Discuss about the Data Resource Management for XYZ Organization.
XYZ Organization is a private company that provides IT services and solutions to its clients and has established itself as a reputed firm on a global platform. It deals in various domains such as healthcare, finance, human resources and many others. The organization has over 5000 employees engaged with it in 15 locations that it has established in various parts of the world. With the market shares and market reputation that the organization has setup, the business is expanding at a rapid pace.
Overview of the Business Issue
There are multiple data resources and platforms that are present in the organization. These resources include data on-premise, data on cloud and many others. There are also varied databases that are present with the organization to handle and manage the data volumes. Due to the presence of huge volume and different variety of data along with various data resources, it becomes troublesome for the database administrator to look after all the properties of the data. There are issues such as security, ethical, technical and many others that result out of the same.
The approach that has been followed in the paper is the qualitative method of research. The approach used in this research method is inductive in nature that is the patterns and sequences are identified on the basis of data that is collected from a number of different sources. The bottom-up approach is used in coming to the theories and conclusions associated with the concept and issues of data resource management. There is no hypothesis or assumptions used during the research process in terms of the concept of data resource management or issues or countermeasures to the same.
The data collection process that is used in the qualitative research method is done from a number of different sources such as journals, white papers, articles, guides and reports on the topic. The information and points that are covered in the research are based upon the data collected which has been used as a point of reference. Data collection is done in a number of different stages rather than collecting the same at once during the beginning of the research. The methodology therefore enabled better understanding of the research topic during the research process itself.
There are eight research papers and journals that have broadly been used for the research purpose and the inferences about the Data Resource Management (DRM) have been made on the basis of the findings gathered from the same.
Data Resource Management (DRM) in XYZ Organization
Data Resource Management popularly known as DRM is a concept and set of methods that includes the processes and procedures for the database administrator and management team to handle and manage various data resources that are present in the organization.
In case of the XYZ organizations, there are various data resources that are present which are internal as well as external to the organization. There are external data resources such as clients, end users, partners, third party sources and likewise. There are various internal data resources as well such as human resources, on-premise data, historical data and likewise. Most of this internal and external data is stored on the cloud in a number of different data centres. There are also various repositories and warehouses that are present with the organization where the data is stored.
Due to the presence of such huge amount of resources and various types of data and data storage units, there are various issues that come up in front of the database administrator for the management of the data. These issues are broadly categorized in security and ethical issues. Apart from these two categories, there are also a number of other issues as well (Gordon, 2016).
Security Issues in DRM
Data Tampering and Breaching
There are a lot many instances in which the data is transmitted from one place to the other. Some of the common transitions include exchange of data between the internal employee and the client or between the employees in an internal environment. The storage locations of the data also change frequently in such cases and it becomes difficult for the manager to keep track of the entire data sets associated with the organization. Attackers gain advantage of such situations and tamper or breach the data during the transition phase. The structure and contents of the data get impacted by such an activity which has a huge impact on the confidentiality and integrity of the data (Abadi, 2016).
Data Loss and Data Theft
There are often cases of data loss which if done in smaller quantities go unnoticed or difficult to track by the administrator. Such scenarios are repeated by the attackers over and over again which becomes a severe cause of concern for the XYZ organization and its employees. Due to the presence of a number of entry points, attackers find it easy to gain access to one of the data bits and utilize the same to get unauthorized access to other data pieces as well. Controlling of such access is difficult particularly in the case of external access points which lead to loss or theft of data (Siegmund, 2016).
Unauthorized Access to Rows, Columns and Tables
Databases that are maintained in the XYZ organization comprise of the data that is stored in the form of a table. There are various rows and columns that are present in a particular database. Attackers find it easy to target a particular row or a particular column in a table to get unauthorized access to. The information that is acquired from the row or the column is then used inappropriately which may cause severe impacts to the XYZ organization.
Varied Security Methods
There are a number of security methods that are used and applied to the applications that are present with the XYZ organizations. The security method for an application that comprises of private data would be different from the one that would consist of public data. The task of creating varied security policies and methods for different applications along with the implementation and maintenance of the same is not an easy process. There can be no universal security policy that may be designed to cater the requirements of all the policies and methods which lead to a lot many security issues and easy path for the attackers as well (Sen, 2016).
There are also a number of issues that impact the availability of the data that is present in the databases as the attackers impact the quality of the data. These issues deteriorate the availability of the data and can be executed easily as there are multiple data platforms that are available with the XYZ organization.
Ethical Issues in DRM
There are a number of ethical issues that come up in front of the database administrator during the management of the data resources. There is data present with the XYZ organization that includes the healthcare information of the users and the clients, financial details of the users and the clients and a lot of other private and confidential data as well. There is also data that becomes redundant or not required by the organization after a certain period of time. The prime ethical issues that is present with the XYZ organization in association with DRM is the ethical correctness of the data that is stored in the databases, repositories and warehouses along with the justification on the privacy methods that are utilized around the protection of the same.
Data accuracy is another property and issue that comes up as an ethical issue for the XYZ organization during the management of the data resources. There is data that is present with the organization that has different data format, data types, data volume and varies on a lot many other parameters as well. There are certain essential properties that every data set must fulfill in terms of it utility and structure. Due to the presence of huge volumes of data there are also data sets that are duplicate or redundant. Accuracy of the data demands the data to have the requirement and the appropriate structure associated with it. The administrator often finds it troublesome to designate between the accurate or inaccurate data. There are also cases wherein a particular data set may be accurate for the organization at a certain point of time but becomes inaccurate after a certain time period. Keeping a track of this transition and understanding the same can be extremely difficult from the management in terms of the data resources.
Security issues that have been highlighted above can be executed with much ease and the same leads to ethical issues for the organization. There are data properties such as confidentiality, privacy, availability and integrity that get violated with a security attack and the same causes the violation of the ethical justification for the XYZ organization. The same impacts the customer trust on the organization and the association with the customers as well in the case of frequent attacks (Harman, 2016).
Audit, Review and Maintenance Issues in DRM
Audit logs are created constant for every data set and database activity that takes place in the XYZ organization. It is also necessary to make productive use of these audit logs to review them on a daily basis to understand any misuse or deviation associated with the same. It also involves the monitoring of the database privileges that have been granted along with the updates that are done on the users accounts associated with the databases. Identity and access control is also applied to the user accounts to maintain authentication and authorization of the data. These tasks however are not efficiently executed due to inadequate due diligence or repetitive nature of processes by the database administrator and the database security manager. Also, due to the presence of huge number of logs, there are cases which get unnoticed during the review process. Such scenarios lead to the execution of the various security and ethical issues associated with the XYZ organization that has been highlighted above (Sun, 2016).
There are different roles that have been designed and required to be fulfilled by different resources. The two roles that are often intermingled are the ones of database administrator and the database security manager. The same leads to a number of tasks that get unexecuted by one single resource and also leads to increased instances of compromised security.
Ownership is another issue that comes up in the case of the management of the data resources. Maintenance of the data resources becomes challenging in the cases wherein there are multiple data platforms present for the data associated with a particular system or project.
The primary issues that are associated with the Data Resource Management for XYZ organization are security issues, ethical issues and the ones associated with audit, review and maintenance activities. These issues primarily appear due to certain characteristics of the data resources such as the presence of multiple systems and multiple platforms along with a number of different requirements associated with the security methods and policies associated with the databases. Also, there are issues associated with the organizational structure in terms of roles definition that leads to the lesser control on the database security policies. These become the causes for the easy access to the attackers to give shape to the security attacks and various other ethical issues as well that is often linked with the security attacks.
It would be required to control and manage the issues with the aid of various physical, administrative and technical controls associated with the data resources so that the management of the same does not remain a major cause of concern for the XYZ organization (Gonzalez et al., 2012).
Suggestions for Further Work
There are a number of further research subjects that can be derived from the topic of Data Resource Management and its issues that prevail in a particular organization. There are various components of data along with various technically advanced mechanisms that are now available in order to manage the same. Components of business intelligence such as data mining, data warehousing and likewise may be researched to understand the modern day processing and storage of data along with the other operations that are applied on the same.
Also, there are a number of different tools that are now being used apart from the databases for the handling of the data. These automated tools have a number of advanced features such as report extraction, log maintenance and many others as well which may be analyzed to understand the management of data resources.
Data security is a topic that is being widely researched upon since long with the inclusion of data on cloud and several other transformations that the technology has offered. The topic however requires a lot of research work that shall be done in order to understand the properties and methods that shall be applied in order to improve the state of security.
Countermeasures for the DRM Issues
There are a number of countermeasures that have been suggested for enhanced management of the data resources. The first and the foremost is the security mechanisms that are required to be implemented across all the components of the XYZ Organization. The basic security must be improved to make sure that the attackers fail to enter the system at the primary attempt only. Access and identity control are the two methods that must also be applied across all the databases. Access control makes sure that unauthorized access is not granted to the users and the ones that are authenticated and authorized to get access to system are provided the entry. There may be use of multi layer authentication that may be installed across all the access points to enhance the access control. There are user privileges that shall also be granted and monitored regularly. There may be user types that shall be allowed to access a particular data type which shall not be applicable for other user groups. The database administrator must take the responsibility of the task and make sure that the privileges are granted correctly (Malik, 2016).
There shall also be a number of advanced security mechanisms that must be applied across all of the data units. Inference control and encryption of the data are two methods that must be used for the enhanced security of the data that is present in the databases.
The ethical issues can be prevented with the application of advanced security measures along with the use of ethical trainings and code of conduct in the practice. These trainings will allow the employees to follow better set of practices to maintain the ethical correctness of the data resource management and its processes. The organization must also define the roles correctly and shall also keep the role of the database administrator different from the security manager. The audits and logs must also be maintained and monitored regularly by engaging more and more resources. The use of automated tools must also be done to make sure that the audit and monitoring activities are accurately done.
Data Resource Management popularly known as DRM is a concept and set of methods that includes the processes and procedures for the database administrator and management team to handle and manage various data resources that are present in the organization. In the event of the XYZ associations, there are different information assets that are available which are inside and in addition outside to the association. There are external data assets, for example, customers, end clients, accomplices, outsider sources and many others. There are different internal data assets also, for example, HR, on-commence information, authentic information and many others. A large portion of this inside and outer information is put away on the cloud in various diverse locations. There are likewise different archives and distribution centers that are available with the association where the information is put away. Because of the nearness of such gigantic measure of assets and different sorts of data resources, there are different issues that surface before the database administrator for the administration of the information. These issues are extensively arranged in security and moral issues. Aside from these two classifications, there are various different issues as well that are associated with the XYZ organization. These can be handled by the use of a number of security controls along with advanced administrative and technical controls applied across the organization.
Abadi, D. (2016). Data Management in the Cloud: Limitations and Opportunities. Retrieved 21 October 2016, from https://cs-www.cs.yale.edu/homes/dna/papers/abadi-cloud-ieee09.pdf
Gonzalez, N., Miers, C., RedÃgolo, F., SimplÃcio, M., Carvalho, T., NÃ¤slund, M., & Pourzandi, M. (2012). A quantitative analysis of current security concerns and solutions for cloud computing. Journal Of Cloud Computing: Advances, Systems And Applications, 1(1), 11. https://dx.doi.org/10.1186/2192-113x-1-11
Gordon, K. (2016). Principles of Data Management Facilitating Information Sharing. Retrieved 21 October 2016, from https://www.bcs.org/upload/pdf/data-management-chapter1.pdf
Harman, L. (2016). Ethical Challenges in the Management of Health Information. Google Books. Retrieved 21 October 2016, from https://books.google.co.in/books?id=Vhqe7QV3eIAC&pg=PA342&lpg=PA342&dq=issues+data+resource+management+drm&source=bl&ots=0i9Pq7MxI1&sig=dg_TWle6jvA-f3OHieQz1yvUvZQ&hl=en&sa=X&ved=0ahUKEwiexciP7urPAhVMO48KHY9AAosQ6AEISjAH#v=onepage&q&f=false
Malik, M. (2016). Database Security. Retrieved 21 October 2016, from https://aircconline.com/ijist/V6N2/6216ijist18.pdf
Sen, J. (2016). Security and Security andPrivacy Privacy Privacy Issues in Cloud Computing. Retrieved 21 October 2016, from https://arxiv.org/ftp/arxiv/papers/1303/1303.4814.pdf
Siegmund, N. (2016). Challenges of Secure and Reliable Data Management in Heterogeneous Environments. Retrieved 21 October 2016, from https://wwwiti.cs.uni-magdeburg.de/iti_db/publikationen/ps/auto/SFS+10.pdf
Sun, T. (2016). Research on Heterogeneous Data resource Management Model in Cloud Environment. Retrieved 21 October 2016, from https://www.sersc.org/journals/IJDTA/vol6_no5/13.pdf