business
‘‘
TALKING
////////////////////////////////////////////////////////////////////
• Unnecessary data which consumes
resources, such as high-performance
storage, cloud billing back-up/DR systems
and people’s time
• Valuable data sources that are currently
not known about or under-utilised
The outcome of this process is remediation
of these issues through automated policies,
role-based workflows, dashboards and on-
demand reports. Proactive management in
this way is required to work at scale and is
essential for data subject requests and in the
event of a data breach.
How can better data insight improve
business outcomes?
Insights from data can help to drive
out inefficiency and improve customer
experience, both of which help to drive up
competitiveness and are at the heart of
digital transformation. In addition to these
benefits, insights from data can also uncover
new business opportunities or models, either
in your current market or in an adjacent
one. Unfortunately, many (if not most)
businesses don’t have good control of their
data and typically do all of the following to
some degree:
• Collect more data than is needed
• Retain data beyond its useful life or its
stated data policy
• Create data copies with little or no control
The notion that all data has value needs to
be tempered, as the opposite side of the
same coin to value is risk. It’s important to
note that value is easier to find if you are in
control of your data first.
Take GDPR as an example. Many businesses
are viewing it negatively as ‘more red tape’
but if controlling and centralising personal
data leads to richer, better managed
datasets, it’s actually a win-win outcome.
There is less risk for the organisation, the
opportunity to make savings from improved
efficiency and the potential for new business
and increased revenue.
How can enterprises simplify their
management of data?
Most companies use many different
point products to manage their data for
many different reasons: Organic growth,
36
INTELLIGENTCIO
M&A activity, management changes,
vendor lock-in and new technology
choices not supported by existing systems
(cloud for example), all of which drive
data management related purchases.
Consolidating these data management
operations can drastically simplify the
management of data in an enterprise and
bring about many other benefits.
Multiple back-up products, availability
systems tied to infrastructure and separate
retention and compliance products all push
up management overheads. They also
create separate silos which are wasteful and
costly. Attempts to gain insights from data,
through content search and analytics, can
also drive up silo acquisition and further add
to complexity.
Consolidating all of these functions by using
a single data platform instead of point
products allows enterprises to simplify end-
to-end data management and gain greater
visibility and insight at the same time. It’s
important that consolidation carries no
infrastructure agenda or future agility could
be stifled if you need to shift beyond your
current vendor ecosystem; going multi-cloud
for example. In addition to simplifying your
entire data landscape, consolidation in this
way has a data-reduction impact which can
be further multiplied by profiling your data
and automating policies based on content.
How can enterprises reduce data
privacy risks?
Traditionally, enterprises continually collect
data and retain it, assuming it will have
some future value. New global privacy and
data breach regulations (not just GDPR)
mean that personal data/PII now carries a
significant risk.
Assessing your current state with respect
to privacy with a Data Protection Impact
Assessment (DPIA) is a good place to
start. However, the answers provided in
these reports are not definitive, as some of
its output draws on subjective responses
from staff. It’s also flawed as a ‘one off’
exercise. Enterprises will have many new
services, planned or going live, plus changes
to existing systems that include the use
of personal data, all happening on a daily
basis. Even before a DPIA style of report is
published, it will be out of date.
Technology can certainly help take the
uncertainty out of assessing privacy risks and
also provide an on-going dashboard instead
of a one-off report but care is needed.
Content based searches don’t all provide the
breadth of coverage needed by a modern
enterprise. In addition, search technology
can help find specifics reasonably easily
but they are less good at finding types of
data, known as entities. With new data-
collection possibilities linked to IoT, mobile
and processing by machine learning and
AI, it’s also very important for enterprises
to employ people with the right privacy and
governance skills in these areas, too.
How would you advise businesses
to prepare for the impending arrival
of GDPR?
There are many aspects to GDPR but from a
data perspective you simply can’t become
compliant unless you understand where
personal data resides, the sensitivity of
that data, who has access and how well it
is secured. This is true for both structured
and unstructured, wherever it resides.
For unstructured data, indexing, profiling
and creating up-to-date dashboards and
subsequent policy automation are a huge
help; for search and entity extraction
too. For structured data – databases and
applications – leveraging recovery systems
for dev and test makes these processes
auditable and, importantly with such a
concentration of personal data, secure. As
a side benefit, you can also reduce time-to-
market in this way.
GDPR is actually a great opportunity because
much of what you need to do for GDPR is
aligned to digital transformation. Both centre
around customer data and effective control
of data will produce richer information
for your business. Customer trust is also a
huge issue for the modern enterprise, so
embracing GDPR in spirit, as well as to the
letter, will go a long way to bridging the gap.
Enterprises that fail to grasp the importance
of understanding their data, will be more
likely to be affected by data breaches and
are also less likely to be successful with digital
transformation programmes.
Lastly, if you do invest in technology to help
with GDPR, make sure it also brings other
efficiencies and benefits beyond helping
with compliance. n
www.intelligentcio.com