"He says there aren't any easy answers. I say, he's not looking hard enough!"
In "Lisa's Substitute", the nineteenth episode of The Simpsons' utterly brilliant second season, our favorite miscreant runs for student-body president against brainy Martin Prince. Grandstanding in front of his impressionable classmates, Bart utters the above quote to rousing cheers.
I think about that quip quite a bit. In business, politics and life, we seek easy answers to complex and nuanced problems. In truth, though, reality is almost always far more difficult than a four-word slogan designed to arouse our emotions.
Sure, many $400-per-hour consultants tell us what we already know – or at least should. When it comes to data governance and privacy, though, there is no silver bullet, no magic elixir that will cure our ills.
A useful model
Against this backdrop, consider The SAS® Data Governance Framework: A Blueprint for Success. In the downloadable white paper, the authors propose the following multi-part framework for addressing many of these thorny issues:
Before continuing, a note about models. As George E. P. Box famously said: "Essentially, all models are wrong, but some are useful." Put this one in the useful category.
I'd argue that data quality is certainly important, but in the abstract is it more important than data integration and data monitoring? And what about metadata management and a business glossary to ensure that employees are speaking a common language? Those are kind of critical also. The simple figure above illustrates that each of these areas is essential.
Which brings me to privacy.
Consider two types of organizations:
- ABC. An organization that governs its data well and spends considerably to protect enterprise data.
- YYZ. An organization that dismisses the importance of data governance and pooh-poohs increasingly dangerous threats.
All else being equal, I'll bet that ABC does a far better job protecting its users', customers', employees' and partners' data. This does not mean that breaches can't or won't happen to either or both organizations. (As recent political events have manifested, even our voting booths aren't safe from those who want to do harm.)
Simon says: Ignore your inner Bart Simpson.
If there's a thornier technology-related issue than privacy, I've yet to see it. Be wary of organizations and individuals promising obvious and facile solutions to increasingly challenging issues.
What say you?Learn how SAS can help you identify, govern and protect personal data