As more businesses adopt big data analytics solutions, one of the key questions that will need to be answered is how they will handle the vast amounts of information they collect. Developments such as social media, mobile devices and the Internet of Things make it easier than ever for companies to gather a wide range of data that can give insight on every aspect of their customers’ activities and preferences.
At the same time, users are more concerned than ever about what is being done with their information. Whether it is personal data being sold for profit, hackers looking to steal financial details, or a government monitoring its citizens’ activities, there has never been greater awareness among the public of the importance of data privacy and security.
Companies that are unable to demonstrate they care about their users’ privacy are likely to be viewed with suspicion by many consumers, who will be wary about doing any business with them that requires handing over personal details. Therefore, from both financial and reputational perspectives, it pays to have strong security policies in place.
The need for compliance
As well as reassuring customers about the safety of their personal data, enterprises are frequently dealing with a complex set of regulators concerning this, both at a national and international level.
For instance, 2015 will see the European Union implement a major update to its rules, with the introduction of its General Data Protection Regulation (GDPR). Intended to be a more unified solution to privacy to replace a patchwork of differing national rules, the regulations are likely to require many firms to overhaul their practices to ensure they remain compliant.
The GDPR will impact existing established rules such as the UK Data Protection Act, leading to further headaches for companies that are working with large volumes of data. Uncertainty about what their responsibilities are, and may be, remain widespread, with research from Kroll Ontrack suggesting four out of five IT managers do not know what they will have to do to be compliant with the GDPR.
Keeping your data under control
In order to meet these demands, there will be several challenges to be addressed, and these generally fall into two categories – technical and cultural. For the former, it will be incumbent on businesses to put in place the right solutions and standards, such as ISO 27001, in order to effectively and reliably manage their processes and protect their data.
However, it is the latter challenge – making the necessary cultural changes in an organisation to meet data protection expectations – where the real difficulty may lie. Altering attitudes to make the careful and considered management of data a priority must take place on a company-wide basis, and be driven from the very top.
This will require the implementation of clear best practices for handling sensitive customer data and improving working processes. A range of policies may play a part in this, such as ensuring that the use of data is limited to specific, defined uses, or anonymising it wherever possible.
Security plus performance
It will be vital that the measures businesses put in place are able to meet all regulatory requirements and keep data safe – but firms will also have to work hard to ensure that these processes do not get in the way of the effective analysis of information.
As the ‘data real estate’ of many firms grows, it can create a sprawling, hard-to-control environment that not only slows down analytics activities, but can open up data to unauthorised access. Information must be kept clean, accurate and relevant to ensure that the risks are minimised and analytical value can be derived.
It will also be important for enterprises to place a high priority on data provenance. This means understanding the flow of data around the business, who has access to it and exactly what path it takes. This not only helps businesses develop a better idea of how they are handling their information, it will be essential for auditing purposes, which is something more businesses will have to deal with on a regular basis as various industries come under closer scrutiny.
Keeping big data solutions secure is about much more than just encrypting it and implementing security tools to prevent breaches. Reassuring customers and building trust will be vitally important for firms, and this will require a major shift in how they think about their data management.