This is Part I of a two-part series on the importance of data in an enterprise’s ability to effectively enable mobility for users. The first part covers the necessity of a solid data management foundation and the second will explore how that foundation drives the app ecosystem.
Besides email, can you name your three most valuable data sets in your organization? If a new data set is created do you have a process to bring it under management? Do you have audit capabilities? Do you know who is accessing your data sets? When discussing the various popular topics of enterprise mobility such as BYOD, Consumerization of IT, Mobile Device Management (MDM), and Mobile Application Management (MAM), the topic of security – especially data security – is always top-of-mind. The idea that one of your most valuable corporate assets is potentially running around on insecure devices is enough to induce a panic attack for many IT professionals.
A lot of mind-share has been devoted to the idea that data, not devices, is of paramount security and management importance to enterprises. Lost or stolen data represents the greatest risk to your organization with mobility. Mobile Information Management (MIM), as a technological solution, is seen as a pinnacle of enterprise mobility management. While I subscribe to the idea that MIM is the desired destination for mobility management, MIM must sit firmly atop of the best practices of data governance. Data governance is often assumed but not discussed or, at best, only briefly mentioned. It is a practical house-keeping exercise that, while mundane, will produce the optimal atmosphere for the success of Mobile Information Management. Data governance is the idea that data is formally managed in an enterprise and adheres to a life-cycle process as would any physical asset in your business. The idea of data governance seems almost too obvious and simple to bother to discuss, but I am always amazed at the number of organizations that I help advise that have very limited data governance practices. Perhaps it is the seemingly ever-changing nature of data. Perhaps it is due to rogue data creation. Perhaps it is just sheer laziness. Whatever it is, mobility presents an opportunity to only compound the effects of poor data governance. That is why this is so important to raise as an issue. Mobility represents another technology layer for access, consumption, and creation of data. Without the proper data governance processes in place, organizations are at risk of piling additional complexity on top of an already lacking process. This will only create more opportunity for data dispersion and exposure risk.
Data governance should be approached as a process issue and not as a control issue. It is far too easy for users to create their own data sets. This is exacerbated further with the services available to users through mobility. If you create a process that works for users rather than against them, your chances of success are greatly increased. Where data resides and how it is conceived might change, but a robust process will be flexible enough to adapt to these changes. This doesn’t need to be an over complex, heavy-handed process. Communication and education are your best and primary tools. Your goal shouldn’t be how to tightly control data but rather developing a network of those who take an active part in ‘owning’ and curating the data.
If you currently lack any process for data governance you could easily begin with performing a high-level data inventory – better to start simple than have nothing at all. A simple data inventory consists of:
• A central record of all data sets
• Who currently ‘owns’ it
• Should it be backed up
There are many more elements that one could collect but this basic data inventory will get your organization to a baseline. Once you have this baseline established you can begin to collect more refined attributes, but more importantly, develop process and community around adds, edits, and deletes to data.
It is most important to remember that a technical solution is a poor substitute for a process. Mobility has activated our imagination and allowed us to see just how easy access and exposure of data has become. It has jolted our senses and brought data security to the forefront of the mobile discussion. But, MIM, as it is often discussed in the public sphere, is a solution and not a process. Its effectiveness is heavily reliant upon good data governance being firmly in place. MIM should be the technology applied to a well conceived process. Technology will never be the solution to bad process. When it comes to your data this is no exception. How good of a handle do you have on your data? Where do you think the process could be improved? Do you think that data governance is overkill? Post a comment and let me know what you think!
Benjamin Robbins is a Principal at Palador, a consulting firm that focuses on providing strategic guidance to enterprises in the areas of mobile strategy, policy, apps, and data. You can follow him on Twitter or connect on LinkedIn.