This week, I will be participating in a panel at the Corporate Counsel Forum 2018 to discuss how to transform the data privacy agenda into a trust-based agenda. My esteemed fellow speakers include representatives of Microsoft and Google, two of the largest players in the big data market. The audience will consist mainly of General Counsel representing organisations who are similarly frustrated by issues pertaining to ease of access with regard to their data. Data privacy is merely one more example of the issues exasperating effective data use.
Most organisations understand the significance of data and information. Namely, that there is a great deal of intelligence that can be derived from it, if accessed in the right way. However, the data landscape is perceived as a big beast due to growing complexities around information management and governance. Common problems include the integration of entire IT platforms resulting from mergers and acquisitions, the ever-present risk of cyber-attacks, the enormity of legacy data (and the privacy data challenges within), and management of unstructured data. Thus, data can often be regarded as an insurmountable source of problems rather than a solution. As a result, data and information management often happens in an underfunded and siloed way.
The above situation makes meeting legal and regulatory obligations and reporting extremely cumbersome. Additionally, there is often a lack of clarity when identifying the correct information, and the risk that crucial information may have been missed. As a result, in order to address the risk of missing information that is important, there are often swathes of data containing false positives. Resolving this issue takes its toll by necessitating the use of additional resources at cost.
Problems around identification and production are also evident in the context of mergers and acquisitions. To give an example, one GC of a financial services company explained that the execution of a large merger and acquisition programme resulted in what they described as a ‘banana skin’. During the due diligence of the M&A process, certain data was not uncovered and this ultimately created a risk to the business and the need for another collection and production effort that was neither planned nor budgeted for.
Access to this data matters because data has become extremely valuable. The reality is that whatever the day-to-day business process, data and information are the ‘glue’, the connector of people and processes, the key to customer experience and to improvement.
As with anything of great value, there is a responsibility to protect it as an asset. As made evident in the media (see the article in The Guardian relating to the recent Cambridge Analytica scandal as an example), there are increasingly sophisticated attacks to steal data, which can result in grave financial consequences.
The convergence of trading and risk management measures is impacting all areas of business and legacy IT systems simply cannot adapt. Corporates now have the opportunity to clean up years of merger and acquisition and accumulated system layers so they can position themselves to compete effectively in the ‘new normal.’
So now that you understand the beauty and the beast of corporate data, what is the ‘new normal’ and how can modernising the way in which corporate data is managed create a sustainable step-change in a company’s long-term performance?
Time to overcome the beast
The General Data Protection Regulation (GDPR) is a recent example of ongoing regulatory change and has proved to be a timely catalyst for driving data modernisation programmes and finally tackling the beast. Successful outcomes aimed at GDPR compliance include legacy data remediation, defensible data deletion programmes, and transitions to a single platform (such as Office 365) to help clients bring the beauty of compliance policies to life through operational, day-to-day, repeatable best practices.
Some projects can be complex and protracted, others can be a quick win for the business. All projects involve data! For example, a company needed to index and create a repository for 240TB of old Lotus Notes data. This enabled a faster response to litigation and the retirement of outdated infrastructure. Similarly, a need to analyse approximately 1PB of file share and SharePoint data to identify sensitive information and remediate it helped another company comply with GDPR.
The need to transform disparate data sets into a golden source of information is disruptive enough; the need to do so in a business that has to run at peak performance can become extremely daunting. It can and is being done, though. Increasingly, corporates understand that a single-platform approach enables their businesses to deliver their solutions and products in a way that best suits the business – whether an enterprise-wide or a modular best of breed solution. For example, a leading financial services CIO reported that after they moved to the Cloud, their financial modelling costs were reduced from £100,000 per month to £10,000 per month based on the fact that their data sources were now in one central, secure location. This is the beauty of having your data and information in the right place, and having it accessible at the right time.
I am excited to learn more at the Corporate Counsel forum and will be interested to report back findings in a further update. Stay tuned!
If you have additional questions or comments, please feel free to reach out to me at LBurton@lighthouseglobal.com.