Opening the lid on data protection, with QualiWare X
Apart from protecting consumers and businesses from misuse of their data, one of the best knock-on effects from the rafts of data-related laws passed in the last few years (GDPR, the California Consumer Privacy Act, and Australia’s Notifiable Data Breach Scheme, among others) has been to make businesses of all sizes very much more aware of their responsibilities concerning data security, data protection and data risk management.
Protecting information before digitization used to be a matter of ensuring paper copies of key documents were kept securely, but now, in addition to regulatory control, there’s also the threat from hackers, accidental data breaches, and poor practice causing potentially disastrous data losses with which to contend. But whether it’s to comply with regulation, to protect against loss of valuable intellectual property, or to avoid the PR fallout from a data breach, companies must now have a robust and unified data policy and method of working.
Because virtually every activity in the modern workplace is digitized to some extent, the movement of information and its mapping is very much analogous with business processes. Getting to grips with the latter brings, therefore, the former.
In a sense, the various legislative efforts are creating an ethical framework for the ways in which companies use and interact with the data they hold: that ranges from practicalities of how it’s stored and protected, but ranges as far as making every organization think about what it does each and every day with its digital assets. And that process is a parallel with the way businesses work: when we consider how data does and should move, we are considering how workflows function, and how they should, too.
New risk assessment platforms just coming to market are missing a trick: better surely to get to grips with the inherent flaws of business processes, than simply to audit and catalog those flaws? And merely assessing risk doesn’t go to the heart of why rules and regulations like GDPR have come about, which is to ensure that businesses develop processes that are efficient and ethical with their information.
Therefore, protecting and managing your organization’s data and data risk should be seen as an opportunity, rather than a burden. Granted, part of the adherence to data regulations is to be able to prove adherence to said laws, but mapping out business processes, data flow, and working practices will remove issues that are the legislators’ (and hackers’) targets: silo-ed data, data duplication, poor information management, and incoherent workflows.
The knock-on effects? Better performance and change management, lowered costs and greater efficiency.
With a product like QualiWare X (read our full review of the platform), companies of any size can make the challenge of an ever-shifting regulatory backdrop (and the threat of data breach) into a positive series of steps that will significantly benefit the business.
By building what Gartner calls a Business Operating System (or a model of the company’s working practices), organizations discover their real operating practices and find out ways to optimize every aspect of the systems, people and methods at work every day. QualiWare calls this process the creation of a digital twin, and, as well as an audit process, the exercise lets companies drill down into those processes that are causing them bottlenecks. In many cases, it’s those self-same areas that are also areas of the highest risk in terms of data management.
If approached from a positive angle, embarking on the creation of a smart architecture has several data-specific benefits, not limited to:
- A much-improved approach to information security and compliance with international standards such as ISO 27001.
- Organizations with a global reach can quickly assimilate changes to regulations and guidance from multiple territories, and prove their success to legislative bodies.
- Demonstrating compliance with any new or shifting law builds customer trust levels and promotes innovative data use practices.
- Consistency in change methods and process-based transactions create a more coherent approach to business in general and more responsible attitudes to data protection among employees.
- Better alignment of business and technology through a holistic, smart architecture approach results in saved IT costs and more effective responses to regulatory and cybersecurity pressures.
Sometimes positive change is driven by external events: the arrival of primary, internationally-binding legislation like GDPR, for example. But often, forward-thinking companies begin their business process revitalization journey because they’re aware of the benefits— and cutting their risk profile massively is a good and worthy bonus.
*This editorial has been written by Joe Green, Senior Writer at TechHQ
16 December 2020