BIG DATA reigns in data that has become too big and too disparate:  The days are fast closing for any organization that harbors data in a plethora of discreet systems.  That is, vertically isolated databases supporting enterprise-core business systems, e-mail systems, accounting systems, personnel systems (HR), order systems, discreet CRM, and so forth.  BIG DATA shatters walls and allows inclusive datasets in response to queries and calls for comprehensive information regarding specific entities:  clients, competitors, concepts, projects, forecasts, analysis… name any type of informing content (information) that your organization has, and BIG DATA serves up that information in a cohesive and collective manner.

BIG DATA serves Business Intelligence, and BI is huge.  BI essentially is the intelligent use of data that is leveraged across and through dispersed systems that are internal to the organization.  The sources are your organization’s assets – but too often, incomplete content is delivered in poor service to actual needs.  Business forecasting suffers, analysis suffers, forward progressions suffer.  Reporting, survey, and intelligent thinking are ill-served by virtue of the fact that much data gets overlooked – it’s hidden.  Consider:

“The world is full of obvious things which nobody by any chance ever observes.”  ~ Sherlock Holmes, The Hound of the Baskervilles

Indeed, Sherlock:  “It is a capital mistake to theorize before one has data.  Insensibly one begins to twist facts to suit theories, instead of theories to suit facts.” ~ A Scandal in Bohemia

“Data!  Data!  Data!… I can’t make bricks without clay.” ~ The Adventure of the Copper Beeches

Remember -  Data and its related management and use represents a major investment:  You must achieve the proper return-on-investment (ROI)  – and that ROI is dependent on doing something productive with that data, which means you must leverage it in the most efficient and effective way possible.

Your bricks – projects, reports, deliveries, forecastings, analysis, products, services, progressions, protections, et al – are going to require more than data.  They’ll require complete data – and that’s taking on a whole new meaning:

You need BIG DATA.

Next:  Competitive Intelligence (CI) – Leveraging external data

It’s interesting to me that the European Union’s European Commission is considering some standard rules for breach notification.  These rules would govern how companies make notification to stakeholders, and also govern their behavior throughout breach fallouts.

These “practical rules,” are being crafted from solicited input from the public, and also from national data protection authorities, as well as from consumer protection organizations.  In the wake of several high-profile breaches, it’s an understandable consideration (see several of my prior posts regarding breaches).

As stated by Neelie Kroes, the EU’s digital agenda commissioner, “The duty to notify of data breaches is an important part of the new EU telecoms rules.  But we need consistency across the EU so businesses don’t have to deal with a complicated range of different national schemes. I want to provide a level playing field, with certainty for consumers and practical solutions for businesses.”

If transparency is key, as one of the stated goals, then I wonder why no mention of government?  What of government breaches?  Is there the same timely notification requirement for various agencies?  In terms of stakeholders’ wellbeing, the government harbors extraordinarily critical content regarding citizens and their interests.

It’s of further interest to me that many “experts” feel that breaches will be an ongoing problem, by virtue of the number of private companies, banks, agencies, etc., that gather and store ever-more personal and empirical data about customers, clients, patients, and so on.

I rather agree that breaches will be an ongoing problem – but not due to an expansion of data stores – that is, more targets.  Breaches will occur largely through careless harbor; poor security security practices, lagging security initiatives, and that most venerable and vexing problem:  human error.

Joe McNamee, the head of European Digital Rights, says:  “It is precisely because there will inevitably be breaches that rules are needed to ensure that citizens are informed and that companies have compelling reasons to minimize the data they collect and maximize their internal security,” he noted.

I rather think that breaches can be thwarted – with proper security protocols, proactive updating of environments to best security features and practices, sound training of personnel, and ever better encryption techniques.

Meantime:  I’m back to government:  What is their duty in notification of breached agencies and harbored data?  Nothing I’ve read has indicated government’s oversight of… government.   

I’ll also be curious to see what’s mounted, or attempted, in terms of government control here in the United States.

I’d like to hear from you.  What are your thoughts on “breach notification laws”?

Stay safe out there.

NP:  Elsa, Cannonball Adderley, jazz24.org

I was doing a bit of reading regarding Amazon’s new Amazon Cloud Drive (“your hard drive in the cloud”).

The emphasis on this free service (with registration, and living within a 5 Gb limit) seems to be on storage of music and video… and, generally, other personal use.  That’s fine… losing files such as those wouldn’t entail a hardship, unless you’re a filmmaker or professional musician.

But what of data?  That is, business data, or critical personal data, such as tax, real estate, investment, etc., data?  Heck, what of irreplaceable family photos?  We could go on…

In the case of Small and Medium Business (SMB), particularly, they are forever (or should be) on the lookout for cost savings.  Free storage?  Oh yeah!  Further, paid plans are available for storage beyond 5 Gb, for a mere buck per Gig per year.  Up to 1,000 Gb.  Sounds very attractive… and, swinging back to households; they can always use a little help with expenses.

I still have a problem.  I like my data to reside on things that I manage.  That I can see, review, update, and restore from… and did I say manage? – in person:  A physical fileserver, disk array… a simple USB drive I can see and touch.   :^)   Call me crazy.

Particularly in the case of storage for backups – why would I want that to go into The Cloud?  Or perhaps more accurately,  A Cloud?  Who’s Cloud?  Oh – Amazon’s?  No problem… until there’s a problem.

It’s not totally an issue of Amazon’s stability and reliability:  If the ’net goes down, for any reason internal (org) or external (ISP, etc.), where’s your data?  In The Cloud – and inaccessible.  For my SMB readers, small government agencies, and people with critical personal files, and/or treasured files, be wary of trusting The Cloud too much.  It will always present vulnerability.

Managing business and IT effectively means closing vulnerabilities and areas of risk:  not widening them.

Hmmm… long before The Cloud, we used to say, “Storage is cheap” – and it is.  Nothing, and I mean nothing, beats your own local, and close-by offsite backup, physical storage.  Mull it over carefully. 

All of that said, Amazon Cloud Drive does present an affordable utility for the right circumstances. 

Just be sure to understand the ROI vs. TCO (Total Cost of Ownership).  What’s the TCO in the realm of a free service?  Your cost is assumption of vulnerability, risk, and potential for loss; engendered by your distance and removal from control over your own assets.  Recognize that as a price – one that could be very heavy.

For further details regarding Amazon Cloud Drive, I’d like to refer you to Chad Vander Veen’s excellent article, Amazon Makes Play for the Consumer Cloud Crowd.

Stay safe out there.

NP:  Miles Davis, Sketches of Spain, original 1960 LP, on Columbia.  Superb.

It’s been reported that RSA Security has been attacked, with the result being “certain information… being extracted.”  Had you heard about this?  I was alerted to it through my Google Alerts.

As a slight aside:  I highly recommend the alerts – they deliver news and articles to you according to interests you specify, such as “Data Breach,” “Cyber Attack,” “Information Security,” and so on… or perhaps “Cloud Computing,” “Web 2.0.”  You get the idea.  Of course, “celebrity gossip” serves some too.  But I use it for career purposes and general professional knowledge.

Back to the attack:  RSA Security is a division of EMC².  EMC² has many contracts with our federal government, for many tens of millions of dollars, for their SecurID system.  SecurID generates a token which, used in combination with a password and user ID, grants secure (well…) access to systems at various government agencies.

These agencies include the Social Security Administration, the Department of Defense, and many others – it doesn’t get much bigger than this.

At present there is no data loss being reported (that is, customer or individuals’ data); however, it’s thought that the “extracted” information may grant a successful attack later – presumably with the further breach of critical content.

Art Coviello, RSA Executive Chairman, said:  “We do not believe that either customer or employee personally identifiable information was compromised as a result of this incident.”

Hmmm… “We do not believe…”.  Would those words reassure you if a solutions partner, a security partner, gave them to you in a similar situation?

SecureID is not only in use at government agencies.  A leading Fortune500 chief security officer has been quoted, albeit namelessly:  His company processes transactions worldwide for payrolls – and they use SecurID.  He states that RSA provided details, within minutes, on how the breach occurred so that they could defend against possible attack. 

Within minutes?  Color me skeptical on that one.   :^ )   Oh.  Perhaps they mean 180 minutes, 240 minutes – something like that.

In today’s environment, where the big dogs themselves are within risks that manifest, what should you do?  Learn how to spot signs of breach or malfeasance in your environment.  Put in the products and ally the security solutions partners that make you most comfortable.  But, don’t lean totally into vendors, solutions, and solutions partners. 

You have to also stand on your own in actively surveying for risk and possible incursions.

NP:  Falling in Love, Stan Getz, jazz24.org

Well, it happened to me:  My laptop’s operating system corrupted and I had to re-install it.

Fortunately, I had a comprehensive backup, which made me whole once I reinstalled the O/S.

I’m a self-employed consultant, so it would have been a bit embarrassing had I not been able to recover.  Perhaps it would have even been professionally crippling:  Loss of client information, billing records, data… even business reputation. 

In the case of lost data and associated problems, even large enterprises and sizable medium-scale businesses get bit.  We frequently hear about these situations in the news:  Remember the Heartland Payment Systems data breach?  How about something from this month?  Health Net, Inc. has a data breach investigation going on affecting 1.9 million patient records.  Ouch.

It’s interesting to Google “Largest Data Breach” and “Most Recent Data Breaches”… have a look at what comes up.  Another interesting area of perusal is The Chronology of Data Breaches, as reported by The Privacy Rights Clearinghouse (PRC).

I’d forgotten that March 6^th through 12^th was the 13^th annual National Consumer Protection Week – but better late than never.  The PRC still has their Top 5 Privacy Tips for that week headlined, as well as tips for privacy protection during tax season, best practices regarding identity theft perils, and others.  It’s a handy reference – check in from time-to-time.

As to small business:  I know several small business owners and operators.  For many, backups are… well… almost an afterthought.  They’re performed sporadically, they’re not comprehensive enough, stuff is overlooked, and suddenly… something happens and critical data and business information is lost.

It’s simple enough to procure an outboard drive; “storage is cheap,” as we like to say.  You can easily get a backup routine scheduled with simple-to-use software.  At a minimum, just kick off a whole-drive backup manually – run it overnight.

Even for personal laptops/computers that aren’t involved in business use:  You can’t imagine all the stored passwords and IDs that you’ve forgotten, for such things as social networking, banking, downloads, blogging, etc., etc.

Don’t wait:  Back up.

On This Day:  In 1960, the first patent for lasers was granted to Arthur Schawlow and Charles Townes.

Senator Tom Coburn, (R)-Oklahoma, appeared on Fox News Sunday with Chris Wallace this past weekend.  He delivered a sobering assessment of the Federal debt and its future impact (absent getting it under control) in the midst of my Happy Holidaying. 

“What does this have to do with content and systems management?” one may well ask.  Well, let’s consider:

Coburn gave an encapsulated and articulate description of Federal redundancies and waste which some believe, if left unchecked, will lead to 15 to 18% unemployment, hyper-inflation, debilitating effect on GDP, and destruction of the middle class.  Heck, is that all?  Gimme another stimulus…

Seriously, consider that the Feds harbor 267 job training programs across 39 different agencies – why?  Talk about compartmentalized and silo’d…

There are 105 programs, 105, to encourage people to go into science, technology, engineering and math.  In Coburn’s view, “That’s 105 sets of bureaucrats; none of them have metrics on them.”  So… if we take him at his word, there are no empirical measures to determine if some, one, or any of these programs are making effective use of resources? 

As to another area of waste, there is 100 billion dollars (maybe more) of fraud in Medicare and Medicaid.  As Coburn says, “That’s money that’s just being blown away.”

He continues, “The Pentagon can’t even audit its own books.  It doesn’t even know where its money is going.  And we refuse to have the tough forces go on the Pentagon so at least they’re efficient with the money they’re spending.”

Coburn says there is approximately 350 billion dollars that can be eliminated from the budget that will not truly impact anybody in the country. 

But in my own view, any elimination of waste, fraud, and abuse is only going to come from an accurate accounting.  Before there can be any political rendering, and any resulting pragmatic, empirical, meritorious action that delivers to real-world realities… we have to know where we are. 

Only generally do we know where we are:  We know there’s waste; we know there’s fraud; we know there’s redundancies, wasted effort, duplicated effort, efforts that work at cross-purposes, and money pouring down a drain.  But we have to survey, expose and manage according to a coherent, comprehensive and trusted system of accountability, as it delivers real data from systems’ content.

Of course, it’s the big entitlement programs (Social Security, Medicare, Medicaid, and various stimuluses) that are the largest drivers of the deficit and resultant debt.  We’re not going to get into that, being that this isn’t a political column.  But frankly, I think every little bit counts, even if only for the discipline and practice of being austere, frugal and fiscally responsible. 

The Federal Government really, really, needs better content and systems management – now.  The expanding Federal Debt will yield what some describe as “apocalyptic pain” in a few years’ time – if we don’t act soon. 

The time is now.  It’s the right thing to do.

NP:  Miles Davis, Kind of Blue – Legacy Edition.  (On CD, yes, but I’ll be listening to some jazz on original Vanguard LP a bit later… rest assured.