Live Cyber Attack Lab 🎯 Watch our IR team detect & respond to a rogue insider trying to steal data! Choose a Session


What is Data Governance: Definition + Best Practices

Data Security

Data Governance is the process and procedure organizations use to manage and protect their data. In this context, data can mean either all or a subset of a company’s digital and/or hard copy assets. In fact, defining what data means to an organization is one of the data governance best practices. Once you have defined data, you can brainstorm all the ways you could use your data to advance your business.

Another aspect of data governance is protecting company and customer private data, which should be a high priority task for organizations in this day and age. Data breaches are near daily occurrences in 2019 and governments are enacting laws to protect data of their citizens. A data governance program builds controls to protect data and help organizations adhere to compliance regulations. Read on to learn more about data governance best practices that you can implement in your organization.

Why Data Governance is Important for Businesses

Imagine that you are working on a multi-national project worth approximately $125 million dollars. Now imagine that just as your project is going to touch down on Mars – the project explodes. Obviously not a great outcome, but that’s exactly what happened to the first Mars rover in 1999. The root cause of this catastrophic failure? One team used the imperial system instead of the metric system. The lack of a data governance plan lead to the failure of that project. NASA implemented a data governance standard, and now Mars is inhabited by robots.

That is a simple example of how data governance can help your organization be successful. Here are a few other advantages:

  • Centralized policies and systems reduce IT costs related to data governance
  • Data standards allow for better cross functional decision making and communication
  • Compliance audits are easier to manage, and compliance standards are easier to maintain

A data governance plan can also be a competitive advantage as you grow your business. Modern business runs on data, so without proper planning and business intelligence, you will fall behind your competitors.

  • Data fuels business intelligence for short and long term planning, including mergers and acquisition
  • Data governance keeps data growth under control and organized
  • Stable data makes adapting to new data and privacy legislation easier

why data governance is important

Data Governance Challenges

There are several challenges you will encounter as you establish a data governance plan:

  • Data governance is a part of a larger IT governance policy. The two initiatives need to work in concert with each other for both to be successful.
  • Change of any kind is hard, but getting employees to care about data governance is especially difficult. Users need incentives and motivation to follow your new data governance initiatives.
  • Data governance efforts need to be flexible to team needs and simple for users. If data governance impedes work efforts, it will not promote business goals.
  • Selecting technology and tools to manage a data governance strategy can be complicated. Use resources like Gartner to research technology and request references for systems that fit your strategy.

8 Data Governance Best Practices

8 data governance best practices

How should you implement data governance given those challenges? Here are some best practices that will help you with your data governance journey.

  1. Set format standards for your data and use technology to enforce those standards during post-processing and data ingestion into your big data platform. You are going to be pulling data from many disparate sources, so you should normalize your data in your big data system.
  2. Unmanaged data is still data! Data that lives in your files, folders, and shares is some of your most valuable data – and often at more risk than your managed data. Make sure your data governance strategy covers unstructured data.
  3. Map your business goals for data governance early and assign a Chief Data Officer (CDO). Make the CDO responsible for managing and achieving the data governance goals. Think big picture, but create manageable touch points along the way.
  4. Keep it simple! Data governance is not the primary job of the majority of the organization. Minimize impact to individual contributors and teams.
  5. Establish different roles for members of your data governance team. Data Owners are key, in that they are closest to the data they create and manage. You can assign Data Managers to work with Data Owners for guidance and to facilitate communication. Your data governance team should be cross-functional and empowered to push your data governance initiatives.
  6. Classify and tag all of your data. Establish standards for metadata that promote your business goals and allow for reuse of data.
  7. Measure your progress in several different ways. The more metrics you can gather the better. A few key metrics for data governance might be how much stale data you are saving, how many folders have assigned data owners, and how much sensitive data you are creating.
  8. Automate as much as possible. Automate workflows, approval processes, data requests, permissions requests, and anything else you can to make your data governance initiatives work.

Data governance is still a relatively new discipline, but according to Gartner, 90% of large companies will have a Chief Data Officer (CDO) by 2019. In 2014 there were only 400 CDOs. In 2017 the number of CDOs grew to over 4000. By following these best practice guidelines and asking the following questions, you can set yourself up for a successful data governance strategy:

  • What is your business strategy?
  • Have you defined and communicated key objectives throughout your organization?
  • Do you have the right data and is it of sufficient quality?

Answers to those questions will drive your data governance day-to-day activities and long-term initiatives. Keeping the metrics in focus and the data governance plan will keep the organization on the right path.

important questions for data governance strategy

Varonis helps companies manage data governance projects: from classifying sensitive data to mapping data access to alerting on suspicious activity.  You can automate permissions clean up, reduce risk, and proactively protect and manage your data. See how to simplify and streamline your data governance initiatives with a free risk assessment – and learn how to build a data governance plan that works for your organization.


Jeff Petters

Jeff Petters

Jeff has been working on computers since his Dad brought home an IBM PC 8086 with dual disk drives. Researching and writing about data security is his dream job.


Does your cybersecurity start at the heart?

Get a highly customized data risk assessment run by engineers who are obsessed with data security.