Technology has made our world increasingly interconnected and interdependent, and as a result, the need to share data to remain competitive is more important than ever. Yet, despite the competitive advantages associated with data sharing, many organizations still treat it strictly as a data function instead of a business priority.
According to Gartner’s report Data Sharing Is a Business Necessity to Accelerate Digital Business, “By 2023 organizations that promote data sharing will outperform their peers on most business value metrics.” Promoting data sharing is just one part of the equation. Implementing an effective data sharing strategy is the other — arguably more challenging — part.
Gartner interviewed nearly 300 Chief Data Officers (CDOs) and identified the top five challenges associated with internal and external data sharing. Here, learn what they are and how to overcome them.
A Data Sharing Primer
Before we jump into the top barriers to data sharing, it’s important to understand the two types of data sharing — and why organizations in every industry from government to commercial transportation rely on both.
Internal Data Sharing
Sharing data amongst stakeholders in the same organization may seem obvious — after all, teams within a single enterprise are generally working towards the same goals. But, in reality, sharing across lines of business (LOBs) can be quite difficult, risky, and even avoided by many teams.
For instance, in large enterprises like this global bank, sharing data across LOBs can create conflicts of interest and violate compliance regulations if done incorrectly. While data may easily be shared too broadly with unauthorized users in these cases, some teams run the opposite risk by avoiding data sharing altogether. This leads to siloed data use, which is inefficient and risky in its own right, as it is often associated with unmanageable data copies.
When done correctly, internal data sharing can help ensure efficient collaboration and development of insights that can drive decision-making.
External Data Sharing
Sharing data with third parties or utilizing licensed data is a boon for business: According to Gartner’s report, within the next two years 85% of data sharing strategies that include external data sources will drive revenue generating digital business outcomes.
For organizations like The Center for New Data, which relies on external researchers and data scientists to derive insights about critical public health and policy issues using sensitive data, external data sharing is not optional — it is a necessity. External data sharing can bring essential resources into the data analysis process and accelerate speed to insights, but organizations must ensure that they account for geography-based data use regulations and have oversight into how data is being used by data consumers outside of their domain.
The Top 5 Data Sharing Challenges
According to CDOs, these are the top five challenges to effective data sharing, both internal and external.
1. Data Management
Efficient data management is a central component of successful data initiatives. By creating standardized, centralized processes around ingesting, classifying, storing, organizing, and maintaining data, organizations are able to ensure that any data they collect and create is accessible, and that it’s being used appropriately.
Without a strong data management strategy and framework, it’s easy to lose sight of how data is being used and shared, particularly internally. When teams do not know where or how to find data, they are more likely to create data copies that elude governance teams. In turn, this introduces risk of inadequate data access control policies and unauthorized access.
Weak data management processes prevent data engineering and operations teams from applying effective data access controls and limit the ability to oversee data sharing and use throughout an organization. Modern data management strategies and frameworks should prioritize data governance as a critical factor in utilizing data to its fullest potential while maintaining its privacy and security.
2. Perceived Regulatory Prohibitions
As data security compliance laws and regulations become more ubiquitous, CDOs see data sharing as increasingly challenging. This is particularly pronounced for external data sharing. Many regulations require a high degree of transparency as to how exactly data is being used; explicit opt-in from data subjects regarding data collection and usage; and comprehensive auditing capabilities to prove organizations are in compliance with all applicable laws and regulations. These strict requirements can become nonstarters for data sharing, or at the very least limit data sharing initiatives.
One of the most complicated facets of compliant data sharing is how to translate legal jargon into policy. This is compounded by the need for data use agreements between organizations when data is shared externally. Without the right tools and processes in place, approval workflows between legal/compliance teams, data engineering/operations teams, and any third parties can be slow and disjointed.
Perhaps the most straightforward way to bypass this barrier is with a combination of legal automation and human inspection, which vastly reduces the time needed for approval processes. Tools that simplify the process by writing policies in plain English make it easier for technical and non-technical users alike to easily understand policies.
3. Risk Assessment of Security
Once you have data privacy and security measures in place, how do you know they’re working as intended? Simply applying data de-identification techniques does not guarantee that your data is protected. Risk-based assessments of anonymization approaches are the best place to start — but many organizations lack the resources to perform such assessments, especially as the number of data sources grows.
Understanding your organization’s level of data risk can be complicated, particularly if no clear path toward closing gaps exists. For this reason, CDOs deemed data security risk assessments a top barrier for sharing data, particularly externally. While developing an understanding of risks to data privacy and security is a critical starting point, the ability to automate dynamic data masking and privacy-enhancing technologies (PETs) consistently across all cloud data platforms can streamline anonymization and overcome any gaps in data security so data can be securely shared internally and externally.
4. Insufficient Tools and Technology
We’ve mentioned how technological resources enable data engineering and operations teams to resolve some of the top barriers to data sharing. CDOs recognize the impact of these resources as well, and cited insufficient tools and technology as a primary data sharing challenge.
Often, technology is regarded as simplifying data-related processes, not increasing complexity. But, many different cloud data providers are now available, each offering a different set of data access controls. As data teams continue adopting multiple cloud data platforms at an accelerated pace, this disparate patchwork of capabilities often doesn’t scale consistently across diverse cloud data platforms. The result is overly restrictive data policies that may inhibit data sharing altogether, or overly broad policies that can cause sensitive data to slip through the cracks, leading to a data breach or leak.
Overcoming this barrier requires a centralized, universal data access control solution that works across all platforms, decouples policy from compute platforms, and automates otherwise-complicated processes, such as dynamic policy enforcement and the creation of data audit trails.
The final, and perhaps most pervasive, barrier to data sharing is stakeholder resistance based on fear — which CDOs chose as a top challenge for both internal and external data sharing initiatives.
Just as some organizations are hesitant to migrate to the cloud because it is perceived as less secure than on-prem infrastructures, risk aversion is also a barrier to data sharing. The fear of changing ingrained processes or allowing third parties to access data for which the organization is liable may make key stakeholders, particularly in high level positions, uncomfortable. In this scenario, the risk of downstream data misuse seems to outweigh the potential benefits of data sharing.
Gartner’s report discusses how data sharing is often considered a data function instead of a business priority, and how the traditional “don’t share data” approach ultimately leads to data hoarding and unnecessary limitations on data-driven outcomes. To unlock data’s potential, the report suggests, organizations should flip the “don’t share data” mindset to a “must share data unless” approach. The report outlines a model that encourages data sharing so long as it satisfies regulatory requirements and data protection standards. Defined processes; clear task ownership; constant communication; and trustworthy, automated tools and technology can also contribute to overcoming stakeholder resistance and accomplishing more with data sharing.
Analysts anticipate that data sharing and collaboration will become increasingly important to organizations’ success and ability to compete in the next two years and beyond. And, while 70% of respondents in a Harvard Business Review survey admitted to being “not very effective at data sharing,” solutions to the top five barriers associated with data sharing are at your fingertips.
By prioritizing data sharing and management as business necessities, reframing your organization’s approach to sharing data both internally and externally, and investing in tools and technology that enable secure, efficient data sharing, you will be better positioned to drive revenue and reach business goals than competitors.
To read more about how sharing data enables outcomes for industry-leading businesses and to learn Gartner’s 5-step approach to effective data sharing, download the report here.
If you’re ready to see how Immuta’s universal cloud data access control solution streamlines secure data sharing, request a demo.