Do you understand your company data? Data is one of any
company’s most valuable assets but it’s probably the one we understand the
least. And, this is also the asset that is suffering from a lack of trust.
According to a recent Talend survey, only 35% of the respondents in the UK
always trust the data they work with. So, if we can’t understand and trust the
data we are using every day to run our business, how can we make sure data is
safe and does not compromise growth and sustainability of an organisation?
If the security of information systems has been scrutinised
by organisations for decades – putting in place the right protocols, training
employees on security awareness – data security (and privacy). It has started
to be on the agenda of boardroom discussions since GDPR came into force in
2018. Creating a major disruption in the digital industry. With this
ground-breaking regulation, the EU paved the way to data privacy laws in many
other regions and countries around the world. Protecting personal data of
users, consumers and citizens is the aim of these regulations – making sure
data is used in a responsible manner, and it is protected from data breaches.
It can be something as simple as the right data in the
wrong place. So much of our conversation about security centres around
personally identifiable information (PII). If PII data isn’t identified or
isn’t in the right field — for example, payment information erroneously mapped
to an unprotected field and viewed by unauthorised individuals — you could be
at risk of exposing very sensitive information. Data breaches affect
organisations every day and often make the headlines. Most recently, 700
millions of LinkedIn users data were exposed. In 2018, the hotel chain Marriot
International announced 500 millions of customers data was exposed.
With regulations like GPDR, financial consequences on
business can be substantial with fines up to 10 million euros or 2% of global
turnover. However, the major consequence is the lost of consumers’ trust. The
challenge of such regulations is also to make consumers trust the organisations
with which they share their data. One way to achieve this is to give them the
opportunity to take control, and to be transparent, on the processing of their
information with options allowing them to exercise their rights autonomously.
This can be achieved with the right approach to data management to make sure
you can efficiently reduce data integrity risks.
Step 1: Assessment
The first step is to identify areas in wich your data is at
risk; starting with data sources. Understanding both the quality of the sources
and the quality of your information. Mapping is key to evaluating your risks when
we talk about data sources. We have to consider not only where data comes from,
but how it enters our systems. For
illustration, it’s likely secure to accept that the lead list you obtained from
a seller isn’t as exact or up-to-date as the list of leads you captured from a
later, focused on, double-opt-in campaign.
However, in the event that you trust 100% the accuracy of
each record from each data source — counting manual section by sales
representatives, entries from any run of online channels, engagements within
products or apps, and shared information from accomplices or parent companies —
you’d still be looking at a variety of areas, guidelines, and definitions over
sources. One source may require a country code within the phone number field,
whereas another does not. One source may have a single title field, whereas all
the others break out to begin with first and last names.
After evaluating your data sources and information in
there, the second step consists in checking data security. In case all your
information were collected in a single Excel spreadsheet, it would be ideal to
simple assign an individual or two to observe over that information, keep it
secure, and approve it, line by line. But that’s not the world we live in. For
most of us, the scene of our information foundation may be a complex array of
interconnected programs and stages. There are solutions that specialise in
interfacing frameworks and ingesting information into a store. And few
businesses have been able to do that — but are they truly getting a genuine sense
of information wellbeing? Would they indeed know in case they had information
The primary step of information security is safely
interfacing information sources, ingesting information, and performing quality
checks to ensure we’re getting the appropriate information in the right place.
Then, data profiling can offer assistance to ensure that phone numbers look
like phone numbers, and emails look like emails, and so on.
The third area of assessment is compliance with the aim of
protecting your data. In 2020, 37 billions of data were exposed through
breaches for a total number of data breaches of about 4,000. A recent study by
the UK Information Commissioner’s Office (ICO) discovered that up to 90% of
data breaches can be traced back to human error – weak credentials,
unauthorized access to data etc.
Technology like data cataloguing can help here by providing
a centralized infrastructure for managing and ensuring compliance across the
organization. It allows you to establish clear access protocols and permissions
that will protect your data, without creating false barriers to access that
might make people less effective at their jobs. It also makes it possible to
automate the classification of data through semantic types and build a well-defined
business glossary, so that everyone is speaking the same business language when
it comes to your data.
Step 2: Minimize risk
Your data strategy and culture should support the objective
of getting healthy data throughout your organisation. This holistic approach
would include first data integration; the easiest way to protect yourself from
compromised data is to make sure that it never enters your systems in the first
place. Ideally, you will want to set up automated checks for data quality as part
of your ingestion process. It should start with prioritising data sources,
collecting data and profiling as well as cleaning your data.
The second step consists in data governance. With an
expected value of USD 5.28 billion by 2026, the data governance market growth
is driven by the explosion of data, the use of new technologies like IoT or
artificial intelligence but also by the impact of data privacy regulations. The
collection of processes, roles, policies, standards, and metrics that ensure
the effective and efficient use of information in enabling an organization to
achieve its goals with the involvement of three main groups usually – data
engineers, data stewards and business users.
The third and last step in this data management process is
automation. Unless you’re keeping critical data in a simple spreadsheet — which
would be an inefficient way to do business — you’re going to need technology to
automate the repeated tasks of managing your data.
The heavy lifting will come from IT, as they set up
technology and rules that will automate data integration, data quality, data
preparation. From there, governance and workflow processes can all work
together. If something can’t be automated, it goes through a formal review
process with the data stewards.
Once you get that initial process defined and outlined,
it’s not so much an exercise as just business as usual. As new data comes into
the organization, defined processes automate the cleansing, enriching, and
standardization of the data. Whatever data can’t be confidently conformed
through automated means gets sent through defined workflows and rectified by
those that know the data best. This becomes the natural lifecycle of data in
Data management can’t be just a step or a moment in time, as it typically is today. It must be an active and intentional system that enables the business to better understand its data – its reliability, the risks it poses, and the opportunity it offers to create business value. You need visibility and clarity into your data. The solutions you use to manage data should provide you with the insights that will help you make your organization smarter, more agile, and more efficient while avoiding risk.
Felipe Henao Brand, Senior Product Manager, Talend