Data-centric through the global jungle of rules

The global economy relies on international data exchange, but in the current global situation this harbours a particularly large number of pitfalls. CIOs can get a grip on the situation with a data-centric approach, says Stefan Brock from CIOmove partner HPE.

Russia’s war against Ukraine, regulations such as the anti-espionage law in China, but also embargoes are creating more difficult framework conditions for multinational companies in their endeavours to share data across national borders.

In view of the many different, sometimes even contradictory regulations for data exchange, managers of international companies have one foot in prison, so to speak.

So what to do?

According to CIOmove partner Stefan Brock from Hewlett Packard Enterprise (HPE), there is no silver bullet yet, but there are solutions. It is not concepts such as “cloud first” that show the way, but “data first”, specifically: the development of a data-centric architecture. Data is managed in a separate architecture layer that is agnostic to (cloud) platforms and the applications on which it is operated. The architecture thus networks data across all cloud, on-premises and edge platforms.

The data-centric architecture thus enables a cross-platform description of the data using metadata and the implementation of access rights and rules derived from this: Does it affect Intellectual Property Rights (IPR), is it personal data (e.g. in the sense of the EU-GDPR), embargo-relevant data or data requiring special protection due to state regulation?

Anyone who has to work with many hundreds or thousands of different applications in order to ensure access to this data and international exchange is compliant has no chance in the classic application-centric world. Regional laws and regulations change faster than the deployments in the application landscape can be adapted and tested.

However, if companies use data-centric principles for handling data and thus classify their data via the metadata, it is possible to map the different legal standards on the information regardless of the specific applications.

For Stefan Brock, building a different mindset is just as important as the architecture. Data must be at the centre of thought and action, not the applications. This is a matter of course for platform providers – and for most computer science graduates. However, it is not necessarily present in today’s IT management, which has been socialised more towards service orientation and REST APIs. The focus on data goes hand in hand with the necessary data literacy, an understanding of what the data means and how it is handled.

A “need-to-share” principle is derived from data as a central asset – not as a REST API call, but as data availability in the sense of Gartner’s data fabric concept.

IT, which likes to see itself in the role of an enabler, must act as a partner to the business. The business is the data owner and must be empowered to fulfil this responsibility. This is not a new role for them, as business-IT alignment is a familiar discussion. However, when it comes to data utilisation and international data sharing, the debate takes on a new urgency. This is what Stefan would like to discuss with the participants of CIOmove in Morocco in May.

He is assisted by Gerd Niehage, CTIO Swisscom.