Data management has become a huge focal point for IT leaders as of late due to the data explosion and an increased demand to stay connected. We take a look at insights from 600 European and US data leaders to get an inside look at the state of data policy management – from how it’s done to who’s in charge.
Immuta, the leader in data access and security, has announced the findings of a comprehensive survey of data leaders that highlights the current and future state of data policy management practices, including the top criteria for data management tools and the roles organizations are recruiting to handle data policy enforcement efforts.
The 2022 Data Policy Management Report surveyed 600 US and European data leaders, commissioned by Immuta and conducted by 451 Research, the enterprise technology research unit of S&P Global Market Intelligence.
The report finds that data management priorities are evolving beyond achieving compliance and cost reductions. More than half of survey respondents (52.5%) say they are primarily motivated to adopt or improve data policy management efforts by the need for BI and data analytics insights, while 43.5% said compliance and just 21% cited cost savings efforts, pointing to an evolution of data maturity as organisations focus on how best to maximise and leverage all the data at their disposal.
The survey also found that data policy management is likely to continue evolving as data security and privacy concerns remain at the forefront for consumers and businesses alike. Looking ahead, customer trust and engagement are expected to become the top incentives for data policy management orchestration, according to the research.
“Data policy management today is often directly adding value to business outcomes,” said Paige Bartley, Senior Analyst at S&P Global Market Intelligence’s 451 Research. “Of course, data policy management controls are still actively motivated by evolving legal and regulatory needs, but businesses are now realising that proper implementation of these practices and supporting technologies can also facilitate the appropriate use of data, rather than just locking data down.”
Other key findings highlight the various challenges and motivations organisations face as they look to increasingly apply data policy management controls to optimise the value of their data while rightsizing their risk appetite. This includes:
- Organisations are investing in technology to streamline data policy enforcement and access control, but are going about it in different ways. Just over 40% of respondents use custom or in-house technology to implement data access controls, while 28.8% rely exclusively on a purchased solution or technology.
- Data policy management efforts are largely decentralised and often lack a clear chain of command. While chief information security officers (CISOs) are likely to be accountable for data policy enforcement, nearly one-third of respondents reported that data owners are responsible for tasks related to both policy leadership and execution.
- The privacy engineering function plays a key role in supporting data policy management efforts, but the role is still evolving. More than half (58%) of participants said their organisation has a dedicated privacy engineering function that supports data policy management efforts, but the prevalence and standardisation of this role is still relatively nascent.
- Ease of deployment and integration are the top criteria organisations look for when selecting a data access tool. A total of 47% of respondents indicate ease of deployment is a top priority, with support for real-time data (46.3%), automation (46.3%) and scalability (44.5%) among the other capabilities organisations seek out.
“Data security and access control are central tenets of organisations’ data strategies,” said Matthew Carroll, CEO of Immuta. “It’s now incumbent upon data leaders to ensure their teams have the right human and technical resources in place to execute those strategies. While businesses are hyper-focused on how they can leverage all of the data at their disposal, data privacy and security regulations have forced businesses across industries to re-examine and manage policies on how data is accessed, processed, analysed and shared. They’re now at a crossroads between enabling BI and analytics, and maintaining compliance and data security.”
Click below to share this article