IBM has formed a Data Governance Council with dozens of
leading financial companies and other suppliers to develop a
“blueprint” to protect personal data.
The new body comes at a time when major companies in the US are
coming under pressure over data security in light of a large number
of customer data loss scandals.
CitiBank, Bank of America, MasterCard, Time Warner, MCI and
Lexis-Nexis have all suffered bad publicity from recent data
losses, whether through theft or misplacements.
IBM said the Data Governance Council will look to redefine the
management of data governance policy, the impact of policy on
business processes and practises and the enforcement of policy in
IT infrastructure, content and organisational behaviour.
The council will use IBM and business partner solutions to draw
up its blueprint for improved data governance.
The Data Governance Council said security, privacy, compliance
and risk challenges need to be addressed with common solutions and
standards.
The Council says there is a “significant disconnect between
organisational and IT roles and behaviour, which causes potential
exposures”.
It also says policy and business rules are not linked to
business processes or IT systems, that there are few technologies
available today to solve these complex issues, there are no common
methods for meta-data classification and IT integration, and that
controls are currently deployed before long-term consequences are
modelled.
Data Governance Council members currently include: ABN Amro,
American Express, Bank of Montreal, Bell Canada, Danske Bank,
Deutsche Bank, Merrill Lynch, TeliaSonara, the United Nations
Development Programme, and the World Bank.
None of the financial companies who have suffered recent data
losses have so far joined.