By Saurabh Saxena With increased technology abilities there comes increased data creation abilities. Data is not just created by words we type, photos and transactions we make, but also by various devices logging information in the background of our devices and applications, such as location coordinates, temperatures, and access times. This exponential data growth rate begs questions, such as what happens to all that data, who has access to it, where is it stored, and how is it secured.
In the enterprise setup as well, the measure of data churned out is increasing exponentially and it is predicted that in 2020 we will make at least 40 trillion gigabytes. 40 per cent of this data is expected to originate from sensors or machine-to-machine information alone. Immersive technologies like AI and ML are transforming customer experiences with an approach that would provide them with personalised services and improvements in back-office efficiencies. For example, Big Data is used for healthcare intelligence application that helps hospitals, payers and healthcare agencies augment their competitive advantages by developing smart business solutions. It also helps prevention of a wide range of anomalies by health administrators in the form of wrong dosage, wrong medicines and other human errors. Apart from these, Big Data and ML are spotting trends and providing better investment insight – robots are venturing into investment and changing how wealth advisory is delivered.
We concur, with enormous data sets comes enormous power as one can access, analyze, and leverage data for their own gain (whatever that may be). So, is it fair to say that we are now in a “data race?” • What is the goal of the data race? There are societal benefits to data collection and use, such as location tracking, which assists in traffic analysis to redirect map app users in traffic jams. On the flip side, this data can be misused for social engineering phishing attacks. Achieving the right balance of society benefits from data collection and use is a work in progress and an important part of the data race as we acknowledge risks.
Benign anonymised data certainly holds value such as determining trends and behaviour (think traffic counting on a Bangalore street), but most organisations seek a deep dive into an individual’s data for insights on opportunities to influence—this trend is the ringing of alarm bells for some.
With the ability to collect a vast amount of data, the goal is less about amassing quantity, but rather amassing the right data that prove valuable to an organisation’s operations. • Is there a winner? Unlike the Arms and Space Races, the players in the data race are not clearly defined. There are individuals who collect data in illegal ways and sell it on the black market. There are ‘state sponsors’ who collect vast amounts of personal data, sometimes both with intent to improve government services for its citizens, or potentially in an aim to further their own social engineering and spear phishing efforts for political purposes. There are companies who collect data on behalf of marketers or even political parties, aiming to identify manners in which their clients can influence purchasing decisions and public opinion. In each of these cases, it’s personal data that is the “product” being consumed by these organisations.
So, is there a winner? If not done ethically and with proper consent, it’s more about who’s losing the data race. Which, at present, the perception is that it’s the average consumer. A recent study showed warning signs that consumer concern over this issue could have negative repercussions on business growth. • What is being done to protect your data? Governments around the globe recognize that data collection and its associated privacy concerns are important to their citizens. Many introduced legislation, passed new regulations or created positions like Privacy Commissioner to help enable data protection.
While India-based organisations with global footprints have already taken measures to comply with regulations such as GDPR, entities which operate primarily in the Indian market are anxious to understand the impact of the Data Protection Bill on their day-to-day operations – our Personal Data Protection Bill is all set to be tabled to set standards on data privacy, design, personal data, transparency and security. • What can we do individually, and as organisations? Individuals must recognise the true cost of “free” services as organisations and potential third parties access and use their data – for good and bad. Ultimately, individuals are tasked with case-by-case decisions of who they will and will not allow accessing their data. For individuals to be better informed, the lengthy end user license agreements that people scroll past and accept fleetingly must be read. It requires looking closely at the fine print before clicking accept or allowing applications access or to interconnect and deciding if the benefits are agreeable enough to exchange for personal data.
Organisations need to ensure that they’re protecting data for security and compliance reasons, and this includes evaluating what data employees have access to and limiting that access only to the data they need for their jobs and providing it only when they need it. As the personal and professional worlds collide on the same devices, and even sometimes use the same identity credentials to authenticate access, organisations need to establish policies and educate employees on the personal and organisational risks they face.
With social engineering, a malicious player could take advantage of an end user’s personal information to launch a more personalized phishing attack, which means getting them to unknowingly provide their credentials and could introduce additional risk to the organisation. To mitigate this risk, organisations can leverage strong identity and access management policies to protect access points, enhance security, and identify trends through identity analytics. So, if a phishing attack occurs, and a user is accessing sensitive data from a new location they’ve never been to, a smart technology solution can pick up an anomaly and flag the potential access breach. This could trigger action, such as a temporary lockout or an additional access certification process to further protect the organisation. • What’s the outcome of the data race? Like any race, there will be winners and losers. To win, individuals must protect themselves and their organisations from data misuse. Users must become more aware of the access and information they are sharing with the services and applications they are using. Those considered winners in the data race will be those that carefully research and consider handing over any personal information and decide if the benefits are agreeable enough to exchange for personal data.
Organisations must take the necessary steps to review data practices and access points, including performing an access certification campaign to determine who in the organisation has access and evaluating whether they need access to potentially lower the risk pool. Organisations should also evaluate security solutions in conjunction with analytics solutions to meaningfully leverage the benefits of data collection while identifying risks in real time to trigger more immediate actions that benefit overall security. Taking these steps will arm organisations with the necessary tools and practices to be on the winning end of the data race.
It is very clear that software has made the world dependent and enterprises hungry. The software needs to have new data combined with new technologies to continue adding value that would help an organisation in its growth. Now is the time that one should start looking internally to identify their unique perspective and the valuable, alternative data that could be produced. These are the steps that will help discover related insights to keep an organisation competitive.
(The author is the Country Director at Micro Focus India)

Source: financialexpress.com