER
Termination
New Job
Other Reasons
Stolen
Destroyed
Lost
Data Stewardship Data Policies
Data Security Legal, Privacy & Compliance
Information Knowledge Mgmt.
Data Architecture & Modeling
Data Life Cycle
Change Management Data Content Management
Primary Accountable is IT Primary Accountable is Operations
Other Primary Accountable
Primary Accountable is Data Governance
© AskGet.com Inc 2015
Data Stewardship Data Policies
Data Security Legal, Privacy & Compliance
Information Knowledge Mgmt.
Data Architecture & Modeling
Data Life Cycle
Change Management Data Content Management
Primary Accountable is IT Primary Accountable is Operations
Other Primary Accountable
Primary Accountable is Data Governance
The Challenge of EUC Governance: 2 – Complexity
• EUC Governance is composed of many (but not all) of the disciplines of Data Governance
• EUC Governance may have some special characteris+cs that also make it its own discipline
• It is up to Data Governance to figure this out, and come up with conceptual frameworks for EUC Governance
• CONCLUSION: Data Governance must lead in this area
GAM EOVER
Termination
New Job
Other Reasons
Stolen
Destroyed
Lost
*
* * *
*
*
© AskGet.com Inc 2015
1. You have shown us a number of capabilities that Druva has. I understand that IT is a natural partner for meeting the data backup and recovery use cases. However, who is the natural partner in the enterprise for the Data Governance use cases you have described? Data Governance units are often highly aligned to supporting IT and Operations, rather than the mobile dispersed workforce. Given this, will Data Governance be ready to drive adoption of Druva? Does Data Governance need to be more mature to deal with what Druva offers?
2. You demonstrated the Data Availability layer in your architecture. A big problem for enterprises today is uncontrolled use of personal file sharing capabilities, like Dropbox. In your file sharing capability, can you control who is sharing what within the enterprise? Sometimes, one organizational unit must not be allowed to see what another is doing.
3. This is a follow up to the previous question. How should Data Governance go about figuring out what the rules are for permitted file sharing? This would not only include who can see what files, but what they are allowed to do with them (e.g., use the data to derive further data).
4. The environment you provide is essentially another production environment. Do you have recommendations about how to prevent it being used in manner that drives chaos? For instance, who can do eDiscovery, under what circumstances, and what do they do with the results? Who decides if a legal hold can be placed, what it covers, and when it can be released? In the past great technological advances (like ETL) have actually enabled poor data management practices that have indeed driven chaos.
5. The environment that Druva creates seems like a natural point of ingestion for Big Data projects. Do you see the data in the Druva environment being used in this way, and do you know anything of the use cases involved?
6. Closely related to the previous question, some segments of the work force are dealing with customers. Could I use the Druva environment to pull in data for analysis to ultimately update a Customer MDM hub, both for Customer static information and Customer propensity information?
7. You have file classification and auditing. Can this be extended to profiling? Suppose I need to find unprotected Social Security Numbers in the endpoints? Or can I find copies of contracts or other legal agreements (like NDA’s) that are on people’s endpoints?
8. Suppose that Data Governance finds in the Druva environment that Person X has sensitive data on their PC that should not be there. Other than Excel and email, how can Data Governance alert Person X, and track their actions to purge the sensitive data?
9. What are the latencies involved? Suppose Person Y loads an unencrypted copy of a hospital’s patient list onto their PC, and they are not really supposed to do this. How long would it be before I could reasonably detect this in the Druva environment? Would I have to have thought of this use case in advance, or would something alert me?
Twitter Tag: #briefr The Briefing Room
Twitter Tag: #briefr The Briefing Room
Upcoming Topics
www.insideanalysis.com
June: INNOVATORS
July: SQL INNOVATION
August: REAL-TIME DATA
Twitter Tag: #briefr The Briefing Room
THANK YOU for your
ATTENTION!
Some images provided courtesy of Wikimedia Commons and http://en.memory-alpha.wikia.com/wiki/File:Borg_2366.jpg