Originally posted on June 18th, 2018 by Dataversity.net (http://www.dataversity.net/smart-data-governance-ensuring-regulatory-compliance-smart-availability/)
Traditionally, high availability (HA) concerns revolved around performance. HA offered various redundancy and failover options to ensure business continuity in the event of workload spikes, planned maintenance, and unplanned downtime.
Today, HA methods have been superseded by Smart Availability’s intelligent workload routing automation, in which data and their processing are consistently directed to the proper place at the right time. Smart Availability partially stems from the distributed realities of the modern data landscape, in which information assets are disbursed on premises, in the Cloud, and at the Cloud’s edge.
Consequently, regulatory compliance has emerged as much a driver for Smart Availability as has performance. With increasing regulations and penalties (such as those for the European Union’s General Data Protection Regulation), missteps about where workloads are routed could have dire legal and financial consequences—especially for data in the cloud.
Different countries and industries have strict regulations about data’s location which directly affect Cloud deployments. Organizations must know how and where such data are permitted in the cloud before shifting them there for availability and performance issues.
Creating policies in accordance with these regulations is indispensable to leveraging Smart Availability to ensure compliance, and effectively transforms Data Governance into Smart Data Governance.
Cloud deployments have a number of opaque areas in relation to routing workloads for availability. These pertain to the type of Cloud involved (public, private, or hybrid), the method of redundancy used, and the nature of the data. The GDPR, for example, has a number of regulations for personal data, a broad term for “any information related to an identified or identifiable natural person”.
As such, organizations must be extremely cautious about transporting this type of data, despite the performance gains of doing so. For example, Cloud bursting is advantageous for optimizing performance during sudden peaks in network activity, which are common for online transaction processing in finance or manufacturing. Transferring these workloads from local settings to public ones may balance network activity, but can forsake regulations in the process.
Organizations must take similar precautions when planning for disaster recovery, one of the chief benefits of Smart Availability. Downtime may be minimized by implementing automatic failovers into the cloud, but can also compromise regulatory compliance. Cloud compliance issues not only involve where data are stored, but also where (and how) they’re processed. GDPR, for example, distinguishes data processors from data controllers.
The latter are organizations using data, but the former can involve any assortment of SaaS or SOA options that must adhere to GDPR’s personal data regulations. Organizations must assess these measures when Cloud brokering among different providers—particularly for transient pricing specials. Other regulations such as the Payment Card Industry Data Security Standard have rigid stipulations about encrypting data (especially for data in transit) which may apply to workloads spontaneously moved to the Cloud. Those in the e-commerce or retail spaces must consider the intricacies of server side or client-side encryption, especially when replicating data between Clouds.
The Smart Way
Smart Availability provides the best means of effecting regulatory compliance while dynamically shifting workloads between environments for all of the preceding scenarios. The core of this method is the governance policies devised to meet compliance standards. Although Smart Availability doesn’t determine sensitive information or dictate where it can be routed, it offers portability freedom across settings (including operation systems, physical and virtual infrastructure) that all but forces organizations to identify these factors because of its flexibility.
This real-time, on-demand shifting of resources is the catalyst to evaluate workloads through a governance lens, update policies as needed, and leverage them to predetermine optimal routing of data and their processing for availability. Smart Availability is the means of implementing Smart Data Governance; it’s a conduit between performance and regulatory compliance that increases competitive advantage.
Implementing Smart Data Governance
Once those policies are in place, the Smart Availability approach maximizes Cloud deployments while maintaining regulatory adherence. Its intelligent algorithms continuously monitor server performance to automatically detect surges, either issuing alerts to organizations or heralding the transfer of workloads to alternative hosts. By already having agreed upon policies conforming to governance practices, prudent organizations can confidently move data to the Cloud without violating regulations. Thus, Cloud bursting measures can regularly be deployed to minimize network strain during spikes for OLTP (or any other reason) without costly penalties.
Companies also have the benefit of automatic failovers to the Cloud to maintain business continuity in the event of natural disasters or failure. This option virtually eliminates downtime, enabling IT to perform maintenance on even the most mission critical infrastructure once data is properly re-routed offsite.
One of the most useful Smart Availability advantages is the capability to span Clouds, both among providers and all the variations of clouds available. Although well sourced governance policies are essential to receiving the pricing boons of cloud brokering, Smart Availability’s ability to start and stop workloads at the instance level while transporting data between settings is just as valuable. The data processing issue is a little more complicated but is assisted by Smart Availability’s flexibility.
Once organizations have researched the various Service Level Agreements of Cloud vendors—as well as policies for other types of data processing, including software companies’—they can utilize these platforms in accordance with regulations, transferring their resources where they’re permitted. Most encryption concerns are solved with client-side encryption whereby organizations encrypt data before replicating them to the Cloud, retaining the sole keys to them. Smart Availability measures transport this data to the Cloud and back as needed.
The mounting presence of regulatory mandates isn’t likely to soon subside. Compliance standards are just as important as performance issues when making workloads available across diverse settings. Smart Availability’s support of versatile storage and processing environments, in conjunction with its low-latency portability, make it a natural extension of Smart Data Governance implementations. These techniques ensure data is moved correctly—the first time—to maintain regulatory adherence during an age when it’s most difficult to do so.