Data governance end-to-end guide
In order to control which marketing actions can be performed on certain datasets and fields in Adobe Experience Platform, you must set up the following:
- Apply labels to the schemas fields or entire datasets, whose usage you want to restrict.
- Configure and enable data governance policies that determine which kinds of labeled data can be used for certain marketing actions.
- Apply marketing actions to your destinations to indicate which policies apply to data sent to those destinations.
Once you have finished configuring your labels, governance policies, and marketing actions, you can test your policy enforcement to ensure it is working as expected.
This guide walks through the full process of configuring and enforcing a data governance policy in the Platform UI. For more detailed information on the features used in this guide, refer to the overview documentation on the following topics:
Apply labels labels
You can apply labels to a schema so that all datasets based on that schema inherit the same labels. This allows you to manage the labels for data governance, consent, and access control in one place. By enforcing data usage constraints at the schema level, the effect propagates downstream to all datasets that are based on that schema. Labels applied at the schema field level support Data Governance use cases and are discoverable in the Datasets workspace Data Governance tab under the Field Name column as read-only labels.
If there is a specific dataset that you want to enforce data usage constraints on, you can apply labels directly to that dataset or specific fields within that dataset.
Alternatively, you can apply labels to a schema so that all datasets based on that schema inherit the same labels.
Apply labels to an entire dataset dataset-labels
Select Datasets in the left navigation, then select the name of the dataset you want to apply labels to. You can optionally use the search field to narrow down the list of displayed datasets.
The details view for the dataset appears. Select the Data governance tab to view a list of the dataset’s fields and any labels that have already been applied to them. Select the pencil icon to edit the datasets labels.
The Edit governance labels dialog appears. Select the appropriate governance label and select Save.
Apply labels to a schema schema-labels
Select Schemas in the left navigation, then select the schema that you want to add labels to from the list.
The schema’s structure appears in the Schema Editor. From here, select the Labels tab to show a list view of the schema’s fields and the labels that have already been applied to them. Select the checkboxes next to the fields that you want to add labels to, then select Apply access and data governance labels in the right rail.
The Apply access and data governance labels dialog appears. Select the labels that you want to apply to the chosen schema field. When finished, select Save.
Continue following the above steps to apply labels to different fields (or different schemas) as needed. When finished, you can continue to the next step of enabling data governance policies.
Migrate labels previously applied at the dataset level migrate-labels
Select Dataset in the left navigation, then select the name of the dataset you want to migrate labels from. You can optionally use the search field to narrow down the list of displayed datasets.
The details view for the dataset appears. Select the Data governance tab to view a list of the dataset’s fields and any labels that have already been applied to them. Select the cancel icon next to any label that you want to remove from a field. A confirmation dialog appears, select Remove label to confirm your choices.
After you have removed the label from your dataset field, navigate to the Schema Editor to add the label to the schema. Instructions on how to do this, can be found in the section on applying labels to a schema.
After you have migrated the necessary labels, ensure that you have the correct data governance policies enabled.
Enable data governance policies policy
After you have applied labels to your schemas and/or datasets, you can create data governance policies that restrict the marketing actions that certain labels can be used for.
Select Policies in the left navigation to view a list of core policies defined by Adobe, as well as any custom policies previously created by your organization.
Each core label has an associated core policy that, when enabled, enforces the appropriate activation constraints on any data that contains that label. To enable a core policy, select it from the list, then select the Policy status toggle to Enabled.
If the available core policies do not cover all of your use cases (such as when you’re employing custom labels that you’ve defined under your organization), you can define a custom policy instead. From the Policies workspace, select Create policy.
A popover appears, prompting you to select the type of policy you want to create. Select Data governance policy, then select Continue.
On the next screen, provide a Name and optional Description for the policy. In the table below, select the labels that you want this policy to check for. In other words, these are the labels that the policy will prevent from being used for the marketing action(s) you specify in the next step.
If you select multiple labels, you can use the options in the right rail to determine whether all labels must be present in order for the policy to enforce usage restrictions, or if only one of the labels needs to be present. When finished, select Next.
On the next screen, select the marketing actions that this policy will restrict the previously selected labels from being used for. Select Next to continue.
The final screen shows a summary of the policy’s details and the actions it will restrict for which labels. Select Finish to create the policy.
The policy is created, but is set to Disabled by default. Select the policy from the list and set the Policy status toggle to Enabled to enable the policy.
Continue following the steps above to create and enable the policies you require before moving on to the next step.
Manage marketing actions for destinations destinations
In order for your enabled policies to accurately determine what data can be activated to a destination, you must assign specific marketing actions to that destination.
For example, consider an enabled policy that prevents any data containing a C2 label from being used for the marketing action “Export to Third Party”. When activating data to a destination, the policy checks what marketing actions are present on the destination. If “Export to Third Party” is present, attempting to activate data with a C2 label results in a policy violation. If “Export to Third Party” is not present, the policy is not enforced for the destination and data with C2 labels can be freely activated.
When connecting a destination in the UI, the Governance step in the workflow allows you to select the marketing actions that apply to this destination, which ultimately determine which data governance policies are enforced for the destination.
Test policy enforcement test
Once you have labeled your data, enabled data governance policies, and assigned marketing actions to your destinations, you can test whether your policies are being enforced as expected.
If you set things up correctly, when you attempt to activate data that is restricted by your policies, the activation is automatically denied and a policy violation message appears, outlining detailed data lineage information about what caused the violation.
See the document on automatic policy enforcement for details on how to interpret policy violation messages.
Next steps
This guide covered the required steps for configuring and enforcing data governance policies in your activation workflows. For more detailed information on the Data Governance components involved in this guide, refer to the following documentation: