It stands to reason. In increasingly crowded marketplaces, and with an ever-growing thirst for competitive advantage, businesses are seeking out new ways to understand consumer behaviour, as well as the ways this information can be used to drive commercial success. The importance of big data and data protection to organisations continues to grow.
But, with this opportunity comes an inevitable threat to data security and an increasing responsibility to keep it safe. With more and more devices connected via the Internet of Things and companies collecting more data than ever, the risk of financial exposure, reputational damage, loss of trust and even criminal proceedings, for those that fail to protect data, are no laughing matter.
Let’s start out by being clear on what big data is. As the name suggests, big data refers to data sets that are too large and complex for traditional data-management tools to process and store efficiently. Importantly, big data grows exponentially with time. This means it will be bigger tomorrow than it was today and with this growth become less and less easy to manage.
Now, we need to understand the different types of big data. Big data is categorised into three types:
Structured – Think spreadsheets… this is the easiest to work with because it’s highly-organised and has fixed parameters.
Unstructured – This is phone calls or emails… it is a vast amount of data but not contained in the same way structured data is.
Semi-structured – An example of this is the photos you take on your phone… which have a date and maybe location automatically tagged but no structure beyond this.
To work out what type of data it is, as well as how best to manage it, it can be helpful to understand the origin and type of data in more detail. The best way to do this is by looking at the 3V’s (volume, velocity and variety).
Taking a methodical look at all of this helps us to get a better understanding of the big data we’re dealing with and the challenges it might bring to our organisations.
There is no denying that big data’s potential has revolutionised how businesses operate. It gives you access to huge volumes of information so that you can make better decisions, improve operations and grow revenue.
But having access to the data is just the start. Knowing how to interpret and use big data – to extract the benefits and to use it to build successful strategies – is key. Otherwise, all you have is a load of data.
And, getting the best returns from your data has to be balanced with the risks we’ve already talked about. It is not unreasonable to say that the greater the opportunity from big data, often, the greater the risk if you get compliance and regulatory matters wrong. So, how can we balance this risk? Is it true to say that big data really does need big protection?
People and expertise are key – Data Management requires skilled data professionals such as data analysts, engineers or scientists. They need to have an intimate knowledge of the tools needed to analyse large data sets. Don’t be tempted to economise on expertise. Getting the right – most experienced – people in place to manage your data will not only unlock its potential but could be the critical factor that protects your business from the risk of data breach.
The right tool for the job – Selecting the most appropriate tools can often be the first challenge after you look at the people. Actually, many businesses look at tools before they look at people… but we’ve already established this is a shortsighted approach. Making poor decisions can waste time and money. New technologies are being developed all the time and they need to be monitored closely to ensure a flexible solution is in place that can scale and grow with your business. Once again, having the right people in place will help you make the right decisions here.
Prepare for big data – If you think you’re going to be wading into the deep waters of big data, remember… A proper understanding of big data helps in its correct processing and storage. It also helps to maintain its integrity and accessibility. Failure to prepare properly for big data protection often leads to under-utilised data sources and sub-standard results. Once again (and we know, we’re a bit of a stuck record), having the right expertise here is critical.
Understand the compliance issues – Compliance is central to maintaining effective use of big data. Increased regulation is a result of greater data insecurity. If you manage big data and data protection, you are expected to demonstrate that security measures are in place at every stage of your data handling. You will be expected to meet the standards set out and to comply with privacy laws and legislation such as the EU General Data Protection Regulation (GDPR).
Don’t just know about compliance… show you understand – It isn’t enough to have an abstract knowledge of compliance matters – you need to demonstrate compliance. This means implementing effective risk management frameworks and strong security protocols against data leaks and cyber attacks, as well as using sophisticated analysis tools made available through big data.
Understand the importance of personal data – Compliance can seem like an impossible thing to understand. And, once again, getting proper expertise – particularly from a specialist lawyer – can be critical. But above all, understanding the importance of personal data will be key. Data protection becomes a greater challenge when big data analytics involve processing personal data, harvested from sources such as social media or loyalty schemes. GDPR signalled a new dawn in data protection law (although it isn’t the only piece of regulation that you need to comply with and that applies here). GDPR requires greater transparency in how personal data is processed. It states that only a minimal amount should be collected for a clear purpose. This is in direct contrast to the very concept of big data (which aims to collect as much data as possible and then analyse it to inform decision-making). Returning control to data subjects poses challenges in collecting, analysing, and processing data, but doing so in a compliant manner can positively impact confidence and trust in your business.
Map the scope of your data – More and more data is available in the cloud or streamed from devices, as large data sets are transferred outside normal business parameters to connect with other digital environments belonging to partners, suppliers and other third parties. Without a coordinated security strategy, this network of connectivity can jeopardise big data protection, leaving the data exposed to potential attacks from hackers.
Develop a digital strategy – If you’re working with big data, after setting up the right team of professionals, putting in place a clear and robust data strategy is going to be the most important thing you do. A data strategy provides a long-term plan of how an entire business can access and leverage big data to make business decisions and defines the roles people, processes and technology play in making it happen. You’ll need one to protect and optimise your data asset. You’ll need one to ensure it addresses business needs, generates value, and helps your company achieve its strategic objectives. And you’ll need one to ensure your organisation balances these opportunities with mitigating risks.
The potential challenges of big data and data protection can be addressed by having expert support and an effective strategy, with clear accountabilities and processes that detail how data is managed within your business. At Arbor Law, our senior lawyers can help you navigate the complex and dynamic world of data protection by providing legal advice on how best to manage big data and build effective strategies to ensure its safety. Contact us to find out more information.