Protecting yourself from within… think data assurance

by Andy Crossley

The recent cyber attacks have got everyone talking about how to better protect themselves in terms of Windows updates, better software, stronger passwords, etc.

You will only get so far with that approach. However, without the correct training, business processes and information governance, people will continue to be relatively blasé about data assurance. They will continue to leave the ‘digital front door’ open, and continue to make it easy for the modern ‘information’ burglar to wreak havoc.

Whilst the focus is on protecting yourself from the outside, it would be foolish to ignore the dangers of poor information assurance from within. Recent reports have estimated the cost of cyber-crime to be in the region of $1-2 billion (Forbes). Yet, the cost of poor data is reckoned to be around $3 trillion (Harvard Business Review). Imagine what that means for the decisions you’re making based on that data!

Data Assurance is not just the tech

But, this is much more about people, process and good governance, than the tech.

The modern management dashboard is now presented as a shiny ‘digital’ window on your business performance.

Flashing widgets, cool graphics, plug and play capability…it’s all there, out of the box, ‘as a service’. And they’re great, don’t get me wrong.

But, to what extent have you really considered the state of the data feeding it? Do you really trust your information? More importantly, can you prove it if asked by the regulator/investor/boss/customer (delete as appropriate!). This is what I mean by data assurance.

Do you know where the data resides? Is that safe? Is that information used in a consistent manner across the organisation? How many times have you realised you’re not really comparing ‘Total Sales’ with ‘Total Sales’ when you dig a little?

Don’t forget your “non-digital” data

And, this needs to include your ‘non-digital’ data and information. The unstructured stuff that exists in Word documents, without all the cool meta-data!

Much of this can be resolved through the application of good practices and making people aware of the importance of good quality data.

Using more traditional practices to help people (managers and staff alike!) understand how their data will be used through the organisation can really alter the value and power of your corporate information.

Also, being able to equip your decision makers with the capabilities to properly interpret and interrogate their dashboards adds a further layer of assurance.  Finally, check that the right decisions are being made by the right people, with the right (and correct) information.

So before you run off and build new layers of protection from the outside, ask yourself how protected you are from the inside? That is, from the risk of poorly structured, understood and managed information.

Unfortunately, doing both is the only way to build real protection and business value for the future.