As security and complaince becomes more important for organizations, especially in the age of GDPR, data breach and other legislation, Karen covers the types of features data architects and designers should be considering when building modern, protected and defensive systems.
8. Day one
Collaborative
Responsible
Compliant
Required
Governed
Security
& Privacy
by Design
9. Ready for 25 May?
How can we get started?
Can you help us get
certified?
Do you have software for
this?
Do you have a couple of
weeks to help us get this
done?
10. No Methodology
No Models
Misfocused Management
No Measurement
Too Much Madness
How Does
this
happen?
12. Security at the data level
Models capture security &
privacy requirements
Management reports of
reviews
Measurement
In other words, Governance
Methodology?
22. Why would a DB
Designer love it?
Always Encrypted, yup
Allows designers to not only
specify which columns need to
be protected, but how
Parameters are encrypted as
well
Built in to the engine, easier
for Devs
24. Privacy -Dynamic Data Masking
CREATE TABLE Membership(
MemberID int IDENTITY PRIMARY KEY,
FirstName varchar(100) MASKED WITH (FUNCTION =
'partial(1,"XXXXXXX",0)') NULL,
LastName varchar(100) NOT NULL,
Phone# varchar(12) MASKED WITH (FUNCTION = 'default()') NULL,
Email varchar(100) MASKED WITH (FUNCTION = 'email()') NULL);
INSERT Membership (FirstName, LastName, Phone#, Email) VALUES
('Roberto', 'Tamburello', '555.123.4567', 'RTamburello@contoso.com'),
('Janice', 'Galvin', '555.123.4568', 'JGalvin@contoso.com.co'),
('Zheng', 'Mu', '555.123.4569', 'ZMu@contoso.net');
25. Why would a Data
Designer love it?
Allows central, reusable
design for standard
masking
Offers more reliable
masking and more usable
masking
Removes whining about
“we can do that later”
27. Why would a Data
Designer love it?
Allows a designer to do
this sort of data
protection IN THE
DATABASE, not just
rely on code.
Many, many pieces of
code.
33. What should we STOP
doing?
Nobody ever talks
about this….
34.
35. SQL Injection
WE ARE STILL DOING THIS!
IT’S STILL THE #1 (but unsecured storage is
getting more popular)
TEST. TEST SOME MORE
Automated Testing
Governance is important
37. Test Data
Bad
Restoring Production to
Development
Restoring Production, with
Masking
Restoring Production, with
Randomizing
Restoring
Production…anywhere
Better
Design Test Data
Lorem Ipsum for Data
Really, Design Test Data
38. Only Generalists
No other profession uses this approach. The Body of
Knowledge and the Required skillsets in IT and IS is too
broad and changes to rapidly.
39. Trusting good people
Good people don’t always stay that way
People mess up
Monitoring
Checking
Automatic alerting
40.
41. What Skills Do Data
Professionals Need
for Data Protection?
No one ever talks
about this….
43. Data Protection and Security
Level: Active Skills
Security Requirements
Security Techniques
Where to apply them
Whose Job is it?
Security testing &
Validation
Security By Design
Data Governance
44. Big Data and
Analytics
Level: Literacy and Hands On
Why: These new technologies and
techniques are making it mainstream
in most shops, whether they are
installed or software as a service.
Plus, we need to use them on our
own data
Who: All IT roles, especially data
stewarding ones.
45. Literacy with Deep Learning, AI, Machine Learning
Level: Literacy +++
How are they used?
What are the real life uses today?
Future uses
Privacy and Security requirements
Compliance trade-offs
Employee Monitoring
46. Data Quality & Reliability
Level: Active Skills
Is the data right?
Is it current?
Should it be there at all?
Do we Know where it came from?
Do we know it was calculated correctly?
Are there any know anomalies?
47. How can we do all
this?
Cloud Services are a fantastic way
to learn and get hands on skills.
Online Tutorials are often free and
self guided
Learn from Experts & Case
Studies
Deprioritize tasks that are really
just being done for tradition
Hire help
Automate away some tasks to
make more time
48.
49. One more time…
Every Design
Decision must be
based on Cost,
Benefit and Risk
www.datamodel.com