Employees need to access data to do their jobs. But as data governance professionals, it’s our job to protect it. Therefore, we must perform a fine balancing act to weigh robust data protection against the productivity of workers who need the data to maintain business-as-usual working processes.
Data grows exponentially, and most organisations will admit that they simply don’t know what data they have, where it is, and the controls that exist around it. This creates 2 challenges:
As a European investor and alternative asset manager, here at Arrow Global we take care of £50bn of assets and own a data estate exceeding 160TB. How we manage our data to protect and power our organisation is key to our success. We understand the difficulties involved in opening up environments to allow people to work productively, while at the same time locking them down to protect our organisation.
When it comes to analytics, I believe that Arrow is highly proficient because we employ a talented team of data scientists. But even for us, the sheer volume of raw and processed data, that resides in both our structured systems and unstructured data repositories, has the potential to put our business at risk.
We know there’s always more that can be done to strengthen our security posture and ensure regulatory and contractual compliance, while at the same time using our data to drive the business forward.
For many organisations, data protection has centred on demonstrating compliance with the GDPR. At Arrow, our efforts have gone one step further to include our contractual exposure.
Being a more mature data organisation, we had previously tried to develop an application in-house to manage our data estate and our data governance challenges. However, with 160TB across the company in production data alone, we simply couldn’t achieve the scale we needed to handle the sheer volume of data. Of course, the volume is just the start – once you know what data you have, you then need to be able to categorise the data and put it into a structure, so the business can analyse it for a specific use case.
We knew we needed to go to market to find an industrial-strength data discovery product to replace our in-house application. By aligning our choice of product to our overall IT and change strategy, meant that ultimately, we ended up with a far better outcome than we’d anticipated.
Data touches every part of an organisation, so when it came to building a business case for buying-in a data discovery software platform, we approached it in a way that would speak to different people at the same time. We did this by posing the question:
These are the black and white tests of information governance – to recognise the importance of data to protect and power the organisation. They’re applied in a way that enables us to commoditise data and use it to drive the business forward, by forcing us to consider how we would use the data – for example, creating value-based pricing for our clients.
In aligning the business case to initiatives that were already priorities within the boardroom, we knew that we’d gain the attention of the senior leadership team and it would be easier to get the buy-in and budget we needed. And in the end, everyone wins – we get what we need to protect the data, and the business gets to distil the data’s value to better meet our customers’ expectations.
For us, things got really exciting once we were able to see all of our data at scale. We chose Exonar because it allowed us to discover our data in ways that other products couldn’t. And the interface between the user and Exonar meant that everyone – both technical and non-technical users – could understand the technology and the findings it revealed.
When we saw exactly what data was in the estate, where it was and who had access to it, data security became much easier and the risk of data being compromised was dramatically reduced. We can see exactly where the vulnerabilities are and restructure how our data is stored to strengthen security. Then over time, we can use search, workflow and analysis to optimise the infrastructure and continually identify new areas to improve.
From a wider-business perspective, once people can see the data, they can start asking “What if…” to query it and distil its value. But it’s more than just the data itself. It’s not uncommon for data relating to the same thing to exist in unconnected systems across the business. For example, customer interactions and incidents or events.
Exonar is capable of joining the dots in disparate data sets. By stitching these data sets together, we can get a better overall view of our customers and use the outcomes to think of new, different or better ways of serving them through enhancing or adapting our offerings.
Why other financial services businesses should also take a smarter approach to data