Daily we (individuals and businesses) expand our digital footprint through numerous ways. Moreover, Big Data is an ever-growing business and our data is being collected and analyzed in mass. Additionally, enterprises have the increasing need to work across sites and geographical locations, migrating data between clouds. Our data is potentially scattered ubiquitously, and although we mostly offer our data in return for a service, do we actually know where our data is, how it is being processed (used and stored), and the associated consequences? How can we better manage our data and keep on top of where it is in the global, physical, and virtual expanse?
This is an area that is becoming increasingly more important. Not only are consumers now more aware of the value that their data represents, data processors are now obliged to ensure that they know where the data (that they are processing) is stored at all times, how it is being used, and should be able to warrant access to this data — when the individual (to which the data belongs) requests it. Above all, they need to ensure that the data they process and store is secure at all times — no matter what!
Data protection legislation is stricter than it has ever been, and the rights of the individual are at the forefront of this. Their security and privacy must be guaranteed. A global shift in the way in which data is deliberated is transpiring and it is occurring at a faster rate than most businesses can efficiently handle, presently. Many businesses are not equipped for what lies ahead — so much more needs to be done!
Data makes the world go 'round
There are more-or-less three types of data that are of interest: volunteered data (social media sharing, willingly shared by consumers), observed data (captured by recording actions of consumers such as location data from mobile phones) and inferred data (linking all the data points and building a picture of you). Let’s see how this can easily come together.
The Internet: You can purchase anything, and every website is tracing your every move. You can easily trace the data produced by your roommate (who may be a short distance away) or an acquaintance on the other end of the globe, due to everyone’s obsessive need to share absolutely everything. Data is everywhere! Everything we do is monitored and logged. Some of this data we freely give away through social media or other online tools, but data is also being created as a result of us simply going about our day-to-day lives. Messaging apps, banking apps, social media, search engines, email clients, etc. are all processing our data. Additionally, we are oblivious to where this is happening, how our data is being used and the security that is afforded to our data.
It’s common to see various social media feeds being constantly updated. You don’t need to look far to see people updating profiles with where they are, what they are eating, or where they have been, or where they are heading. Not many people think about the data that they are uploading, and many believe it only “lives” within their profile (if they delete it, it is gone!). Yet so many are very mistaken. The more we share our data, the easier it becomes to lose track of it, with regards to businesses as well as individuals in a private capacity. Large organizations such as Google and Facebook function through the use of personal data, yet consumers of these platforms have little understanding of the data trail that they are spawning across the Internet. The price that we pay to use these “free” services is with our data!
When we choose to take part in a quick online survey or shop online or even scan those loyalty cards (that shops so kindly provide us with to accumulate rewards when we shop) all this data is being collected and it is being processed.
IOT: Internet of Things technologies now commonly found in many of our homes and businesses are playing an integral part in our lives. These are additional sources for great volumes of data accumulation.
Big Data: This is the digital trail that you leave behind. This data is both structured (easily sorted and personal data-name, address, gender etc.) and unstructured (not as easy to sort — online customer service chats, reviews, surveys, etc.). This amalgamation of information is used by businesses to learn about their customers and better understand them.
Although the data is not unified, everything you do online is potentially a data point and can be processed. This data may include photographs, text, voice, and video. They know who you called, what you spent, where you spent it, where you drove, and patterns are created using all this information.
This is only a small representation of where our data is coming from, but all this data from various inputs and paths is captured, analyzed, shared, transferred and stored. The problem is majority of us do not give it a second thought. We are not keeping track of our data or the security of our data.
Our data has a price. We need to decide what that price is. We need to decide the value that we attribute to our data. We need to be knowledgeable of how our data is being used so that we can make informed and balanced decisions as to whether it is worth us offering up our data and to understand when we are being short-changed.
We are trapped in a digital system, data does make the world go around, the modern digital world leaves a digital trail, and this trail is followed diligently by those that can profit from it.
With everything being automated and interconnected, systems are holding and processing our data (personal data), and many of us are unaware. Legislation will help to ensure that our personal data is managed more appropriately, but what can we do and what can businesses do to ensure that all is OK with respect to our data — our most valuable asset.
Where does my data go?
Your data shared on social media, email data, stored data and so forth is mostly stored in the cloud.
We often read and hear “your data is in the cloud.” What does this actually mean? The cloud — the cloud is not real, it is a virtual place, it is not tangible, yet that is where most of our data resides. No longer filed in physical files on the shelf, or stored on physical servers but in a virtual realm that not many of us know much about. So, most of the time, the response to “your data is in the cloud” is “OK” and it is left at that. After all this is now the norm, it is accepted.
So, when our data goes to the cloud we are ultimately handing it over to a provider. These providers have datacenters in a multiple locations, countries, and even continents. The likelihood for most consumers is that they never actually know where their data is. The data moves from location to location, too, it does not necessarily have a fixed residence. It is difficult to always be sure of where your data is stored, and a lot of the time providers are even unsure.
The majority of the rentable cloud storage is controlled by major corporations — Amazon, Microsoft, IBM, and Google. Data is duplicated across their networks, across the globe.
Businesses can opt to have data reside in a certain country, when that option is made available to them, but how many of us can actually check that this is the case? Consumers, on the other hand, will often not be afforded this luxury.
Data moving between countries can raise concerns as within different countries, different rules and regulations apply to that data. Different levels of security are provided to that data.
Businesses are communicating across sites, and data is traversing geographical boundaries all the time. It is a convenient way of doing business as data can be accessed from anywhere and anytime, but the uncertainty regarding data location will need to change swiftly to meet inevitable stringent data protection regulations.
Manage your data better
With new data protection regulations, like GDPR (the EU General data protection regulation that has global reach), the importance of data security is becoming a lot clearer, and globally organizations are finding that they need to all get onto the same page and quickly. The security and privacy of peoples’ data matters, and organizations big and small processing personal data will need to comply with the regulation. Peoples’ data rights are at the forefront, and it aims to allow people to have a better understanding of what is being done with their data and gives them more control over their data.
As for the organizations processing the data, they need clarity on the data that they are processing and explicit consent from the data subject before doing so. They will need to know where the data is located at all times as to not infringe on the data subjects’ rights, which include: the right to be forgotten, the right to data portability, limited retention of data, and the lawful processing of data.
All these data issues need to be ironed out as of yesterday. Legislation is changing, and businesses will no longer be able to pull the wool over consumers’ eyes (as many have been doing for so long) when it comes to data processing and protection. Having said that, there is also no excuse in this day and age for consumer ignorance regarding data. We need to manage our data properly.
What can businesses do better?
- Be data focused. Focus on the data and not the device or the datacenter. This will improve the ability to find, access, and process the data.
- Have a comprehensive understanding of the data that you process and how you process it. Know that all data is not equal. Classify the data to prioritize security and management according to data value.
- Improve efficiency — do not collect or store what you do not need.
- Have frameworks and policies in place that are workable and enforceable, no matter where the data resides (physical, virtual, or cloud).
- Stay adaptable with a scalable infrastructure fit for future data needs.
- Secure all data.
- Store data securely, no matter where it resides.
- Remove legacy tools and practices.
- Back up in real time.
- Practice data recovery and keep testing regularly.
- Authenticate and encrypt.
- Anticipate the worst and be prepared.
If there is a singular thing consumers choose to do differently it should be to…
Think before you post!
Is it really necessary for your entire following to know that you are having lunch at McDonald’s, eating a happy meal and extra-large fries (but you really shouldn’t as you are on a diet and have been doing so well — up until now!). Followed by a visit to Starbucks to grab a coffee with Tom, Dick, and Harry?! Do you really need to inform everyone that you have just bought a designer handbag through posting a photo (of you holding the bag, outside the shop that your bought it at) taken with your mobile that is tracking your location? Some things are just better kept to yourself. The more you share, the more “digital crumbs” you leave behind for someone to follow and use, both benignly and maliciously. Decide the value that your data holds. Don’t give it away that easily.
We need to manage our data properly and give it the respect we would any other valuables — our data is our most valuable asset and this is a concept that people must learn to understand. If more of us understood this, many would think twice before choosing to update their next Facebook or Instagram post or choose to respond to a survey or enter into one or other reward scheme. The more our data is scattered across the globe, the more vulnerable we are to malicious attack.
Photo credit: Pexels