Effectively balancing data protection and sharing

Today, data is the essential fuel that drives both society and individual businesses. Sharing data increases performance and efficiency, delivers better, more personalized services, boosts transparency and enables greater collaboration and innovation.

However, at a time when data volumes are growing exponentially, much of this data is confidential, or personally identifiable. It must be protected from unauthorized access by internal or external users.

Balancing sharing and data protection is therefore critical to creating value from data while ensuring it remains secure. Organizations have to put in place strong governance processes, backed up by the right tools, to scale data consumption while protecting information. Implementing a data product marketplace supports these dual objectives, as we explain in this article.

The volume of data that now exists is enormous – and is increasing at an unprecedented rate. IDC’s Global DataSphere forecasts that the amount of data created, captured, replicated, and consumed worldwide is expected to reach 393.9 zettabytes (ZB) in 2028, a nearly fourfold increase from the already large 2023 volume of 129 ZB. 

Data now comes from business systems, customer interactions, and devices such as Internet of Things (IoT) sensors, smartphones and other devices. It may be generated internally or sourced from partners. When it comes to protection and governance, managing information brings a range of challenges:

• Data is scattered across the enterprise in multiple departments and silos
• Data is in different formats, including being structured or unstructured
• Data often contains personally identifiable information (PII) related to customers, employees or citizens
• Data is confidential, such as company information that delivers competitive advantage
• Data, especially around the locations of physical infrastructure, can be crucial to protecting national security
• Data ecosystems are increasingly complex, with data shared or managed by contractors or third-parties
• Threats are increasing, both from external hackers and internal employees

All of this is driving greater regulation across the world, such as the GDPR in Europe and CCPA in California. Not only do these mandate the highest levels of data protection and governance, but they also include the possibility of significant fines for breaches. High profile cases also bring large-scale reputational damage and open up organizations to expensive legal action.

To focus the spotlight on the importance of protecting data and to share best practices, every January 28 sees the celebration of Data Privacy Day (known as Data Protection Day in Europe). This aims to educate everyone on the subject, particularly at time when new uses of data, such as AI, are impacting companies and individuals.

Given the benefits of data sharing with employees, partners, citizens and AI, it is vital that organizations find ways to safely make trusted information available while minimizing risks. Applying these three best practices helps drive success:

Put in place strong governance processes

Data governance is the foundation of data protection. It enables organizations to understand their complete data estate, ensure compliance, protect information  and focus on quality. By putting in place rules on how data is described, processes on how it is handled, and who should have access to it, companies are able to take control of their data. This is essential not just for sharing with humans, but also with AI models and agents to ensure that their insights and actions are relevant, valuable and unbiased. 

Operationalize governance effectively

However, despite the importance of data governance, Gartner estimates that 80% of projects will fail by 2027. That’s primarily as programs are not seen as delivering business value, meaning that governance is seen as a cost and overhead rather than a business enabler.

Data governance therefore needs to be linked directly to organizational strategy and aims, such as around achieving compliance and powering AI. Teams must be cross-functional, supported by senior management and the benefits must be clearly shown and supported by tools and automation to maximize impact.

Put in place the right systems to deliver sharing and control

Protecting data is made more difficult if it is scattered across the organization, with no centralized view of data assets. There’s no record of who is accessing data, what they are using it for, or if corporate governance guidelines are being respected. 

Locking down all data and preventing anyone from using it is not an option – not sharing information increases inefficiency, leads to poorer decision-making and holds back innovation. Tools such as data catalogs inventory data, but don’t enable access. 

Organizations are now deploying data product marketplaces to balance protection with delivering access to information. A centralized, self-service solution that provides access to all of an organization’s data assets, data marketplaces are designed to support data sharing and drive consumption, while applying governance and security rules and processes. By enabling intuitive access from a single space they avoid data duplication and provide a full audit trail around data use.

To maximize protection look for a data product marketplace solution that offers these features:

Comprehensive access management

Enabling administrators to set and change access rights by role or group, rather than on an individual level, saves time and resources. Additionally, more advanced data marketplaces enable clients to host multiple domains in the same instance, for example providing public access to less sensitive data and sharing this privately internally or with chosen partners. 

Granular access

Look for the ability to govern access within individual data assets, such as anonymizing certain fields for some users, along with putting in place constraints on what users can do (add/publish/edit or solely access) individual data assets. 

Link to corporate policies and processes

Automate access and approvals by linking your data marketplace to corporate directories, enabling the use of Single Sign-on (SSO) and multi-factor authentication (MFA). This reduces administrative overheads and ensures consistency with corporate security policies.

Time limited access

Data is essential to collaboration – however, sharing can’t be at the expense of data protection. Granting time limited access to external collaborators or contractors enables them to use specified data solely for the period when you are working together.

Intuitive management and full audit trail

Administrators want to minimize the time spent managing access, freeing up time for more impactful tasks. Ensure your data marketplace offers an easy-to-use, dedicated interface where you can see all granted permissions, usage at a granular level, and evaluate and grant access on request. This must be backed up by a full audit trail to evidence compliance.

Strong security features

Every tool in your data stack must be secure and support your corporate security policies. As well as integration with processes such as MFA, ensure your SaaS data product marketplace is hosted by a secure cloud provider who guarantees the highest standards of protection.

The ability to offer data in multiple formats

Some users won’t actually need to access raw data – instead, they require higher level information in formats that meet their needs and data skills. Your data marketplace must make it easy to turn your datasets into compelling data products or visualizations, such as graphs, maps and data stories. Offering these can avoid the need to provide access to raw data, increasing protection and lowering risk.

The combination of greater regulation and the impact of data misuse, particularly by AI, means that the need to protect corporate data is growing. However, while robust governance is vital, it cannot be at the expense of scaling data consumption. Deploying a data product marketplace, integrated with corporate governance policies balances these two needs – protecting data will providing seamless access to the right users, in a secure, auditable manner.

Want to learn more about protecting and sharing your data? Contact us to speak to our experts.