Tag Archives: Data

Gardner Systems – Data Governance Challenge

Effective data governance is always challenging for any organisation. From people, processes and technology, these are some of the key building blocks, to ensure compliance with managing data. However data governance, also brings several challenges, which I discovered at last month’s event organised by Gardner Systems.

Held at the headquarters of the Liverpool City Region Combined Authority (LCRCA) at Mann Island, this event featured two speakers in Stefanie Jacobs from Microsoft and Jennifer Platts from St Helens Council. Both gave a useful angle on data governance and of its importance in IT management policy, which is very relevant to complying with GDPR legislation, as this legally affects how businesses can store, use and manage data.

Both speakers explained how technology is a facilitator for data governance. With companies moving to cloud-based services, combined with the increasing growth and popularity of agile working, it is crucial to have the right infrastructure platform and governance processes in place. This is so people only have access to what they need, and to reduce the risk of sensitive data leakages, meaning that data governance is more important than ever.

So how can we meet the challenges posed by data governance? Like everything with implementing business changes there is no silver bullet, as technology itself will not solely make organisations compliant. Successful data governance requires careful planning and consideration of business culture, environment, processes, technologies, people and related legislation involved. In simple terms, meeting the challenges posed by data governance requires complex solutions derived from all the above, that are detailed and meticulously specified to meet individual needs of businesses.

There was plenty that I learned about meeting these challenges posed by data governance, which are distilled in the points below.

  1. Trust needs to be earned.
  2. It is challenging to manage data.
  3. Everybody has a different interpretation on data governance.
  4. Data must always be treated with respect.
  5. You need to have the leadership, buy-in support, skills and experience.
  6. Make it as simple and seamless as possible.
  7. You need to know, protect and govern your data.
  8. Remember to educate and train your users.

In summary, I have gained a clearer understanding about what stops people from successfully governing data. This includes understanding governance and importance of data, along with identifying if the required skills and experience are available to deliver governance. To overcome these challenges, a structured approach is needed to understand where the business is, where the data is, what is the classification, who owns it, what is the fix, and how it needs to be governed.

To conclude, I would like to thank Stefanie and Jennifer. My thanks also go to Frank Coward, Paul Stringfellow, Jason Fitzgerald and Jane Hanna from Gardner Systems, along with Ian Hawkins from the LCRCA for all coming together to organise the event. It certainly was useful and educational for me to learn and appreciate the importance of effective data governance.

Professional Liverpool – Unstoppable Disruption

The ever-changing technological landscape is transforming how businesses and professional services operate. From the days of filing cabinets, businesses have transformed with Internet, mobile and cloud technologies, bringing about an irreversible wave of change. As a result of this unstoppable disruption, the challenges are for businesses to adapt, and to equip the future workforce with the skills needed today, to thrive and survive in this brave new world.

Last month, I was delighted to attend an event organised by Professional Liverpool’s Creative, Digital & Technology Group. Held at the academic surroundings of the Liverpool Medical Institute, this event discussed how technology is changing how businesses and professional services operate. Chaired by Paul Furlong of Opus Media, this event featured three different speakers, including Mike Batters from NETprotocol, Jonathan Ford from Jonathan Ford & Co, and Roland Emmans from HSBC, who each gave their own unique perspective on how businesses are adapting to the changing digital environment.

Working in IT, I am keen to learn about new technologies, and to educate and remind myself continuously of the importance of adapting to change in my industry. What also interests me is how businesses, society and people can learn and adapt to the ever-changing technological landscape, and I saw this event as the ideal opportunity to gain an understanding, of the related challenges to be overcome. Suffice to say the quality of the speakers and what new insights I learned, exceeded my expectations.

Overall there was so much that I learned from Mike, Jonathan and Roland. Indeed, I learned that technology today, means offices have downsized and employees can work agile from any device using the Internet and cloud technologies, meaning businesses are more flexible, which helps to reduce costs. I was also able to understand that data can be processed faster, and can be accessed from multiple managed devices. Therefore, by using technologies such as 5G Internet, Cloud Computing, Big Data and the Internet of Things, this unstoppable disruption brings new possibilities.

Whilst technology brings these opportunities for businesses, it also brings several concerns and considerations to be addressed. These relate to security and adapting technology to meet the needs of businesses, employees and clients, which include the following examples below:

  1. Businesses still need to hit performance and productivity targets.
  2. Data is the new oil, meaning skills such as data analysis will be important!
  3. There is no one-size fits all solution.
  4. Important to have user security awareness, education and reminders.
  5. Businesses will still need to manage infrastructure, activity and security on a global scale.
  6. IT and personal skills need to be stronger than ever, meaning businesses will need to consistently train their employees, so they have the skills required for the future.
  7. Changing technology is easy, but most fail due to not keeping business processes updated.
  8. People will still need to be supported to handle these new technologies.

These have all given me plenty to think about how technology has changed how businesses and organisations operate today. This is because businesses and employees need to evolve, by learning and reinventing themselves, in order to meet the demands of the future. As industries constantly change and utilise new technologies, including Cloud Computing, Big Data, Artificial Intelligence and Machine Learning, these all bring both opportunities and challenges to be considered and addressed in equal measure. What this means in simple terms, is that new skills will need to be learned and developed.

Overall, I was extremely satisfied with the event, the networking opportunities, and the content delivered by the speakers. I was impressed with their technical knowledge, experiences, and importantly their ability to put their individual points across with clarity and understanding. Therefore, I went away having gained a significant and brief glimpse into how technology is changing our society, meaning it is crucial to learn continuously and adjust, or risk falling behind the competition. For all businesses, professional services and organisations, failure to adapt to technological and industry changes is simply not an option they can afford to take!

To conclude, I would like to thank Mike, Jonathan and Roland for their contributions. My thanks also go to Alex Clark, Rory Caine and Ciara Hutchison at Professional Liverpool, for organising an interesting and knowledgeable event, and in my opinion a very important one, of which I shall leave you with these important words.

The jobs of the future are here today!

GDPR – Are You Ready?

Is your business ready to meet the new GDPR (General Data Protection Regulation) framework?

As GDPR is a legal compliance framework, which will be enforced from Friday 25th May, this brings many important changes related to data protection. These relate to how businesses and public sector organisations in the UK and worldwide, need to ensure they are legally compliant with all requirements. The framework also provides a clear definition of the consequences of falling short of GDPR. You can find more information on GDPR and how it affects your business here.

How can you make your business ready for GDPR?

The starting point is to audit, identify and understand the data you hold, along with how it is used, processed and protected. In order to achieve this, ask yourself the following questions below:

  1. What personally identifiable data is held by your business?
  2. How does your business use the data held?
  3. What policies (legal, technical, procedural) do you have in place to protect data?
  4. Have you identified and assessed the privacy risks posed?
  5. Have you incorporated privacy into your business processes to minimise risks?
  6. What have you done to raise awareness of GDPR amongst your employees and clients?
  7. Have you put into place any accountability and governance measures?
  8. Have you nominated a DPO (Data Protection Officer) to oversee GDPR compliance?

From the questions above, you can start to understand and document how your data is used, stored and protected. This will assist you in developing a tailored approach for your business to meet the requirements of GDPR. In addition, this will also assist in identifying and addressing any potential compliance issues, as well as delivering best practice.

I cannot state how important it is for businesses to ensure they are compliant with the GDPR framework. With cyber and data security under the conscious spotlight today and in the future, data breaches carry significant penalties under GDPR, including up to 4% of a business’s total revenue. For businesses of all sizes, the cost of a data breach under GDPR has the potential to be significantly crippling, both from a financial and branding perspective. Therefore it is vital that your business is GDPR compliance, before it is too late.

There is plenty of information and help available out there, so there are no excuses, to not be ready for GDPR.

Time is running out fast, so be prepared!

More information is available by clicking on the links below:

https://ico.org.uk/for-organisations/resources-and-support/data-protection-self-assessment/getting-ready-for-the-gdpr/

https://www.eugdpr.org

https://www.csoonline.com/article/3202771/data-protection/general-data-protection-regulation-gdpr-requirements-deadlines-and-facts.html

http://www.itpro.co.uk/it-legislation/27814/what-is-gdpr-everything-you-need-to-know

GDPR – How will it affect businesses?

Data is essential to the daily and future workings of an organisation. With commercially sensitive information held and stored electronically and physically, the loss and theft of stored data carries serious consequences. These include reputational, financial and legal damage, meaning there are significant pressures for all organisations and businesses, to ensure all necessary steps to secure the privacy of data are taken.

Next year, an important new data protection legislation called EU General Data Protection Regulation (GDPR) will be enforced. GDPR is a uniformed regulatory framework that will be coming into force across the EU and beyond, to define and bring together multiple requirements for securing data, under a single and clearer legislation.

Some important facts related to GDPR are listed below:

  1. The legislation comes into force on 25th May 2018 and replaces the Data Protection Directive (Directive 95/46/EC).
  2. GDPR will still apply to the UK even after Brexit, meaning that there will be no opting out!
  3. In the UK, the legislation will supersede the Data Protection Act 1998.
  4. GDPR is a legal compliance issue. Therefore the role of IT is to help and assist organisations, with ensuring they are legally compliant.
  5. Applies to all organisations, business and service providers regardless of geographical location.
  6. The data that is protected under GDPR are any forms of personally identifiable information held, related to EU citizens. This includes names, addresses, medical details, contact numbers and more.
  7. Includes all data held electronically, on paper and in other formats.

As a legal framework, the scope of GDPR is an incredibly large web of complexity. For organisations and businesses, the legislation brings many changes, which will affect how personal data is stored and used. This is through strict new legal requirements, which relate to how they can collect, record, store and process data, in addition to defining what needs to be done to ensure compliance.

These requirements include:

  1. Privacy by design, by reducing data collection and retention, in addition to requiring explicit permission to capture data.
  2. Before processing personal data, organisations must analyse and determine privacy risks through Data Protection Impact Assessments (DPIA).
  3. An individual has the right for their data to be deleted, as part of their right to be forgotten.
  4. GDPR applies worldwide to anyone who holds personal data on an EU citizen.
  5. In the UK, any data breach must be notified to the Information Commissioner’s Office (ICO) within 72 hours.
  6. Infringements of GDPR carry penalties, including fines of up to 4% of an organisation’s total revenue.

In this digital age where political issues such as Brexit have created uncertainty, it is more important than ever, that personal data is stored securely and processed legally. Organisations must take all appropriate steps and measures, to ensure their systems and processes are GDPR compliant. In addition, they will also need to thoroughly check that any business partners and suppliers are also compliant.

To summarise, GDPR is an all-encompassing piece of complex legislation that will transform how personal data can be legally used and processed. Technology will play a major part in assisting all organisational areas are working together to achieve legal compliance, by ensuring GDPR requirements are closely adhered to. Therefore organisations and businesses of all sizes must be aware of the requirements of GDPR, as infringements can damage their brand, both financially and from a reputational perspective.

More information on GDPR is available below:

http://www.itpro.co.uk/it-legislation/27814/what-is-gdpr-everything-you-need-to-know-4

http://www.eugdpr.org/gdpr-faqs.html

https://www.varonis.com/learn/what-is-eu-gdpr/

https://techstringy.wordpress.com/2017/04/19/what-ive-learned-about-gdpr/

How to Really Protect Your Valuable Data Event – Thursday 19th March

Last month, I attended a special breakfast event on Data Security, organised by Gardner Systems plc. Held at Partnership for Learning in Speke, the event included talks from data security and counter-terrorism specialists. Working in IT, I am constantly aware of the importance of keeping data secure. In addition to networking with other IT professionals, I wanted to educate and broaden my knowledge and understand of data security.

Technology has changed how organisations operate. From bricks and mortar to the digital age, technology has brought many advantages. However the disadvantage is the vulnerability of an organisation’s data, to potential misuse and cyber attacks has increased substantially. The event gave me a useful and disturbing insight into how there is a general lack of knowledge and failure, to grasp the size and nature of cyber attacks that can occur both internally and externally. In addition, there were some other interesting points that interested me, which included:

  1. 80% of data stored by organisations is unstructured data (data not contained in databases).
  2. Most security vulnerabilities are found in third-party applications.
  3. Portable devices or end points (laptops, smart phones) hold 28% of organisational data.
  4. Human factors need to be taken into consideration in data security.
  5. CEOs’ are now being held more accountable for data losses in their organisations.
  6. Cyber attacks are regarded as a Tier-1 threat to National Security by GCHQ. This is the highest level of alert!
  7. Different cyber attacks range from espionage from other countries to commercial competitors.
  8. Cyber attacks are real and present a clear and present danger to UK plc!
  9. The UK Government has a website providing advice on cyber security, which can be found here.

Securing data is a complex puzzle requiring a multi-layered approach. This requires a complex solution of products, procedures, human awareness and clearly defined written policies. In addition, solutions must be specifically tailored and integrated effectively, to address the security needs of customers, whilst balancing usability. Tailoring is important, as organisations will have different security requirements, depending on different factors such as IT infrastructure setup, organisational structure, environment and geography.

I really enjoyed the event, as it was not only informative, but also fascinating to be given an insight into data security. This is not only important to protect an organisation’s reputation and brand, but also the national infrastructure, and the threats posed by cyber attacks must not be taken lightly!

I would like to thank Gardner Systems plc for organising the event, and to the speakers who contributed. You can find more information on what tailored IT solutions Gardner Systems can provide your business here.

What is Big Data?

Big Data is a term widely used to describe datasets large in size, scale and complexity. These make them difficult to process, analyse, store, search and capture. These challenges are compounded by the fact, that these datasets grow consistently due to the sheer volumes of data gathered through multiple technology channels e.g. Internet searches, smart phones, RFID (Radio Frequency Identification) tags and camera devices.

We have always generated data on ourselves. This applies from shopping on Amazon, to providing HMRC with our personal details for filling in tax returns. Like footprints in the snow, we have always left a trail of data behind us, through our personal actions. From paper trails from form filling, to posting tweets on Twitter, the growth of technology and the Internet has seen a rise in Big Data gathered.

So with Big Data, 70% of it has been created by individuals. Therefore we have always given up our data through human behavior, and not through CPU power. In addition, the use of big data can make companies more productive through better decision making through accuracy of data analytics and improved marketing.

Big Data also has its disadvantages. For example, 247 billion e-mails are sent each day, and 80% received is spam. It can also be invasive, as privacy and confidentiality is being eroded, which affects people, corporations, and governments will have greater difficulties concealing their secrets. Therefore the digital trails of the Big Data we generate consistently, will allow profiles to be created of ourselves using the data generated that we provide.