As the world undergoes a data revolution, the ways we generate, store, access, use and analyze data are transforming before our very eyes. In just a few years, we’ve added sensors to transmit data in high resolution, developed incredible tools and algorithms to help us make sense of it and have firmly placed data-driven strategies at the center of our enterprises. This has all been for the better. Data transformation is dramatically changing how we live and has exponentially broadened the toolkits that organizations are employing to make better decisions and operate more effectively. As a result, we’re enjoying an era of unprecedented innovation and productivity with such vast implications that they’ve even improved our very quality of life. However, this progress, and the push for data-driven innovation that’s inspired it, haven’t touched every part of our relationship with data yet. Most of us haven’t been as quick to appreciate the changing risks that stem from our new datascapes and the majority of digital transformers continue to adhere to standards and methods of data governance and protection that no longer apply. This has been especially true for data access controls we employ today, and the consequences that have arisen from outmoded data access management have already made themselves well known across global headlines. Scoping out the problem Let’s have a quick Big Data recap and explore how ‘big’ Big Data really is and the different ways it’s scaled. Big Data is characterized by four ‘V’s:
- Volume: There’s a lot of data (as in we measure our stores in Petabytes)
- Velocity: The data is added and updated frequently
- Variety: The data is comprised of many different types of data that is often unstructured.
- Veracity: The data is not always “good”, meaning ready, and often varies in quality
- Dr. Leetics is based in Boston and is contending with regulations that prohibit her from viewing the PII of customers from certain countries.
- Information security would not be happy with her being exposed to certain types of information, such as hashes of passwords and password reminder questions.
- ACME would like to be notified in any instance of suspicious behavior, such as any instance in which Dr. Leetics suddenly withdraws large amounts of data outside of the scope of her team.