2019 has been a year of high profile data breaches with new stories of hacks being published in the media almost every week. Most recently, NordVPN, a virtual private network provider had an expired internal private key exposed, allowing anyone to imitate NordVPN. With every hack reported, consumers become increasingly frustrated and boardrooms across the globe face increasing pressure to protect their organisations’ data.
Yet, when we examine our data vulnerabilities, what are we really looking at? If your organisation is only considering the neat rows and columns of a database, then you’re missing a big part of the picture. I’d venture that structured data is what the majority of the general public associates with data, and data breaches. Structured data is stored nice and neatly in rows and columns of databases, spreadsheets, or CRM and ERP systems, among other systems of record; and when many business leaders plan for preventing hacks and breaches, they plan with structured data in mind.
That narrow definition of “data” ignores a tremendous amount of hidden data, referred to as unstructured data, and with that, potential liability when unaccounted for. How many times have you taken a picture of your license or passport and submitted it as proof of ID? Taken a picture of your car bumper after a car crash for your insurance company? Scanned a form and attached it as part of a claim or an application? Documents, pictures and video are another means of storing data about consumers, but in an unstructured way. Unstructured data represents any data that does not have a recognisable structure. It is unorganised and raw and can be non-textual or textual. And, the reality is that most information about consumers shared with businesses is re-entered into multiple systems.
Unstructured data for convenience
If you’re thinking back to the countless times you’ve shared unstructured data with an organisation, you’re not alone. Unstructured data has become an integral part of how organisations conduct digital business on a daily basis. It’s often what enables an easier, faster customer experience. For example, would you rather fill out generic forms detailing your car’s damage after an accident or instantly share an image with an insurance agent? For convenience, we are all likely to opt to share unstructured data with an organisation and businesses will continue to incorporate it into processes for exactly that reason. To that end, it’s no surprise that Gartner predicts that, by 2022, 80 per cent of all global data will be unstructured.
With the growth of unstructured data comes the unfortunate truth that it is much more difficult to control and secure than structured data. For example, if an employee is taking information in the form of unstructured data and inputting it elsewhere, they might store the original document or picture on a local file share or leave it in an email as an attachment. Within one organisation, the process for handling documents could vary across employees and teams and it’s entirely likely that management has no idea this is taking place.
How many organisations know which files contain personal information about their customers, their employees and have full control over who can access this information?
Unstructured data doesn’t have to be a forever risk, though. It is entirely possible for organisations to manage and incorporate it into safe data practices and protocols. For that to happen successfully, business leaders must do the following:
- First, acknowledge that unsecured unstructured data is a problem within the organisation. Add it as an urgent priority for the IT or data security teams to address. Do not wait until an issue arises or assume that hackers are going to go after larger volumes of what one assumes is more “attractive” data. We’ve learned that hackers are unpredictable and that no organisation, no matter the size or scope, is immune to the threat.
- Second, an organisation needs to get a handle on what exactly their unstructured data is and where it currently lives, even if that differs across the business. In order to solve this problem, management needs to have a holistic view of the extent of the problem.
- Finally, and most importantly, organisations need to deploy systems and processes for handling and storing of unstructured data throughout its entire lifecycle. This means, from the time a customer delivers a piece of information to the time it is destroyed, there is a very clear system in place. To help with the burden of large volumes of customer information, much of this workflow should be automated. This moves responsibility away from the employee while ensuring complete governance and security.
Unstructured data may seem to be another unwanted data problem, but it’s actually a vital tool in improving outdated processes and enabling truly digital business. Fortunately, we have the technology available to manage this data in a way that doesn’t impede our outcomes. The key to unstructured data management is finding a balance between security and privacy, while still enabling exceptional customer and employee experience. The ultimate goal is for the process of submitting unstructured data and extracting information to be seamless while maintaining the necessary security and privacy controls on the management of the data.
Paul Hampton, Senior Director of Product Marketing, Alfresco