Thinking...
When we think about GDPR and user data we can share the data to managed data with application, business logic and data base layers usually and then unmanaged data witch is more data in File servers or SharePoint or any document management data where the data is handled more like a concreate units like file with lots of words rather than smaller part of information as part of the larger information like address in CRM solution from one individual customer.
If we focus to unmanaged data we open or at least in my mind come millions of questions like governance, retention and archive policies, Meta Data, data format, data content, where to save and what data, what kind of storage architecture we have to support the type and value of the data, what kind of security policies we for data, do we classify data, do we protect data, do we have any kind of data lost prevention / protection mechanism in place, how do we recognize security breach (we don't) how do we detect and control if any security issues or un normal user behaviours in place, how do we backup and restore data, how do archive backups, how do we handle security logs if any, do we know how many dublicates we have, do we know how many movies or cat or dog pictures we hae in our system with x amount of copies, does our user know what and were to save and what type of data and maybe one hardest questions how our search works, how much our employees use time for searching something what they know to be stored somewhere but what could not be found and how much we have data from what we don't know at all.
Funny thing is that organization spends globally huge amount of time = money to find data from the data mass where part of the data is unvaluable and not required to stored based on any laws any more. Reason has been just if if if if if - you might heard that if aunt have b..s she is uncle or that if cows fly or if kids has guns and so on.
All these impacts to end user experience and efficiency witch impacts negatively to users and organizations productivity and the shares and dividends organization is paying.
All these should be seen as part of the organization digital workplace journey where the data is available, searchable, have value and old data will retire and be deleted or archived. The data is not seen as a data it is seen as asset and value for the organization
I will be the CEO or chairman of the board this would a one thing I'm interesting at least that moment when some one told that if worst case happens we have to pay penalties of 4 % or 20 million euros from total annual worldwide turnover - witch is higher.
So from where to starts is great questions and have multiple approach how to start - but without boards engagements and commitments to this why to start while you cannot achieve and realize what you are looking for. You must have the commitment from highest and get the most senior people to understand the background cross organization units; Business, HR, Finance, IT, R&D, Production... you name it.
But let's get back to unmanaged data where might be the most of the unknown information from where the organization don't have any understanding.
Regardless of your business, are you at the finance, production, resource, health care, high technology i assume that you have couple of file servers in branch offices, data centers, couple of SharePoint where the data migration was postponed due the poor finance and maybe separate document management system like Documentum and product lifecycle management PLM applications and based on users the data is not stored where it should be witch makes it unvaluable while not founded, too many versions and no knowledge of the latest version with right data.
One question you should ask from your business is "Do we know what GDPR means and how it impacts to us?"
To be continued
"All comments are my own"
No comments:
Post a Comment