Cloud Adoption Conflict: Data Privacy vs. Data Science 

A survey conducted by Lead to Market reveals a growing conflict between data scientists and data security professionals. Businesses, in their quest for actionable insights, are pressuring data scientists to accelerate analysis, which requires quick access to a business’s library of data artifacts. However, those charged with data security are implementing more access controls and further restricting access to critical data sources. Ultimately, those restrictions are being driven by data privacy, intellectual property requirements and compliance legislation; however, it puts data scientists at odds with data privacy.

The survey, which was commissioned by Privacera, reveals that 58% of data scientists surveyed indicated that access restrictions were hobbling the productivity of their analytics teams. The survey also revealed that those charged with protecting and securing sensitive data repositories said this task has become increasingly difficult. Some 70% revealed that managing access in compliance with external or internal governance policies was hard.

The survey team conducted telephone interviews with executives from Fortune 500 companies to get their insights on cloud, data security and access control. Users from various industries, roles and regions participated. “Consumers are demanding increased privacy of their digital data, and the survey illuminates the need for a holistic approach to cloud data access and management,” said Balaji Ganesan, co-founder and CEO of Privacera.

Simply put, businesses looking to leverage their data are faced with a conundrum, one that pits protecting data against deriving value from data, a problem not easily resolved. What’s more, that conundrum becomes more complex as businesses drive digital transformation efforts and embrace multiple cloud solutions. Some 70% of respondents noted that GDPR, CCPA and other privacy regulations are making cloud migration and analytics difficult and more complex 

Adding to the complexity is how digital transformation is driving multi-cloud migrations. Some 85% of organizations surveyed use at least two cloud providers for data storage and analytics, while 40% use five or more.

Many of those surveyed indicated that they were concerned about how to balance the needs of data analytics against the needs of data protection. Some 81% were concerned that their current systems lacked the ability to delete PII (personally identifiable information) data from across their data stores, risking potential compliance issues. 

Addressing the divide between analytics and data protection seems to be the core issue, here. However, that divide may widen as privacy regulations and compliance legislation has a greater impact on how data is used.

As Ganesan indicated, organizations will need to turn to a more holistic approach, one that uses layers of security and validation across the data stack. Businesses must implement tools to mitigate data protection problems and those tools should be able to define and manage fine-grained access control policies across multiple cloud services. Those access controls should extend down to row-, column-, file-, or object-levels to ensure discovery and protection of critical data.  

As the protection of PII becomes more critical, organizations will need to establish comprehensive information governance controls that work across clouds and data sets. Those information governance tools will also need to be unified and centralized so that consistent policy is delivered across the enterprise, and access is properly protected.

Avatar photo

Frank Ohlhorst

Frank is an award-winning technology journalist and IT industry analyst, with extensive experience as a business consultant, editor, author, and blogger. Frank works with both technology startups and established technology ventures, helping them to build channel programs, launch products, validate product quality, create marketing materials, author case studies, eBooks and white papers.

frank-ohlhorst has 40 posts and counting.See all posts by frank-ohlhorst