As cloud solutions are rapidly evolving to cater to the changing needs of both, companies and consumers, data must be seen as both- an asset and a liability. Mark Ferlatte, CTO of Truss, a firm that builds software and infrastructure to help companies scale and modernize digital services, tells us why companies must incorporate critical cloud data management best practices, to protect their customers and reputations today and in the future.
Data management is quickly evolving. Companies are more aware than ever before of what’s stored on their cloud, how it can be accessed, and by whom. The more data stored, the more protection it needs and the more valuable it becomes to outside entities, who will want to access it for their own goals.
To adapt, some businesses are taking steps to reign in the data they keep to protect themselves from organizations both legitimate and illegitimate who may use this information in negative ways. However, many companies have not yet made these changes. Now is the time to take these crucial steps to limit data access and storage; data that you don’t store can’t become a target. The best solution is to shift away from thinking of data purely as an asset to thinking of data also as a liability.
Learn More: 3 Questions to Drive Better Data GovernanceOpens a new window
1. Recognize What Type of Data You Have
First, cloud platforms must discern whether they store data for users or about users. Each presents distinct challenges. For example, if a company is storing data for users, like Dropbox, iCloud, and Google Drive, it must take every possible precaution to make sure that the information remains protected and secure, that nothing is lost, and that it is only accessed with the permission of the owner of the data.
Storing data about users has a different set of rules. Companies in advertising technology and healthcare fit this box, as do most government websites, apps, and platforms. When storing data about users, the cloud platform should ensure that only the right people can see certain personal data at any given time. These companies also need solid plans regarding the aggregation and discarding of data sets over time.Â
To combat this, many companies are rethinking their data cloud strategy. The old school of thought — keep everything no matter the cost and mine it for value — is being replaced by the mindset that data is a liability and as little as possible should be kept. From a budget standpoint, this helps to save money because cloud platformsOpens a new window charge for every byte stored and every byte transferred. This approach can also be used as a marketing advantageOpens a new window , addressing themes of privacy, faster user experience, and more. If companies do not keep all of their data, they cannot be forced to use it against their customers by government entities, including law enforcement.
Learn More: Guide to Supporting Remote Employees With a Data Catalog in Coronavirus EraOpens a new window
2. Design with One Eye on the Future
To preempt anyone who may want to use a company’s cloud data for nefarious purposes, developers and engineers must predict who outside the organization may want access to the data. Then they can figure out how to prevent said data from being useful to those actors, including hackers, grifters, foreign entities, and law enforcement. Law enforcement can and often do ask, demand, or subpoena for data from resistant companies. Companies are then stuck in a tough situation: whether to help law enforcement or protect the privacy of their customers.
So how should companies create a cloud system that obtains enough data to be useful for their purposes, but also avoids being used against their own customers? First, developers can encrypt data so that no matter who’s looking for it, it cannot be accessed except by the user themselves. Security analystsOpens a new window can also be employed to account for potential unintended uses of client information so privacy issues can be identified. If their research indicates a platform can be used for purposes beyond its intended design, extra protection must be developed.
Perhaps most importantly, companies with large amounts of cloud data cannot wait for government intervention on their behalf to provide them with safe harbor. Many politicians simply do not understand technology enough to enact meaningful and timely changes, so businesses must make proactive changes on their own.
Learn More: Prioritizing Data Quality Execution in Metadata Management InitiativesOpens a new window
3. Predict the Action of Outside Entities
Many companies already recognize the importance of their cloud data and are working on ways to address its troublesome use by outside organizations. More valuable data is being generated than ever before — especially personal data — and companies must ensure that this data doesn’t go into the wrong hands. Often, this means giving customers more power to control their own data. This includes data sharing disclosures, increasing traceability, and allowing users to turn on and off certain features depending on what data is being gathered and where it’s being shared.
This is especially important today. Law enforcement can use corporate data to track individual people, the movements of groups of people, and more. Previously, law enforcement could only obtain limited information about people or groups of people based on what they gathered through their own surveillance. Now they can demand information gathered by companies like Amazon, Apple, and Google. This also includes obtaining data from popular doorbell cameras, such as Ring. While these products are ostensibly used to track who steals packages from front porches, they are also being increasingly used to gather data for law enforcement. This includes non-traceable, non-legislated facial tracking info taken from individuals whose faces were captured on these doorbells cameras.
Police departments rationalize that they may need this facial data later, even when it is not legal. Much of this is already being done without any meaningful government oversight. Now extend the doorbell camera example to street cameras, drones flying above protests, police car cameras, and airport security (including facial recognition on passports), and it becomes a massive breach of privacy with little to no oversight. While some of these systems make life easier, the downsides can have terrible consequences.Â
Learn More: 3 Ways to Avoid Data Failures in the Time of CrisisOpens a new window
Conclusion
While cloud data can be a boon to companies looking to better serve their customers, it can just as easily be used for unintended circumstances that put those same customers at risk. Businesses must proactively adapt their cloud data systems to better protect user privacy from current and future problems. This may mean adopting a better protection approach or simply gathering less data, but it’s important companies take this action now.
Let us know your thoughts on the future of Hadoop on LinkedInOpens a new window , TwitterOpens a new window , or FacebookOpens a new window . We would love to hear from you!