data is one of any company’s most valuable assets — but it’s probably the one we understand the least. We have codes and inspections for physical infrastructure, we have satisfaction surveys for employees, we even have up-time monitors and stability tests for websites. But are we doing everything we can to understand the degree to which our data is exposed to risk?
There’s more to security than protecting yourself from hackers. On one end of the spectrum, you have those big exposures to governmental regulations and security breaches that can shake an entire organization. But even small things — like a little bit of bad data entering the system — can cause a trickledown effect that affects every department.
We could all be doing a better job of assessing (and mitigating) risk to our data. The key is to start small: Just make sure that you have the right data in the right place. Then you want to make sure that the right people have access to the data and the wrong people don’t have access to the data. Once you have that covered, and you’ve defined processes for keeping your data clean and standardized, then you can start focusing on making that a daily practice. All it takes is the right combination of people, processes, and technology.
When most people think about the risks associated with data, they immediately recall the headline-grabbing data breaches that seem to flood our newsfeeds with alarming regularity. But it doesn’t take an epic leak affecting millions of users to have serious consequences for most companies. Even a handful of exposed records could have serious legal, financial, and reputational repercussions. Fines for GDPR violations alone can run in the millions of dollars, to say nothing of the incalculable cost of losing consumer trust in an increasingly connected and competitive marketplace.
How do these breaches happen? It can be something as simple as the right data in the wrong place. So much of our conversation about security centers around personally identifiable information (PII). If PII data isn’t identified or isn’t in the right field — for example, payment information erroneously mapped to an unprotected field and viewed by unauthorized individuals — you could be at risk of exposing some very sensitive information.
But external risks aren’t the only dangers we should be worried about. A few years ago, IBM famously calculated that bad data costs US businesses over $3 trillion per year. This is death by a thousand cuts, parceled out in seconds, minutes, and hours lost to manual data correction, re-running suspect reports, and pursuing strategies and programs that were originally scoped based on data that was later revealed to be faulty. Of course, the volumes of data we must deal with has grown by over 400% since IBM released that study — and it’s only growing. So how much could we be losing today? And how much do we stand to lose over the coming years?
Taking all these dangers together, one thing is clear: no company can afford to expose its data to risk.
When it comes to your data, there is no single magic bullet that can protect you from every scenario. But you can improve your overall data health by taking a closer look at the three aspects of data risk: sources, security, and compliance.
Understanding both the quality of individual sources and the quality of your data mapping is key to assessing your risk. When we talk about data sources, we have to consider not only where data comes from, but how it enters our systems.
For example, it’s probably safe to assume that the lead list you purchased from a vendor isn’t as accurate or up-to-date as the list of leads you captured from a recent, targeted, double-opt-in campaign.
