AIgo Notes››Note details
Protecting Merged Data: Strategies for Governance & Access Control
BY u6dwl
June 24, 2025•
Public
Private
3952 views
Key Points on Protecting Merged Data in Enterprises
Introduction
- Data usage has evolved significantly in enterprises over the past decade.
- Traditional data usage focused on business intelligence and generating insights.
- Recently, data is increasingly utilized for AI purposes, including training models and running generative AI (Gen AI) systems or Retrieval-Augmented Generation (RAG) models.
Challenges and Strategies for Protecting Merged Data
Data Integration and Security Concerns
- Enterprises are merging data from multiple sources, creating a blend of information.
- Protecting merged data is critical, as sensitive information is combined across various domains.
Traditional Data Access Approaches
- Historically, data access involved requesting and approving access rights to specific data sources, such as HR or financial data.
- Creation of data warehouses and marts for easier query and reporting by users.
AI and Data Querying Methods
- AI systems utilize large language models for querying data via assistants.
- Information is embedded into vector databases for AI systems to query, supplementing responses with enterprise data.
Strategies for Data Protection
1. Access Controls
- Implement access controls for merged data viewed as new data assets.
- Ensure only authorized users access data pools merged in data warehouses.
2. Data Objects
- Define logical groupings of data as distinct objects for access control.
- Provide user access based on specific data objects, rather than entire data sources.
3. Data Virtualization
- Use data virtualization to query data without physical data movement (ETL processes).
- Virtualized outputs allow access and control over what users can see at runtime.
- Incorporate strong data governance practices to ensure the security of virtualized data.
4. Filtering Techniques
- Apply pre-filtering or post-filtering on query results based on user access rights.
- Pre-filtering returns only accessible data, while post-filtering adjusts visibility after data retrieval.
Enhanced Access Strategies
Birthright Access
- Implement birthright access based on user's identity, role, organization, and location.
- Simplify data access control by correlating user's role with available data.
Compliance and Observability
- Ensure compliance with monitoring and observing all data access and activities.
- This should be a standard procedure to safeguard data and ensure compliance with regulations.
Conclusion
- Merged enterprise data requires effective strategies for access control and protection.
- Employing strategies like least privilege access, good data governance, and adherence to compliance standards is crucial.