What's Involved in Risk Assessment?
When it comes to your data, there is no single magic bullet that can protect you from every scenario. But you can improve your overall data health by taking a closer look at the three aspects of data risk: sources, security and compliance.
Start with: Is Your Data Safe? How to Assess Your Data Risk - Part 1
Data Sources
Understanding both the quality of individual sources and the quality of your data mapping is key to assessing your risk. When we talk about data sources, we have to consider not only where data comes from, but how it enters our systems. For example, it's probably safe to assume that the lead list you purchased from a vendor isn't as accurate or up-to-date as the list of leads you captured from a recent, targeted, double-opt-in campaign.
But even if you could 100% trust the accuracy of every record from every source — including manual entry by salespeople, submissions from any range of online forms, engagements within products or mobile apps and shared data from partners or parent companies — you would still be looking at a multiplicity of fields, standards and definitions across sources. One source may require a country code in the phone number field, while another does not. One source may have a single name field, while all the others break out first and last names.
Getting these sources to all speak the same language can be a challenge in and of itself, but it is well worth the time and consideration. Fortunately, there are technologies available that will automate data quality as part of the data integration process, so you can avoid risk with the steep time investment of manual data correction. Also, the industry is beginning to recognize the importance of swiftly identifying data's integrity — 95% of executives agree there should be cross industry standard metrics to assess the quality of enterprise data.
Data Security
If all your data were collected in a single Excel spreadsheet, it would be pretty easy to assign a person or two to watch over that data, to keep it secure and to validate it, line by line. But that's not the world we live in. In fact, less than half of enterprise executives report delivering data accuracy, consistency, accessibility or completeness as "very good."
This data disorder is created by a landscape of data infrastructures composed of a complex network of interconnected programs and platforms. There are obviously tools that specialize in connecting systems and ingesting data into a repository. And some businesses have success just doing that — but are they really getting a true sense of data health? Would they even know if they had data quality issues?
The first step of data security is securely connecting to our data sources, ingesting the data and performing that first pass of data quality checks to ensure that we're getting the right data in the right fields. Next, data profiling technology can help us make sure that phone numbers look like phone numbers, and emails look like emails, and so on, so we can feel safe that we haven't mis-categorized sensitive information. Some profiling technologies may even be able to automate resolution for common data errors.
After that, it's time for people to get involved, so the data experts can manually correct, reconcile and validate any records that cannot be confidently evaluated by the automated data quality tools. Proper processes and workflows need to be in place so that the right people can look at it in a formal way. This will require technology for data inventory, data stewardship and data preparation.
Compliance
Good intentions — even good intentions backed by good technology — can only take you so far. A recent study by the UK Information Commissioner's Office (ICO) discovered that up to 90% of data breaches can be traced back to human error. Believe it or not, this is good news — back in 2015, IBM reported that a full 95% of data breaches were caused by human error.
Technology can help here by providing a centralized infrastructure for managing and ensuring compliance across the organization. These products allow you to establish clear access protocols and permissions that will protect your data, without creating false barriers to access that might make people less effective at their jobs. They also make it possible to automate the classification of data through semantic types and build a well-defined business glossary, so that everyone is speaking the same business language when it comes to their data.
Protecting Yourself from Risk
Your data is too important to leave anything to chance. It will take a balance of people and processes, supported by the right technology and automation, for you to keep up with the never-ending flow of data through your company. In a perfect world, we would all have top-of-the-line security solutions and 100% compliance with every piece of advice from the IT team. But, even in this imperfect world, we can make significant progress.
If you're getting ready to make a change, start small: make sure that your data is standardized, cleansed and adheres to whatever standards you have. Solving the problem of compromised data sources will have a ripple effect throughout the organization, making everyone more effective and efficient, and freeing up resources to devote to larger data issues.
The Latest
APMdigest and leading IT research firm Enterprise Management Associates (EMA) are partnering to bring you the EMA-APMdigest Podcast, a new podcast focused on the latest technologies impacting IT Operations. In Episode 2 - Part 2 Pete Goldin, Editor and Publisher of APMdigest, discusses Network Observability with Shamus McGillicuddy, Vice President of Research, Network Infrastructure and Operations, at EMA ...
Most organizations suffer from some form of alert noise. Alert noise is only going to increase as organizations support cloud-native applications spanning multiple public and private clouds, including ephemeral deployments and more. It's not going to get easier for organizations to understand the signal from all those alerts being sent. So what can be done about it? ...
This blog presents the case for a radical new approach to basic information technology (IT) education. This conclusion is based on a study of courses and other forms of IT education which purport to cover IT "fundamentals" ...
To achieve maximum availability, IT leaders must employ domain-agnostic solutions that identify and escalate issues across all telemetry points. These technologies, which we refer to as Artificial Intelligence for IT Operations, create convergence — in other words, they provide IT and DevOps teams with the full picture of event management and downtime ...
APMdigest and leading IT research firm Enterprise Management Associates (EMA) are partnering to bring you the EMA-APMdigest Podcast, a new podcast focused on the latest technologies impacting IT Operations. In Episode 2 - Part 1 Pete Goldin, Editor and Publisher of APMdigest, discusses Network Observability with Shamus McGillicuddy, Vice President of Research, Network Infrastructure and Operations, at EMA ...
CIOs have stepped into the role of digital leader and strategic advisor, according to the 2023 Global CIO Survey from Logicalis ...
Synthetic monitoring is crucial to deploy code with confidence as catching bugs with E2E tests on staging is becoming increasingly difficult. It isn't trivial to provide realistic staging systems, especially because today's apps are intertwined with many third-party APIs ...
Recent EMA field research found that ServiceOps is either an active effort or a formal initiative in 78% of the organizations represented by a global panel of 400+ IT leaders. It is relatively early but gaining momentum across industries and organizations of all sizes globally ...
Managing availability and performance within SAP environments has long been a challenge for IT teams. But as IT environments grow more complex and dynamic, and the speed of innovation in almost every industry continues to accelerate, this situation is becoming a whole lot worse ...
Harnessing the power of network-derived intelligence and insights is critical in detecting today's increasingly sophisticated security threats across hybrid and multi-cloud infrastructure, according to a new research study from IDC ...