A data steward is an individual appointed by an organization, whose role is to ensure that any data they collect and store meets certain standards in terms of its quality and relevancy and to ensure that they have the necessary policies in place to keep it secure and accessible. This includes establishing agreed-upon data definitions and data quality rules and ensuring that all employees and relevant stakeholders adhere to those definitions and rules.
In many cases, the data steward will also be involved in Data Access Governance (DAG). Data Access Governance is a broad subject that covers a wide range of areas including; data discovery and classification, setting up access controls, and granting or revoking access to data on an ad-hoc basis. A Data Access Governance strategy should also ensure that data is being accessed and used according to the policies and procedures that either already exists, or that the data steward has developed themselves.
The data steward is required to work closely with data owners to ensure that they agree on how data elements are properly defined and used throughout the company. This includes creating a standardized / harmonized data glossary and documenting any exceptions that may exist.
Data Discovery and Classification
In order for the data steward to adequately perform their role, they need to know exactly what data they store and where it is located. They must also be able to identify and remove any duplicate sets of data, as this will inevitably increase the risk of unintended exposure.
The data steward will also need to understand the different types of data they store. For example, there are various categories of sensitive data, which include; Personally Identifiable Information (PII), Protected Health Information (PHI), Payment Card Information (PCI), and Intellectual Property (IP).
While each of these data types will contain much of the same information, they each need to be classified accordingly – not least to comply with the relevant data privacy laws.
In addition to identifying the types of data they store, the data steward must also determine which types of data fall under which categories.
Of course, the data steward can define their own categories, however, a typical classification schema will consist of four key categories, which are; public, private, confidential, and restricted. Ensuring that all sensitive data is accounted for will make the process of safeguarding it a lot easier. More information on data classification and how to do it effectively can be found here.
Managing Access and Use of Sensitive Data
It’s one thing to know what data you store and where it is located, but it’s another thing to be able to keep track of how the data is accessed, used, and shared throughout the organization.
Many modern IT environments are very complex, distributed, and dynamic, with data spread across multiple systems, applications, and so on. Naturally, keeping track of how data is used in such an environment can be a daunting task. The data steward must identify all controls associated with the assets they store and know who has (and should have) access to those assets.
Remediate Data Quality Issues
Data stewards are responsible for the data their organization collects, including data that comes from third-party applications and vendors. As such, they must ensure that they have clearly defined rules which determine the quality of the data they collect and store, and these rules may vary depending on whether they are targeting the consumers or producers of the data.
How Lepide Can Help Data Stewards
The Lepide Data Security Platform will automatically scan your repositories, both on-premise and cloud-based, and classify your critical assets as they are found. It can also classify sensitive data at the point of creation/modification.
You can specify which data types to focus on, depending on the data privacy laws relevant to your industry. For example, if you are a health care service provider, you will need to discover and classify Protected Health Information (PHI).
Classifying data will also help the data steward identify ROT data (redundant, obsolete, or trivial), which includes any duplicate sets of data.
The Lepide Data Security Platform also uses machine learning models to identify anomalous user activity. Any unauthorized access to privileged accounts or suspicious file and folder activity will generate a real-time alert, which will be sent to the data steward’s inbox or mobile app for further investigation. All changes are presented via a single, intuitive dashboard, with a wealth of options for searching and sorting.
If you’d like to see how the Lepide Data Security Platform can help you locate, classify and secure regulated data, schedule a demo with one of our engineers today.