Data has become critical to the lives of every one of us today. It is the lifeblood of our rapidly growing digital existence. With each new smart device coming onto the market, there’s an explosion in the amount of data created, captured and analysed.
This data provides information to the authorities on everything from social trends to city planning needs. Consumers and citizens alike are happy to enjoy the benefits of a digital existence, as the government and enterprises’ access to a wealth of data enables more innovation, better services and greater convenience.
From intelligent home devices to autonomous cars and smart roads, technology is keeping tabs on us - prompting one key question: ‘is our information safe? ‘
The challenge faced by businesses is how to navigate and manage this unprecedented amount of information, data and content – which is multiplying at historic rates – while still protecting the privacy and security of every customer. There is a significant gap between the quantities of data being produced today that needs protection and the amount that is actually being secured by the enterprises that collect it - and the gap will only get wider in the future. Every week brings another headline about security breaches exposing thousands of records for possibly malicious use.
Inevitably, criminals and cyber-terrorists have been quick to recognise the opportunities presented by the ocean of data available to them, and the much of world’s regulatory authorities have responded by creating rules that formalise the steps enterprises must take to protect both customer and enterprise data.
As enterprises identify and service unique or critical data points to realise its vast potential, two crucial and interconnected factors will govern their actions. These are security and the need for regulatory compliance.
A key upcoming piece of legislation will force enterprises to develop new approaches to information management—the European Union’s General Data Protection Regulation (GDPR). Slated for mandatory compliance by May 25, 2018, the GDPR places significant requirements across all organisations collecting data on European residents to closely manage and track the personal information they collect. The rules affect every entity both inside and outside of Europe that holds or uses personal data of covered individuals.
Every business will need to prove it handles personal data properly. Among other requirements, it will be necessary for companies to show consent to use data collected when required, delete data or correct errors and provide copies of data when asked. To fulfill these requirements, it will be vital to track all uses of personal data and protect the privacy of the individual.
To help achieve this end, every company housing personal data collected on European residents will benefit from using an enterprise data lineage solution. These solutions can provide quick lineage reports of the source and use of data through the organisation and provide on-the-spot auditing of all data flagged as personal. Without a data lineage solution, or something like it, your company may find itself halting business to provide manual reports to regulatory bodies.
Businesses in Singapore will likely be the most affected in Southeast Asia, since the country is the EU's largest commercial partner in ASEAN, accounting for slightly under one-third of EU-ASEAN trade in goods and services.
Complying with the GDPR and similar regulatory requirements such as Singapore’s PDPA is a significant challenge, not least because enterprises have typically locked up vital information in departmental silos, spread across legacy and modern systems ranging from 40-year old mainframes to on-premises storage and the cloud.
A Forrester survey commissioned by ASG Technologies found that one of the key challenges identified by the enterprise architecture and operations professionals surveyed, is dealing with their firms’ legacy storage or disconnected content management systems. Twenty-five percent said their ability to move content to the cloud is hampered by their existing infrastructure. Typically, enterprises are adding to their technical base or technologies supported, rather than replacing them.
Clearly, businesses need to identify and deploy solutions that span traditional and new technologies, enabling them to seamlessly access their data, track its lineage across data warehouses and through transformations while maintaining the necessary information to support governance of personal data in order to demonstrate GDPR compliance.
The costs of understanding and utilising the mass volumes of data in this complex environment are significant, but the cost of not using accurate data for decision making, failing a compliance audit, or a experiencing a security breach are much more expensive, not only from the cost and lost opportunity but equally importantly from the impact on enterprise reputation.
The bonus for enterprises that address their compliance issues through the deployment of a dedicated tool-agnostic data management solution is their ability to support citizen data scientists with a deep view into the enterprise’s most valuable data. Accurate representations of the data estate will support making critical business decisions faster, providing business agility that will drive immediate results and helping to build new offerings for customers.
Organisations whose data has this integrity will be ready to respond to any opportunity or request, whether it involves new business, strategic initiatives or compliance. But it will require the right technology and the ability to prove its quality. Getting this straight at the beginning of this new digital era will pay dividends as we move into the future.
To learn more about how you can become GDPR-compliant, visit our website.
Praveen Kumar, General Manager, Asia Pacific, ASG Technologies
Image Credit: ChingChing / Shutterstock