Click to learn more about author Balaji Ganesan.
2020 was certainly a year of surprises, and perhaps the most acute lesson learned by businesses and consumers alike is that nothing is impossible. Looking within the lenses of Data Management, data security, and privacy, the same holds true. The internet is awash with data that is stolen or otherwise accidentally shared by unknowing consumers and enterprises. And for those with the means and motivation, all that data can be used to bias public opinion, impact government decisions, and become a windfall for criminals specializing in fraud and identity theft.
The impact of having the wrong data in the wrong hands is an everyday occurrence for corporations, governments, and citizens around the world. As a result, all parties now understand the negative consequences that can occur when there is neither a formal process nor overall regard for both data sharing and data privacy. In 2021, regulatory legislation around the world will move toward increased control of personally identifiable information (PII) data to safeguard consumer privacy. Countries are following the lead of the EU with GDPR, as seen with the recent regulations for CCPA in California and LGPD in Brazil. Each regulation is helping to drive renewed and increased attention on internal Data Governance and compliance projects.
How the Pandemic Accelerated Data Governance and Compliance
Digital transformation projects, which under normal situations took multiple years to complete, have moved forward at breakneck speed thanks to COVID-19 and the need for individuals to work remotely. However, with such a large number of people working from home, all types of data are being transmitted and shared outside the physical boundaries of the organization. This creates privacy and security vulnerabilities that are a boon to bad actors looking to steal PII.
The need to properly enable these off-site employees and complete digital transformation efforts already underway has spurred many businesses to move even more data to the cloud, as they look to support this new way of life and to create new opportunities for optimization, advancement, and competitive advantage. However, to maximize all of these efforts, enterprises will be forced to accelerate Data Governance and compliance projects in the coming year.
Data Security and Governance Finally Become Part of Mission-Critical Business Processes
Having learned the hard way in 2020 from companies like Twitter, MGM, Marriott, Magellan Health, and Zoom – all of whom lost customer information to cybercriminals – organizations now understand the need for data access and compliance. As a result, stand-alone data security and governance tools will become part of existing business processes next year. Until recently, security was often the last requirement to be considered, and often retrofitted into existing processes and technology after the primary business requirements had been discussed and implemented. In today’s digitally charged information warfare environment, there is a broader awareness of the higher risks of data privacy and security that must be considered with every digital transformation. In fact, even the most technologically astute enterprises have learned some bitter lessons in regulatory fines, loss of customer trust, and crisis communications due to this oversight.
To combat this in the coming year, security, privacy, and governance will become programmatically embedded early on in business processes. For example, data analytics projects utilizing cloud services will be scrutinized for data security risks before becoming a corporate approved resource. And every mission-critical business process will have security as a requirement before implementation.
At the same time, governments around the globe are shifting into gear to enact data privacy regulations that carry real consequences and financial impacts if data is breached or exposed. This legal imperative will galvanize support from business leaders across the enterprise in support of Data Governance initiatives that span the entire organization.
To meet the demands of Data Governance initiatives, IT and data teams will need to join forces to traverse the tightrope of digital transformation and data security to protect the privacy of all enterprise and customer data involved in new and existing business processes. A clear understanding of what level of data access control must be adhered to for different business units – organization, object l, field, and/or record level – is required for each type of digital transformation effort before it begins. There is no room for error in a digitally powered world for gaps in digital data security.
Citizens and governments around the world are becoming increasingly aware of data breaches and mishandlings. They expect, and even demand, that organizations seek measures to curb misuse of data and enact privacy and compliance regulations for data protection and security. In 2021, proactive planning for data privacy and security will no longer be an option, as organizations around the globe look to integrate governance and privacy into all data and IT projects across the organization in order to meet business requirements for remote work, digital transformation, and legal compliance.