Chapter 7. Sustainable Data Governance and Data Security

One of the key differentiators of the Scaled Architecture is that you move from application-based ownership to data-based ownership. This requires data governance and data security to be deeply embedded into the ways applications and users interact and use data.

Why are data governance and data security discussed in this chapter together? Because they overlap! Despite what people think, data governance and data security aren’t the same discipline; they work together and complement each other. Both share a common goal: data governance determines what the data represents and what it can be used for; data security then ensures that only authorized parties can access the data (in line with what the data can be used for).

Connecting the areas and uniformly applying authentication and authorization on all architectures requires a lot of metadata. There are data owners to be assigned, classifications to be set, and agreements between parties to be maintained. The information, as expected, needs to be stored centrally in a uniform model. A large part of this chapter, as you’ll understand, is dedicated to this.