Can we achieve faster insights without risking data security?

With data and analytics capabilities becoming more ubiquitous across every industry, advantage lies in how quickly you can deliver insights. We talk a lot about the need to build agile data pipelines and democratize data throughout the enterprise, but are these initiatives exposing our data to new and unseen risks?

Cybersecurity is a fast growing concern for both the public and private sector, as we know that motivated and well-funded criminals are honing their abilities to access and steal sensitive data. We now see cyber attacks and data breaches that run the gamut from simple phishing attacks through to the highly sophisticated ransomware attacks that are becoming more commonplace.

The effects of these security incidents are also becoming more devastating every year. According to research from IBM and Ponemon, the average cost of a data breach is $3.86 million as of 2020, and the average time to identify a breach is now 207 days. These estimates are on the lower end however, as the 147.9 million consumers affected by the Equifax breach in 2017 ended up costing the company over $4 billion in total. 

Large companies and organizations are also dealing with an increasingly complex landscape of data privacy and security regulations - at a local, national, and global level. In 2018, the EU implemented the General Data Protection Regulation (GDPR) to protect personal data and address privacy concerns about use of personal data. In similar landmark legislation in California, the California Consumer Privacy Act (CCPA) took effect in January 2020. 

Both of these regulations had wide reaching effects for any organization who conducted their business and overseas markets. They also have the potential to cause real problems for organizations who don’t comply, including hefty fines, convictions, and media announcements that cause irreparable reputational damage.

So, how should organizations be changing their approach to data governance to reflect this new environment? We would argue that there is no reason to shut off access to data to prevent the risk of a data breach. Instead, find opportunities to manage your data more intelligently by asking questions like:

• Do you need to be collecting and storing all personal and sensitive data? 
• Do you know where your most sensitive data resides and do you have the tools to identify it in your analytics platforms? 
• Do you have the ability to obfuscate data according to business rules
• Do your cyber security tools towards protect your most sensitive assets
• Do you have complete visibility over the users and access permissions for data and analytics tools?

Society at large has an entirely new attitude towards data security in a digital world and every organization needs to pay closer attention to their data governance strategy to avoid a legal, financial, and reputational disaster. When building analytics pipelines, it’s important to leverage user authentication and authorization through groups and role-based permissions. By using tools that offer comprehensive visibility over your analytics and user environment, you can ensure the right people in your organization are still able to access the real-time insights that drive decision-making, without opening up your data environment to new risks.

About the author:

As the CDO at Qlik, I walk in our clients’ shoes by making sure Qlik's data processes, management and tools are aligned. If you’d like to discuss how you can start democratizing data in your business with a modern data architecture using proper data governance processes and tools, please get in touch with me at [email protected].