A new sheriff in town--the CDGO.

Steven Alder has a relatively obscure job--to promote IBM's data governance initiative--and he was on hand at the InfoSec conference in March to do just that. Alder, the company's data governance program director, also is the chairman of the Data Governance Council, a group of about 50 enterprise members who are trying to redefine the management of data governance policy, the impact of policy on business processes and practices, and the enforcement of policy in IT infrastructure, content and organizational behavior.

That's a mouthful. Mostly, he says, data governance is the process by which companies govern appropriate access to their critical data, by measuring operational risk and mitigating security exposures associated with access to data. The council is developing a blueprint for the governance and protection of personal and organizational data within and between enterprises, and is evaluating how organizations can implement this data governance blueprint.

"Data governance is a huge challenge," Alder told Communications News. Today's plethora of mobile devices is dynamically increasing the problem, he adds, often creating huge new security holes to organizations' data and applications.

"Educating employees about securing data is important," he says, "especially versus relying on technical solutions."

Alder also stresses that security approaches should be built into business processes, not added on. "Data governance is not a patch it/fix it situation," he emphasizes.

"One of the biggest problems for organizations is how to manage and control all the data that resides within a company these days, especially as more and more companies do business with each other online, extending into large data supply chains," Adler says. "There is a clear need for common solutions and governance models to protect and share data on different levels."

According to early findings by the council, the top governance challenges today are:

* Security, privacy, compliance, and risk challenges need to be addressed with common solutions and standards.

* Policy and business rules are not linked to business processes or IT systems.

* Few technologies are available today to solve issues.

* No common methods for meta-data classification and IT integration controls are deployed before long-term consequences are modeled.

Alder also mentions a new title that may be evolving in the enterprise-and a new acronym-the chief data governance officer, or CDGO. And incidentally, IBM has a new service called the IBM Data Governance Maturity Model Assessment, which Alder describes as a "tool to evaluate the strength of a client's data governance program in comparison to many others."

We'll ask our CDGO.

PRODUCT BUZZ

HOT                  Voice over IP

Data lifecycle       NOT
management

Hot                  Smart phones

Hosted IVR           NOT

Communications News' unique. RSleads tracking service is able to gauge
reader interest in specific product categories on a daily basis. This
tracking also is pa predictive tool for future enterprise IT purchasing
decision making. Each month, we will bring you brief updates on what
product categories our readers are most interested in.