A blueprint for more efficient data management

The mystery of data, which has plagued so many organisations for so long, is on the brink of being solved, and we have regulation to thank for clearing up all those loose ends that had made the mystery almost unsolvable. You can explore this further in a recent DXC blog, ‘GDPR and Banking’. GDPR isn’t an imposition, it’s an opportunity.

A very famous quote exists in the world of advertising: “Half the money I spend on advertising is wasted; the trouble is, I don’t know which half.” Today, that’s not a justifiable gripe. Consumer responses to most forms of advertising can be instantaneously captured and analysed, thanks to digital technology. The strange contradiction is that technology can now be said to account for a variation on the mystery of advertising spend. It’s the mystery of the data black hole.

Organisations have collected vast amounts of data because they could. Many, or perhaps even most, do not have a very locked-down understanding of where all the data is, what it is, and what it means. It could be said by many businesses;

How did it come to this; that major organisations now have vast banks of data accompanied often by less than vast capabilities in controlling it? It all seemed to happen so fast. Now many banks have the task ahead of them of fundamentally changing their approach to data and becoming masters of all they survey; while demonstrating such control to the regulators.

This is where the opportunity lies, in treating the regulation as a blueprint for more efficient data management. The better it’s managed, the more valuable it will be in enabling banks to get to know their customers better, and deliver services that correspond far more closely with individual customer’s needs; i.e., those of greatest significance, urgency, and efficacy, depending on a customer’s lifestyle stage.

With GDPR coming into force, organisations will no longer be able to retain superfluous data. As it gets cleaned up, to ensure compliance, so it will become easier to find. Organisations will be able to access the right data faster; an essential ingredient in creating an agile business .

Three factors in the data problem

Three other factors contributed to what was at the time deemed strategically appropriate (information is king) but now presents a challenge for banks moving forward:

  • The cost of storage tumbled: “For hard drive prices, the race to zero is over: nobody won. For the past 35+ years or so, hard drive prices have dropped from around $500,000 per gigabyte in 1981 to less than $0.03 per gigabyte today”.
  • Regulation ‘lite’ prevailed: Regulation was somewhere between light and non-existent regarding data retention. If organisations were not compelled to delete the data, where was the harm in keeping it? Organisations began storing more because it was cheap to do so and if there was no penalty for holding onto it, then why not hold onto it?

Tiny USB Flash Drives could commonly hold up to 64GB/ 128GB and now up to 2TB:

Storage tech has (now) advanced to the point that solid state drives (SSD) can be shoved into tiny packages, and portable conventional hard drives can easily cram three terabytes of data or more into a casing the size of a wallet. But there’s still a niche for the good old USB flash drive…”

  • ‘Unstructured’ data was invented: With the affordability of storage came the realisation that data of any description could be stored, including all records on interactions that we may previously have regarded as non-data-esque; including emails, voice, trading floor CCTV recordings, IM, chat, collaboration tools, word documents and letters.

Much of this information can be invaluable in creating audit trails, particularly when litigation arises, but it’s only now that many organisations are catching up on the essential management that needs to go along with it.

‘Fix Forward’

The concept of Personally Identifiable Information (PII) is widely current in the US, less so in the UK, yet a fundamental tenet of GDPR practices. It represents the minimum data that businesses will be allowed to carry without consent. It is the information mostly referred to in the ‘right to be forgotten; and drives the need for easy extraction of data, and diligence in control and management.

Many businesses don’t know where the PII that they hold actually is. They know where it should be but would have difficulties if called upon to produce it reliably and accurately with the reassurance that it is not held in several places simultaneously (the likely legacy of siloed departmental databases, outcomes from M&A activity when disparate systems are maintained post-deal, and storage practices). Most likely it resides in backups, Sharepoints, and even development databases.

One of DXC’s customers referred to the task now facing many organisations as “Fix Forward”. I think that phase perfectly sums up the optimum strategy that companies should consider valuating on the eve of GDPR. It reflects the GDPR stance on Privacy by Design:

“At its core, privacy by design calls for the inclusion of data protection from the onset of the designing of systems, rather than an addition. More specifically:

New rules necessitate new tools

Organisations will be expected to demonstrate that their best efforts to comply are underway, when GDPR takes effect in May. ‘Fixing Forward’ is about just that; making sure that no actions will be undertaken that could confound existing poor practices, while getting to grips with understanding the extent of the data issue and how to initially contain it and eventually use it as a platform for business growth characterised by data integrity and focussed data management.

I’d suggest there are three steps in this process of fixing forward:

  • Admit that you have a problem; before the regulators discover that you do (non-complaint PII held in the system, for example)
  • Identify the nature and location of the problem; no control, limited visibility, lines of business practices, back office procedures
  • Implement data discovery; see what you have that you didn’t know you had

Automation, AI and machine learning will accelerate the essential ‘clean-up’ process. Further, such tools will support innovation going forward; the ability to access the data faster and make sense of it to drive better business decisions, targeted new services, and better individual customer experiences. You can explore DXC’s Analytics Platform here.