SlideShare ist ein Scribd-Unternehmen logo
1 von 28
Downloaden Sie, um offline zu lesen
Proprietary + Confidential
Data protection trends
and best practices to
implement today
Sam Lugani
Group Product Manager
Group Product Manager
Google Cloud
Meet today’s speaker!
Rene Kolga
Group Product Manager
Product Manager
Google Cloud
Agenda
01 Data Governance
Access Controls
Encryption
Secure Collaboration
Incident Response
1. Setting internal data
policies
2. Governing data
access
What is Data Governance?
3. Complying with
external standards
4. Understanding the
data lifecycle
Data governance is everything you do to ensure data is secure, private, accurate,
available, and usable
Data Protection
(part of Data Governance)
Key questions
● How do I limit access to my data?
● How do I protect my sensitive data and my IP?
● How do I collaborate with other companies processing
their sensitive data?
What are the commitments being made by a cloud provider?
Do you have explicit control over your data and how it is used?
Processing your data as
per your instructions.
Not selling it to third
parties.
Not using it for for
advertising.
Transparent
about data collection and
use.
Is your data is encrypted
Not use your AI models
for any purpose.
Providing prompt data
incident noti cations.
Following international
standards.
Scenario: I want to control
access to my cloud resources
Access Controls
Access Transparency Access Approval
Near real-time logs whenever
Google administrators access
your environment on GCP
Approve administrative access to
your data on GCP before it
happens
Access Transparency (AXT) and Approval Approval (AXA) provides in depth visibility of
customer data access requests:
● Resource being accessed
● Reason for access
● Access approval or denial by the customer
Scenario: I want to gain
visibility into where my
sensitive data resides
E.g. What type of data do I store,
and where can it be found?
Classification
1. Gain visibility into sensitive data
2. Protect and de-risk sensitive data
3. Integrate into virtually any workload to
protect data at the source
Cloud DLP helps both Cloud Customers and end users:
Scenario: I want the highest level
of protection and control
of my encryption keys.
E.g. Own the full control of how data
is encrypted and decrypted
Cloud Key Management
Cloud Key Management
CLOUD KMS
Customer can
manage keys
generated and
stored by Google
CLOUD HSM
Customer
encrypts
data-at-rest using
a key residing
within Cloud HSM
CLOUD EKM
Customer
encrypts
data-at-rest using
a key residing
outside of Google
Cloud
Scenario: I want to harden my
workloads against malware
E.g. from remote attacks, privilege
escalation, and malicious insiders
Hardened VMs
Shielded VM (by default)
app_z
host OS
host BIOS
hardware and firmware
Titans
bins/libs
guest kernel
app_x
bins/libs
guest kernel
VM_A VM_B
Google KVM
Malicious guest OS, including
guest kernel
2
Integrity notifications to protect
against tampering
3
Malicious guest system firmware,
including malicious drivers
1
TPM driver TPM driver
vTPM(sw) device
NDA
Boot time protection from ...
Scenario: I want to run my
workload confidential or
cryptographically isolate
myself from neighbours and
cloud infrastructure
E.g. from malicious insiders and
infrastructure 0-days
Confidential Computing
Confidential VMs
● Just like a regular GCE VM
○ Anything that runs on VM runs on CVM
● Data encrypted while in-use
○ Memory encrypted, decrypted only on CPU chip
○ A key per VM
■ Random, ephemeral, generated by HW
■ Not extractable from HW
● Scale up to 224 vCPUs and 896 GiB memory
System on Chip
AMD Secure Processor
app
guest OS
app
guest OS
Hypervisor (KVM)
VM 1 VM 2
Key 2
Key 1
Memory Controller
AES Encryption Engine
Scenario: I want to collaborate
securely with multiple
untrusted parties
E.g. run secure immutable workloads
without accidental data leakage
or compromise
Secure MPC
Trusted Execution
Environment
Collaborators
Example
Sharing Sensitive Data Securely
Data owner #1
(e.g. bank)
Data owner #2 - #N
(e.g. bank)
Trusted Execution
Environment
Knowledge Knowledge
Workload author
(3rd party or data owner)
MPC Use Cases
Healthcare Joint ML training on PHI data to optimize treatment regimes, discover new
drugs and more
FinTech & Web 3 Detect fraud, prevent duplicate financing, identify insurance “double dipping”,
secure Web3 transactions
Retail & Adtech Enable Data Clean Rooms and provide aggregation measurements in a privacy
preserving way
Proprietary + Confidential
Multi-party Computation
Collaborate without trusting Retain data ownership
Data is only visible to the workload and
corresponding data owners in
Confidential Space.
Protect against operators
Workload operators cannot view or
change data or workload. They can
only start and stop it.
Multiple separate parties can securely
share data with an agreed upon
workload.
Scenario: I want to address a
cloud security incident
E.g. respond to a data theft or
cryptominer issue in my cloud
environment
Incident Response
Cloud Is Here, This Means Threats,
and This Means Incidents
Cloud Is Here
Gartner Forecasts Worldwide Public
Cloud End-User Spending to Reach
Nearly $500 Billion in 2022
Threats Are Here
● Cryptominers
● Credential abuse
● Software exploitation
● State sponsored attacks
Incidents Are Growing
● Data Theft
● Multi-faceted Extortion
● Theft of Cloud Resources
● Attacks against Other Systems
● Cross cloud & hybrid
environment
Gartner Press Release, “Gartner Forecasts Worldwide Public Cloud End-User
Spending to Reach Nearly $500 Billion in 2022,” April 19, 2022.
Incident response
1. Identification
2. Coordination
3. Resolution
4. Closure
5. Continuous improvement
Best Practices in
creating a scalable
Incident Response
Process
https://cloud.google.com/docs/security/incident-response
Protecting data while it’s being
store
Classifying sensitive data
Controlling Access to
Data
Key Takeaways
01 02 03
Protecting data when its being
processed
Secure and private
multi-party computation
Incident Response
process
06 05 04
Thank You

Weitere ähnliche Inhalte

Was ist angesagt?

Data Catalogs Are the Answer – What is the Question?
Data Catalogs Are the Answer – What is the Question?Data Catalogs Are the Answer – What is the Question?
Data Catalogs Are the Answer – What is the Question?DATAVERSITY
 
Enterprise Architecture vs. Data Architecture
Enterprise Architecture vs. Data ArchitectureEnterprise Architecture vs. Data Architecture
Enterprise Architecture vs. Data ArchitectureDATAVERSITY
 
Data Lake Architecture – Modern Strategies & Approaches
Data Lake Architecture – Modern Strategies & ApproachesData Lake Architecture – Modern Strategies & Approaches
Data Lake Architecture – Modern Strategies & ApproachesDATAVERSITY
 
Data-Ed Webinar: Data Governance Strategies
Data-Ed Webinar: Data Governance StrategiesData-Ed Webinar: Data Governance Strategies
Data-Ed Webinar: Data Governance StrategiesDATAVERSITY
 
Data Management is Data Governance
Data Management is Data GovernanceData Management is Data Governance
Data Management is Data GovernanceDATAVERSITY
 
Data strategy demistifying data
Data strategy demistifying dataData strategy demistifying data
Data strategy demistifying dataHans Verstraeten
 
Data Governance and Metadata Management
Data Governance and Metadata ManagementData Governance and Metadata Management
Data Governance and Metadata Management DATAVERSITY
 
Data Architecture Best Practices for Advanced Analytics
Data Architecture Best Practices for Advanced AnalyticsData Architecture Best Practices for Advanced Analytics
Data Architecture Best Practices for Advanced AnalyticsDATAVERSITY
 
Emerging Trends in Data Architecture – What’s the Next Big Thing?
Emerging Trends in Data Architecture – What’s the Next Big Thing?Emerging Trends in Data Architecture – What’s the Next Big Thing?
Emerging Trends in Data Architecture – What’s the Next Big Thing?DATAVERSITY
 
DAS Slides: Data Governance and Data Architecture – Alignment and Synergies
DAS Slides: Data Governance and Data Architecture – Alignment and SynergiesDAS Slides: Data Governance and Data Architecture – Alignment and Synergies
DAS Slides: Data Governance and Data Architecture – Alignment and SynergiesDATAVERSITY
 
Data strategy in a Big Data world
Data strategy in a Big Data worldData strategy in a Big Data world
Data strategy in a Big Data worldCraig Milroy
 
Implementing Effective Data Governance
Implementing Effective Data GovernanceImplementing Effective Data Governance
Implementing Effective Data GovernanceChristopher Bradley
 
BI Consultancy - Data, Analytics and Strategy
BI Consultancy - Data, Analytics and StrategyBI Consultancy - Data, Analytics and Strategy
BI Consultancy - Data, Analytics and StrategyShivam Dhawan
 
Improving Data Literacy Around Data Architecture
Improving Data Literacy Around Data ArchitectureImproving Data Literacy Around Data Architecture
Improving Data Literacy Around Data ArchitectureDATAVERSITY
 
Master Data Management methodology
Master Data Management methodologyMaster Data Management methodology
Master Data Management methodologyDatabase Architechs
 
Who Should Own Data Governance – IT or Business?
Who Should Own Data Governance – IT or Business?Who Should Own Data Governance – IT or Business?
Who Should Own Data Governance – IT or Business?DATAVERSITY
 
Becoming a Data-Driven Organization - Aligning Business & Data Strategy
Becoming a Data-Driven Organization - Aligning Business & Data StrategyBecoming a Data-Driven Organization - Aligning Business & Data Strategy
Becoming a Data-Driven Organization - Aligning Business & Data StrategyDATAVERSITY
 
Building a Data Strategy – Practical Steps for Aligning with Business Goals
Building a Data Strategy – Practical Steps for Aligning with Business GoalsBuilding a Data Strategy – Practical Steps for Aligning with Business Goals
Building a Data Strategy – Practical Steps for Aligning with Business GoalsDATAVERSITY
 
Ibm data governance framework
Ibm data governance frameworkIbm data governance framework
Ibm data governance frameworkkaiyun7631
 

Was ist angesagt? (20)

Data Catalogs Are the Answer – What is the Question?
Data Catalogs Are the Answer – What is the Question?Data Catalogs Are the Answer – What is the Question?
Data Catalogs Are the Answer – What is the Question?
 
Enterprise Architecture vs. Data Architecture
Enterprise Architecture vs. Data ArchitectureEnterprise Architecture vs. Data Architecture
Enterprise Architecture vs. Data Architecture
 
Data Lake Architecture – Modern Strategies & Approaches
Data Lake Architecture – Modern Strategies & ApproachesData Lake Architecture – Modern Strategies & Approaches
Data Lake Architecture – Modern Strategies & Approaches
 
Data-Ed Webinar: Data Governance Strategies
Data-Ed Webinar: Data Governance StrategiesData-Ed Webinar: Data Governance Strategies
Data-Ed Webinar: Data Governance Strategies
 
Data Management is Data Governance
Data Management is Data GovernanceData Management is Data Governance
Data Management is Data Governance
 
Data strategy demistifying data
Data strategy demistifying dataData strategy demistifying data
Data strategy demistifying data
 
Data Governance and Metadata Management
Data Governance and Metadata ManagementData Governance and Metadata Management
Data Governance and Metadata Management
 
Data Architecture Best Practices for Advanced Analytics
Data Architecture Best Practices for Advanced AnalyticsData Architecture Best Practices for Advanced Analytics
Data Architecture Best Practices for Advanced Analytics
 
Emerging Trends in Data Architecture – What’s the Next Big Thing?
Emerging Trends in Data Architecture – What’s the Next Big Thing?Emerging Trends in Data Architecture – What’s the Next Big Thing?
Emerging Trends in Data Architecture – What’s the Next Big Thing?
 
DAS Slides: Data Governance and Data Architecture – Alignment and Synergies
DAS Slides: Data Governance and Data Architecture – Alignment and SynergiesDAS Slides: Data Governance and Data Architecture – Alignment and Synergies
DAS Slides: Data Governance and Data Architecture – Alignment and Synergies
 
Data strategy in a Big Data world
Data strategy in a Big Data worldData strategy in a Big Data world
Data strategy in a Big Data world
 
8 Steps to Creating a Data Strategy
8 Steps to Creating a Data Strategy8 Steps to Creating a Data Strategy
8 Steps to Creating a Data Strategy
 
Implementing Effective Data Governance
Implementing Effective Data GovernanceImplementing Effective Data Governance
Implementing Effective Data Governance
 
BI Consultancy - Data, Analytics and Strategy
BI Consultancy - Data, Analytics and StrategyBI Consultancy - Data, Analytics and Strategy
BI Consultancy - Data, Analytics and Strategy
 
Improving Data Literacy Around Data Architecture
Improving Data Literacy Around Data ArchitectureImproving Data Literacy Around Data Architecture
Improving Data Literacy Around Data Architecture
 
Master Data Management methodology
Master Data Management methodologyMaster Data Management methodology
Master Data Management methodology
 
Who Should Own Data Governance – IT or Business?
Who Should Own Data Governance – IT or Business?Who Should Own Data Governance – IT or Business?
Who Should Own Data Governance – IT or Business?
 
Becoming a Data-Driven Organization - Aligning Business & Data Strategy
Becoming a Data-Driven Organization - Aligning Business & Data StrategyBecoming a Data-Driven Organization - Aligning Business & Data Strategy
Becoming a Data-Driven Organization - Aligning Business & Data Strategy
 
Building a Data Strategy – Practical Steps for Aligning with Business Goals
Building a Data Strategy – Practical Steps for Aligning with Business GoalsBuilding a Data Strategy – Practical Steps for Aligning with Business Goals
Building a Data Strategy – Practical Steps for Aligning with Business Goals
 
Ibm data governance framework
Ibm data governance frameworkIbm data governance framework
Ibm data governance framework
 

Ähnlich wie Data Governance Trends and Best Practices To Implement Today

Cloud_security.pptx
Cloud_security.pptxCloud_security.pptx
Cloud_security.pptxSofiyaKhan49
 
Encrytpion information security last stand
Encrytpion information security last standEncrytpion information security last stand
Encrytpion information security last standGeorge Delikouras
 
Fog Computing:The Justifying Insider Data Stealing Attacks in the Cloud
Fog Computing:The Justifying Insider Data Stealing Attacks in the CloudFog Computing:The Justifying Insider Data Stealing Attacks in the Cloud
Fog Computing:The Justifying Insider Data Stealing Attacks in the CloudIJSRD
 
Whose Cloud Is It Anyway: Exploring Data Security Ownership and Control
Whose Cloud Is It Anyway: Exploring Data Security Ownership and ControlWhose Cloud Is It Anyway: Exploring Data Security Ownership and Control
Whose Cloud Is It Anyway: Exploring Data Security Ownership and ControlSafeNet
 
CIA = Confidentiality of information, Integrity of information, Avai.pdf
CIA = Confidentiality of information, Integrity of information, Avai.pdfCIA = Confidentiality of information, Integrity of information, Avai.pdf
CIA = Confidentiality of information, Integrity of information, Avai.pdfannaielectronicsvill
 
Data Privacy And Security Issues In Cloud Computing.pdf
Data Privacy And Security Issues In Cloud Computing.pdfData Privacy And Security Issues In Cloud Computing.pdf
Data Privacy And Security Issues In Cloud Computing.pdfCiente
 
Free Guide-to-cybersecurity-fundamentals.pdf
Free Guide-to-cybersecurity-fundamentals.pdfFree Guide-to-cybersecurity-fundamentals.pdf
Free Guide-to-cybersecurity-fundamentals.pdfVarinder K
 
secureit-cloudsecurity-151130141528-lva1-app6892.pdf
secureit-cloudsecurity-151130141528-lva1-app6892.pdfsecureit-cloudsecurity-151130141528-lva1-app6892.pdf
secureit-cloudsecurity-151130141528-lva1-app6892.pdfYounesChafi1
 
IRJET- Security Enhancement for Sharing Data within Group Members in Cloud
IRJET- Security Enhancement for Sharing Data within Group Members in CloudIRJET- Security Enhancement for Sharing Data within Group Members in Cloud
IRJET- Security Enhancement for Sharing Data within Group Members in CloudIRJET Journal
 
DG_Architecture_Training.pptx
DG_Architecture_Training.pptxDG_Architecture_Training.pptx
DG_Architecture_Training.pptxTranVu383073
 
ISACA New York Metro, Developing, Deploying and Managing a Risk-Adjusted Data...
ISACA New York Metro, Developing, Deploying and Managing a Risk-Adjusted Data...ISACA New York Metro, Developing, Deploying and Managing a Risk-Adjusted Data...
ISACA New York Metro, Developing, Deploying and Managing a Risk-Adjusted Data...Ulf Mattsson
 
Andrew Yeomans, Infosecurity.nl, 3 november 2010, Jaarbeurs Utrecht
Andrew Yeomans, Infosecurity.nl, 3 november 2010, Jaarbeurs UtrechtAndrew Yeomans, Infosecurity.nl, 3 november 2010, Jaarbeurs Utrecht
Andrew Yeomans, Infosecurity.nl, 3 november 2010, Jaarbeurs UtrechtInfosecurity2010
 
10.1.1.436.3364.pdf
10.1.1.436.3364.pdf10.1.1.436.3364.pdf
10.1.1.436.3364.pdfmistryritesh
 
Data security in the cloud
Data security in the cloud Data security in the cloud
Data security in the cloud IBM Security
 

Ähnlich wie Data Governance Trends and Best Practices To Implement Today (20)

1784 1788
1784 17881784 1788
1784 1788
 
1784 1788
1784 17881784 1788
1784 1788
 
Cloud_security.pptx
Cloud_security.pptxCloud_security.pptx
Cloud_security.pptx
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
 
Encrytpion information security last stand
Encrytpion information security last standEncrytpion information security last stand
Encrytpion information security last stand
 
Fog Computing:The Justifying Insider Data Stealing Attacks in the Cloud
Fog Computing:The Justifying Insider Data Stealing Attacks in the CloudFog Computing:The Justifying Insider Data Stealing Attacks in the Cloud
Fog Computing:The Justifying Insider Data Stealing Attacks in the Cloud
 
Whose Cloud Is It Anyway: Exploring Data Security Ownership and Control
Whose Cloud Is It Anyway: Exploring Data Security Ownership and ControlWhose Cloud Is It Anyway: Exploring Data Security Ownership and Control
Whose Cloud Is It Anyway: Exploring Data Security Ownership and Control
 
CIA = Confidentiality of information, Integrity of information, Avai.pdf
CIA = Confidentiality of information, Integrity of information, Avai.pdfCIA = Confidentiality of information, Integrity of information, Avai.pdf
CIA = Confidentiality of information, Integrity of information, Avai.pdf
 
Data Privacy And Security Issues In Cloud Computing.pdf
Data Privacy And Security Issues In Cloud Computing.pdfData Privacy And Security Issues In Cloud Computing.pdf
Data Privacy And Security Issues In Cloud Computing.pdf
 
Cloud & Sécurité
Cloud & SécuritéCloud & Sécurité
Cloud & Sécurité
 
Free Guide-to-cybersecurity-fundamentals.pdf
Free Guide-to-cybersecurity-fundamentals.pdfFree Guide-to-cybersecurity-fundamentals.pdf
Free Guide-to-cybersecurity-fundamentals.pdf
 
secureit-cloudsecurity-151130141528-lva1-app6892.pdf
secureit-cloudsecurity-151130141528-lva1-app6892.pdfsecureit-cloudsecurity-151130141528-lva1-app6892.pdf
secureit-cloudsecurity-151130141528-lva1-app6892.pdf
 
IRJET- Security Enhancement for Sharing Data within Group Members in Cloud
IRJET- Security Enhancement for Sharing Data within Group Members in CloudIRJET- Security Enhancement for Sharing Data within Group Members in Cloud
IRJET- Security Enhancement for Sharing Data within Group Members in Cloud
 
DG_Architecture_Training.pptx
DG_Architecture_Training.pptxDG_Architecture_Training.pptx
DG_Architecture_Training.pptx
 
ISACA New York Metro, Developing, Deploying and Managing a Risk-Adjusted Data...
ISACA New York Metro, Developing, Deploying and Managing a Risk-Adjusted Data...ISACA New York Metro, Developing, Deploying and Managing a Risk-Adjusted Data...
ISACA New York Metro, Developing, Deploying and Managing a Risk-Adjusted Data...
 
What every executive needs to know about information technology security
What every executive needs to know about information technology securityWhat every executive needs to know about information technology security
What every executive needs to know about information technology security
 
Andrew Yeomans, Infosecurity.nl, 3 november 2010, Jaarbeurs Utrecht
Andrew Yeomans, Infosecurity.nl, 3 november 2010, Jaarbeurs UtrechtAndrew Yeomans, Infosecurity.nl, 3 november 2010, Jaarbeurs Utrecht
Andrew Yeomans, Infosecurity.nl, 3 november 2010, Jaarbeurs Utrecht
 
Cloud Security_ Unit 4
Cloud Security_ Unit 4Cloud Security_ Unit 4
Cloud Security_ Unit 4
 
10.1.1.436.3364.pdf
10.1.1.436.3364.pdf10.1.1.436.3364.pdf
10.1.1.436.3364.pdf
 
Data security in the cloud
Data security in the cloud Data security in the cloud
Data security in the cloud
 

Mehr von DATAVERSITY

Architecture, Products, and Total Cost of Ownership of the Leading Machine Le...
Architecture, Products, and Total Cost of Ownership of the Leading Machine Le...Architecture, Products, and Total Cost of Ownership of the Leading Machine Le...
Architecture, Products, and Total Cost of Ownership of the Leading Machine Le...DATAVERSITY
 
Data at the Speed of Business with Data Mastering and Governance
Data at the Speed of Business with Data Mastering and GovernanceData at the Speed of Business with Data Mastering and Governance
Data at the Speed of Business with Data Mastering and GovernanceDATAVERSITY
 
Exploring Levels of Data Literacy
Exploring Levels of Data LiteracyExploring Levels of Data Literacy
Exploring Levels of Data LiteracyDATAVERSITY
 
Building a Data Strategy – Practical Steps for Aligning with Business Goals
Building a Data Strategy – Practical Steps for Aligning with Business GoalsBuilding a Data Strategy – Practical Steps for Aligning with Business Goals
Building a Data Strategy – Practical Steps for Aligning with Business GoalsDATAVERSITY
 
Make Data Work for You
Make Data Work for YouMake Data Work for You
Make Data Work for YouDATAVERSITY
 
Data Catalogs Are the Answer – What Is the Question?
Data Catalogs Are the Answer – What Is the Question?Data Catalogs Are the Answer – What Is the Question?
Data Catalogs Are the Answer – What Is the Question?DATAVERSITY
 
Data Modeling Fundamentals
Data Modeling FundamentalsData Modeling Fundamentals
Data Modeling FundamentalsDATAVERSITY
 
Showing ROI for Your Analytic Project
Showing ROI for Your Analytic ProjectShowing ROI for Your Analytic Project
Showing ROI for Your Analytic ProjectDATAVERSITY
 
How a Semantic Layer Makes Data Mesh Work at Scale
How a Semantic Layer Makes  Data Mesh Work at ScaleHow a Semantic Layer Makes  Data Mesh Work at Scale
How a Semantic Layer Makes Data Mesh Work at ScaleDATAVERSITY
 
Is Enterprise Data Literacy Possible?
Is Enterprise Data Literacy Possible?Is Enterprise Data Literacy Possible?
Is Enterprise Data Literacy Possible?DATAVERSITY
 
The Data Trifecta – Privacy, Security & Governance Race from Reactivity to Re...
The Data Trifecta – Privacy, Security & Governance Race from Reactivity to Re...The Data Trifecta – Privacy, Security & Governance Race from Reactivity to Re...
The Data Trifecta – Privacy, Security & Governance Race from Reactivity to Re...DATAVERSITY
 
Data Governance Trends - A Look Backwards and Forwards
Data Governance Trends - A Look Backwards and ForwardsData Governance Trends - A Look Backwards and Forwards
Data Governance Trends - A Look Backwards and ForwardsDATAVERSITY
 
2023 Trends in Enterprise Analytics
2023 Trends in Enterprise Analytics2023 Trends in Enterprise Analytics
2023 Trends in Enterprise AnalyticsDATAVERSITY
 
Data Strategy Best Practices
Data Strategy Best PracticesData Strategy Best Practices
Data Strategy Best PracticesDATAVERSITY
 
Data Management Best Practices
Data Management Best PracticesData Management Best Practices
Data Management Best PracticesDATAVERSITY
 
MLOps – Applying DevOps to Competitive Advantage
MLOps – Applying DevOps to Competitive AdvantageMLOps – Applying DevOps to Competitive Advantage
MLOps – Applying DevOps to Competitive AdvantageDATAVERSITY
 
Keeping the Pulse of Your Data – Why You Need Data Observability to Improve D...
Keeping the Pulse of Your Data – Why You Need Data Observability to Improve D...Keeping the Pulse of Your Data – Why You Need Data Observability to Improve D...
Keeping the Pulse of Your Data – Why You Need Data Observability to Improve D...DATAVERSITY
 
Empowering the Data Driven Business with Modern Business Intelligence
Empowering the Data Driven Business with Modern Business IntelligenceEmpowering the Data Driven Business with Modern Business Intelligence
Empowering the Data Driven Business with Modern Business IntelligenceDATAVERSITY
 
Including All Your Mission-Critical Data in Modern Apps and Analytics
Including All Your Mission-Critical Data in Modern Apps and AnalyticsIncluding All Your Mission-Critical Data in Modern Apps and Analytics
Including All Your Mission-Critical Data in Modern Apps and AnalyticsDATAVERSITY
 
Assessing New Database Capabilities – Multi-Model
Assessing New Database Capabilities – Multi-ModelAssessing New Database Capabilities – Multi-Model
Assessing New Database Capabilities – Multi-ModelDATAVERSITY
 

Mehr von DATAVERSITY (20)

Architecture, Products, and Total Cost of Ownership of the Leading Machine Le...
Architecture, Products, and Total Cost of Ownership of the Leading Machine Le...Architecture, Products, and Total Cost of Ownership of the Leading Machine Le...
Architecture, Products, and Total Cost of Ownership of the Leading Machine Le...
 
Data at the Speed of Business with Data Mastering and Governance
Data at the Speed of Business with Data Mastering and GovernanceData at the Speed of Business with Data Mastering and Governance
Data at the Speed of Business with Data Mastering and Governance
 
Exploring Levels of Data Literacy
Exploring Levels of Data LiteracyExploring Levels of Data Literacy
Exploring Levels of Data Literacy
 
Building a Data Strategy – Practical Steps for Aligning with Business Goals
Building a Data Strategy – Practical Steps for Aligning with Business GoalsBuilding a Data Strategy – Practical Steps for Aligning with Business Goals
Building a Data Strategy – Practical Steps for Aligning with Business Goals
 
Make Data Work for You
Make Data Work for YouMake Data Work for You
Make Data Work for You
 
Data Catalogs Are the Answer – What Is the Question?
Data Catalogs Are the Answer – What Is the Question?Data Catalogs Are the Answer – What Is the Question?
Data Catalogs Are the Answer – What Is the Question?
 
Data Modeling Fundamentals
Data Modeling FundamentalsData Modeling Fundamentals
Data Modeling Fundamentals
 
Showing ROI for Your Analytic Project
Showing ROI for Your Analytic ProjectShowing ROI for Your Analytic Project
Showing ROI for Your Analytic Project
 
How a Semantic Layer Makes Data Mesh Work at Scale
How a Semantic Layer Makes  Data Mesh Work at ScaleHow a Semantic Layer Makes  Data Mesh Work at Scale
How a Semantic Layer Makes Data Mesh Work at Scale
 
Is Enterprise Data Literacy Possible?
Is Enterprise Data Literacy Possible?Is Enterprise Data Literacy Possible?
Is Enterprise Data Literacy Possible?
 
The Data Trifecta – Privacy, Security & Governance Race from Reactivity to Re...
The Data Trifecta – Privacy, Security & Governance Race from Reactivity to Re...The Data Trifecta – Privacy, Security & Governance Race from Reactivity to Re...
The Data Trifecta – Privacy, Security & Governance Race from Reactivity to Re...
 
Data Governance Trends - A Look Backwards and Forwards
Data Governance Trends - A Look Backwards and ForwardsData Governance Trends - A Look Backwards and Forwards
Data Governance Trends - A Look Backwards and Forwards
 
2023 Trends in Enterprise Analytics
2023 Trends in Enterprise Analytics2023 Trends in Enterprise Analytics
2023 Trends in Enterprise Analytics
 
Data Strategy Best Practices
Data Strategy Best PracticesData Strategy Best Practices
Data Strategy Best Practices
 
Data Management Best Practices
Data Management Best PracticesData Management Best Practices
Data Management Best Practices
 
MLOps – Applying DevOps to Competitive Advantage
MLOps – Applying DevOps to Competitive AdvantageMLOps – Applying DevOps to Competitive Advantage
MLOps – Applying DevOps to Competitive Advantage
 
Keeping the Pulse of Your Data – Why You Need Data Observability to Improve D...
Keeping the Pulse of Your Data – Why You Need Data Observability to Improve D...Keeping the Pulse of Your Data – Why You Need Data Observability to Improve D...
Keeping the Pulse of Your Data – Why You Need Data Observability to Improve D...
 
Empowering the Data Driven Business with Modern Business Intelligence
Empowering the Data Driven Business with Modern Business IntelligenceEmpowering the Data Driven Business with Modern Business Intelligence
Empowering the Data Driven Business with Modern Business Intelligence
 
Including All Your Mission-Critical Data in Modern Apps and Analytics
Including All Your Mission-Critical Data in Modern Apps and AnalyticsIncluding All Your Mission-Critical Data in Modern Apps and Analytics
Including All Your Mission-Critical Data in Modern Apps and Analytics
 
Assessing New Database Capabilities – Multi-Model
Assessing New Database Capabilities – Multi-ModelAssessing New Database Capabilities – Multi-Model
Assessing New Database Capabilities – Multi-Model
 

Kürzlich hochgeladen

Role of Consumer Insights in business transformation
Role of Consumer Insights in business transformationRole of Consumer Insights in business transformation
Role of Consumer Insights in business transformationAnnie Melnic
 
Presentation of project of business person who are success
Presentation of project of business person who are successPresentation of project of business person who are success
Presentation of project of business person who are successPratikSingh115843
 
English-8-Q4-W3-Synthesizing-Essential-Information-From-Various-Sources-1.pdf
English-8-Q4-W3-Synthesizing-Essential-Information-From-Various-Sources-1.pdfEnglish-8-Q4-W3-Synthesizing-Essential-Information-From-Various-Sources-1.pdf
English-8-Q4-W3-Synthesizing-Essential-Information-From-Various-Sources-1.pdfblazblazml
 
Data Analysis Project Presentation: Unveiling Your Ideal Customer, Bank Custo...
Data Analysis Project Presentation: Unveiling Your Ideal Customer, Bank Custo...Data Analysis Project Presentation: Unveiling Your Ideal Customer, Bank Custo...
Data Analysis Project Presentation: Unveiling Your Ideal Customer, Bank Custo...Boston Institute of Analytics
 
Non Text Magic Studio Magic Design for Presentations L&P.pdf
Non Text Magic Studio Magic Design for Presentations L&P.pdfNon Text Magic Studio Magic Design for Presentations L&P.pdf
Non Text Magic Studio Magic Design for Presentations L&P.pdfPratikPatil591646
 
Digital Marketing Plan, how digital marketing works
Digital Marketing Plan, how digital marketing worksDigital Marketing Plan, how digital marketing works
Digital Marketing Plan, how digital marketing worksdeepakthakur548787
 
Decoding Movie Sentiments: Analyzing Reviews with Data Analysis model
Decoding Movie Sentiments: Analyzing Reviews with Data Analysis modelDecoding Movie Sentiments: Analyzing Reviews with Data Analysis model
Decoding Movie Sentiments: Analyzing Reviews with Data Analysis modelBoston Institute of Analytics
 
Bank Loan Approval Analysis: A Comprehensive Data Analysis Project
Bank Loan Approval Analysis: A Comprehensive Data Analysis ProjectBank Loan Approval Analysis: A Comprehensive Data Analysis Project
Bank Loan Approval Analysis: A Comprehensive Data Analysis ProjectBoston Institute of Analytics
 
Digital Indonesia Report 2024 by We Are Social .pdf
Digital Indonesia Report 2024 by We Are Social .pdfDigital Indonesia Report 2024 by We Are Social .pdf
Digital Indonesia Report 2024 by We Are Social .pdfNicoChristianSunaryo
 
IBEF report on the Insurance market in India
IBEF report on the Insurance market in IndiaIBEF report on the Insurance market in India
IBEF report on the Insurance market in IndiaManalVerma4
 
why-transparency-and-traceability-are-essential-for-sustainable-supply-chains...
why-transparency-and-traceability-are-essential-for-sustainable-supply-chains...why-transparency-and-traceability-are-essential-for-sustainable-supply-chains...
why-transparency-and-traceability-are-essential-for-sustainable-supply-chains...Jack Cole
 
6 Tips for Interpretable Topic Models _ by Nicha Ruchirawat _ Towards Data Sc...
6 Tips for Interpretable Topic Models _ by Nicha Ruchirawat _ Towards Data Sc...6 Tips for Interpretable Topic Models _ by Nicha Ruchirawat _ Towards Data Sc...
6 Tips for Interpretable Topic Models _ by Nicha Ruchirawat _ Towards Data Sc...Dr Arash Najmaei ( Phd., MBA, BSc)
 
Statistics For Management by Richard I. Levin 8ed.pdf
Statistics For Management by Richard I. Levin 8ed.pdfStatistics For Management by Richard I. Levin 8ed.pdf
Statistics For Management by Richard I. Levin 8ed.pdfnikeshsingh56
 
DATA ANALYSIS using various data sets like shoping data set etc
DATA ANALYSIS using various data sets like shoping data set etcDATA ANALYSIS using various data sets like shoping data set etc
DATA ANALYSIS using various data sets like shoping data set etclalithasri22
 

Kürzlich hochgeladen (17)

Role of Consumer Insights in business transformation
Role of Consumer Insights in business transformationRole of Consumer Insights in business transformation
Role of Consumer Insights in business transformation
 
2023 Survey Shows Dip in High School E-Cigarette Use
2023 Survey Shows Dip in High School E-Cigarette Use2023 Survey Shows Dip in High School E-Cigarette Use
2023 Survey Shows Dip in High School E-Cigarette Use
 
Presentation of project of business person who are success
Presentation of project of business person who are successPresentation of project of business person who are success
Presentation of project of business person who are success
 
English-8-Q4-W3-Synthesizing-Essential-Information-From-Various-Sources-1.pdf
English-8-Q4-W3-Synthesizing-Essential-Information-From-Various-Sources-1.pdfEnglish-8-Q4-W3-Synthesizing-Essential-Information-From-Various-Sources-1.pdf
English-8-Q4-W3-Synthesizing-Essential-Information-From-Various-Sources-1.pdf
 
Data Analysis Project Presentation: Unveiling Your Ideal Customer, Bank Custo...
Data Analysis Project Presentation: Unveiling Your Ideal Customer, Bank Custo...Data Analysis Project Presentation: Unveiling Your Ideal Customer, Bank Custo...
Data Analysis Project Presentation: Unveiling Your Ideal Customer, Bank Custo...
 
Non Text Magic Studio Magic Design for Presentations L&P.pdf
Non Text Magic Studio Magic Design for Presentations L&P.pdfNon Text Magic Studio Magic Design for Presentations L&P.pdf
Non Text Magic Studio Magic Design for Presentations L&P.pdf
 
Digital Marketing Plan, how digital marketing works
Digital Marketing Plan, how digital marketing worksDigital Marketing Plan, how digital marketing works
Digital Marketing Plan, how digital marketing works
 
Decoding Movie Sentiments: Analyzing Reviews with Data Analysis model
Decoding Movie Sentiments: Analyzing Reviews with Data Analysis modelDecoding Movie Sentiments: Analyzing Reviews with Data Analysis model
Decoding Movie Sentiments: Analyzing Reviews with Data Analysis model
 
Bank Loan Approval Analysis: A Comprehensive Data Analysis Project
Bank Loan Approval Analysis: A Comprehensive Data Analysis ProjectBank Loan Approval Analysis: A Comprehensive Data Analysis Project
Bank Loan Approval Analysis: A Comprehensive Data Analysis Project
 
Digital Indonesia Report 2024 by We Are Social .pdf
Digital Indonesia Report 2024 by We Are Social .pdfDigital Indonesia Report 2024 by We Are Social .pdf
Digital Indonesia Report 2024 by We Are Social .pdf
 
IBEF report on the Insurance market in India
IBEF report on the Insurance market in IndiaIBEF report on the Insurance market in India
IBEF report on the Insurance market in India
 
why-transparency-and-traceability-are-essential-for-sustainable-supply-chains...
why-transparency-and-traceability-are-essential-for-sustainable-supply-chains...why-transparency-and-traceability-are-essential-for-sustainable-supply-chains...
why-transparency-and-traceability-are-essential-for-sustainable-supply-chains...
 
6 Tips for Interpretable Topic Models _ by Nicha Ruchirawat _ Towards Data Sc...
6 Tips for Interpretable Topic Models _ by Nicha Ruchirawat _ Towards Data Sc...6 Tips for Interpretable Topic Models _ by Nicha Ruchirawat _ Towards Data Sc...
6 Tips for Interpretable Topic Models _ by Nicha Ruchirawat _ Towards Data Sc...
 
Data Analysis Project: Stroke Prediction
Data Analysis Project: Stroke PredictionData Analysis Project: Stroke Prediction
Data Analysis Project: Stroke Prediction
 
Statistics For Management by Richard I. Levin 8ed.pdf
Statistics For Management by Richard I. Levin 8ed.pdfStatistics For Management by Richard I. Levin 8ed.pdf
Statistics For Management by Richard I. Levin 8ed.pdf
 
Insurance Churn Prediction Data Analysis Project
Insurance Churn Prediction Data Analysis ProjectInsurance Churn Prediction Data Analysis Project
Insurance Churn Prediction Data Analysis Project
 
DATA ANALYSIS using various data sets like shoping data set etc
DATA ANALYSIS using various data sets like shoping data set etcDATA ANALYSIS using various data sets like shoping data set etc
DATA ANALYSIS using various data sets like shoping data set etc
 

Data Governance Trends and Best Practices To Implement Today

  • 1. Proprietary + Confidential Data protection trends and best practices to implement today
  • 2. Sam Lugani Group Product Manager Group Product Manager Google Cloud Meet today’s speaker! Rene Kolga Group Product Manager Product Manager Google Cloud
  • 3. Agenda 01 Data Governance Access Controls Encryption Secure Collaboration Incident Response
  • 4. 1. Setting internal data policies 2. Governing data access What is Data Governance? 3. Complying with external standards 4. Understanding the data lifecycle Data governance is everything you do to ensure data is secure, private, accurate, available, and usable
  • 5. Data Protection (part of Data Governance) Key questions ● How do I limit access to my data? ● How do I protect my sensitive data and my IP? ● How do I collaborate with other companies processing their sensitive data?
  • 6. What are the commitments being made by a cloud provider? Do you have explicit control over your data and how it is used? Processing your data as per your instructions. Not selling it to third parties. Not using it for for advertising. Transparent about data collection and use. Is your data is encrypted Not use your AI models for any purpose. Providing prompt data incident noti cations. Following international standards.
  • 7. Scenario: I want to control access to my cloud resources Access Controls
  • 8. Access Transparency Access Approval Near real-time logs whenever Google administrators access your environment on GCP Approve administrative access to your data on GCP before it happens Access Transparency (AXT) and Approval Approval (AXA) provides in depth visibility of customer data access requests: ● Resource being accessed ● Reason for access ● Access approval or denial by the customer
  • 9. Scenario: I want to gain visibility into where my sensitive data resides E.g. What type of data do I store, and where can it be found? Classification
  • 10. 1. Gain visibility into sensitive data 2. Protect and de-risk sensitive data 3. Integrate into virtually any workload to protect data at the source Cloud DLP helps both Cloud Customers and end users:
  • 11. Scenario: I want the highest level of protection and control of my encryption keys. E.g. Own the full control of how data is encrypted and decrypted Cloud Key Management
  • 12. Cloud Key Management CLOUD KMS Customer can manage keys generated and stored by Google CLOUD HSM Customer encrypts data-at-rest using a key residing within Cloud HSM CLOUD EKM Customer encrypts data-at-rest using a key residing outside of Google Cloud
  • 13. Scenario: I want to harden my workloads against malware E.g. from remote attacks, privilege escalation, and malicious insiders Hardened VMs
  • 14. Shielded VM (by default) app_z host OS host BIOS hardware and firmware Titans bins/libs guest kernel app_x bins/libs guest kernel VM_A VM_B Google KVM Malicious guest OS, including guest kernel 2 Integrity notifications to protect against tampering 3 Malicious guest system firmware, including malicious drivers 1 TPM driver TPM driver vTPM(sw) device NDA Boot time protection from ...
  • 15. Scenario: I want to run my workload confidential or cryptographically isolate myself from neighbours and cloud infrastructure E.g. from malicious insiders and infrastructure 0-days Confidential Computing
  • 16. Confidential VMs ● Just like a regular GCE VM ○ Anything that runs on VM runs on CVM ● Data encrypted while in-use ○ Memory encrypted, decrypted only on CPU chip ○ A key per VM ■ Random, ephemeral, generated by HW ■ Not extractable from HW ● Scale up to 224 vCPUs and 896 GiB memory System on Chip AMD Secure Processor app guest OS app guest OS Hypervisor (KVM) VM 1 VM 2 Key 2 Key 1 Memory Controller AES Encryption Engine
  • 17.
  • 18. Scenario: I want to collaborate securely with multiple untrusted parties E.g. run secure immutable workloads without accidental data leakage or compromise Secure MPC
  • 20. Example Sharing Sensitive Data Securely Data owner #1 (e.g. bank) Data owner #2 - #N (e.g. bank) Trusted Execution Environment Knowledge Knowledge Workload author (3rd party or data owner)
  • 21. MPC Use Cases Healthcare Joint ML training on PHI data to optimize treatment regimes, discover new drugs and more FinTech & Web 3 Detect fraud, prevent duplicate financing, identify insurance “double dipping”, secure Web3 transactions Retail & Adtech Enable Data Clean Rooms and provide aggregation measurements in a privacy preserving way
  • 23. Multi-party Computation Collaborate without trusting Retain data ownership Data is only visible to the workload and corresponding data owners in Confidential Space. Protect against operators Workload operators cannot view or change data or workload. They can only start and stop it. Multiple separate parties can securely share data with an agreed upon workload.
  • 24. Scenario: I want to address a cloud security incident E.g. respond to a data theft or cryptominer issue in my cloud environment Incident Response
  • 25. Cloud Is Here, This Means Threats, and This Means Incidents Cloud Is Here Gartner Forecasts Worldwide Public Cloud End-User Spending to Reach Nearly $500 Billion in 2022 Threats Are Here ● Cryptominers ● Credential abuse ● Software exploitation ● State sponsored attacks Incidents Are Growing ● Data Theft ● Multi-faceted Extortion ● Theft of Cloud Resources ● Attacks against Other Systems ● Cross cloud & hybrid environment Gartner Press Release, “Gartner Forecasts Worldwide Public Cloud End-User Spending to Reach Nearly $500 Billion in 2022,” April 19, 2022.
  • 26. Incident response 1. Identification 2. Coordination 3. Resolution 4. Closure 5. Continuous improvement Best Practices in creating a scalable Incident Response Process https://cloud.google.com/docs/security/incident-response
  • 27. Protecting data while it’s being store Classifying sensitive data Controlling Access to Data Key Takeaways 01 02 03 Protecting data when its being processed Secure and private multi-party computation Incident Response process 06 05 04