Many of the technologies businesses rely on to create new services, make workers more productive and serve customers better are the ones most likely to lead to data loss, according to data loss statistics gathered by a recent security study from IT industry association CompTIA.
The “leading culprit” is data in motion, according to the online survey of 1,183 IT and business executives involved in setting security policies for their organization. In other words, all that data being accessed through unsecured Wi-Fi networks, sent through unencrypted emails, and downloaded to USB drives or websites is putting organizations at risk.
Among the 52% of the organizations that reported a data loss in the last 12 months, 65% said that confidential corporate financial data was lost, 52% said that confidential employee data was leaked, 27% reported losing confidential customer data, 26% lost corporate intellectual property, and 21% suspect data loss but couldn’t identify what was lost, according to the data loss statistics.
Still, context is everything. When compared to the growth in the use of social networking, security risks associated with social networking are pretty low, CompTIA argues. The association quickly pointed out, however, that security risks will rise because of malware, social engineering and data mining on such sites.
As for cloud computing, the top three security concerns included downtime, loss of data during transfers to the cloud and a lack of data encryption.
Those surveyed also had “serious concerns” (48%) about employees downloading unauthorized apps to mobile devices, theft or loss of corporate mobile devices (42%), and risks when using open Wi-Fi networks (41%).
The IT and business executives didn’t specify the types of recent data loss prevention tools they have in place or the ones they are considering, but they did share their response strategies for data loss prevention:
- Implement encryption policies for data stored on mobile or portable devices.
- Create a stricter separation between work and personal communications.
- Reinforce acceptable user policies for mobile devices.
- Reinforce or create corporate policies governing the sharing of proprietary information on blogs, forums or social networks.
- Further compartmentalize sensitive corporate data to ensure that only need-to-know employees have access.
Let us know what you think about this blog post; email: Christina Torode, News Director
It was a short week for some, but there was no shortage of intriguing news and opinions to sort through. We’ve rounded up a handful of items to share with you on this Friday, including one of many takes on Target’s “maternal instincts,” websites that don’t need searching and a forthcoming offering from Google that will really be in your face.
The New York Times piece on Target’s extreme targeted marketing via data analytics caught fire and was everywhere this week. Here’s one of the more thoughtful among the many takes on what it all means. It’s a two-part piece; you can click to see the second part at the end of the entry.
And in the further adventures of somewhat scary and scarily innovative data analytics: a company that aims to cut down all that laborious search time and just tell you what you want.
We don’t like the suggestion that CIOs are anything but this — however, Forbes contributer Perry Rotella offers up a trio of succinct steppingstones CIOs should consider in order to be recognized as “first-class executive leaders.”
Here’s something you really don’t want your business to get stuck with. Aside from its vast time-sucking capabilities, there’s another downside to the very hot Pinterest website — potential lawsuits, naturally.
Not to be confused with image recognition app Google Goggles, comes more speculation that Google will release reality-augmenting glasses by year’s end. Is this going to be one of those things we’ll question the point of, then find it becomes ingrained in our lives (hello, Facebook in 2007)? Maybe that eyePhone episode of “Futurama” is eerily prescient.
I can think of two reasons people don’t talk about something. One is that the subject has no importance at all. The other reason is that it is so important people don’t want to share what they know. In the case of advanced business analytics, I can assure you, the latter reason is in play. Silence is golden, so to speak.
This was clear in a story I did this week on a snazzy hotel app deployed by the SLS Hotel at Beverly Hills. The free mobile app basically delivers round-the-clock service — a bottle of Dom Perignon, more shampoo — at the touch of an icon. IT Manager Eric Chao, the hotel’s point man on the mobile app, was happy to talk up the app’s front-end value: how it takes customer service to a new level, etc. But ask about the sophisticated analytics whirring on the backend that allow the hotel to figure out what a guest wants before he even knows it – and this reporter got the cold shoulder. The hotel PR squad flat out said no way.
“The app collects a lot of data,” was about all Chao could say. That, and it’s been “great for business.” Indeed. I have no doubt that the data collected contains information so valuable to the hotel that it’s not sharing it with anybody, never mind reporters.
Chao was not the only circumspect CIO I talked to this week. A CIO in the automotive industry I interviewed yesterday for an upcoming story on mobile BI stopped short when the topic of analytics came up. Routine analytics were handled in-house, he said, but the sophisticated stuff done by statisticians and data scientists—the secret sauce, the golden goose — that analytics was being outsourced. To whom? He couldn’t say, in fact, was prohibited from divulging that information to anyone outside the company.
My take on the silent treatment? If CIOs are not putting a lot of resources into advanced business analytics, they’re in trouble.
By the way, the same silence principle holds true for security too—in particular, app security, but shhhh that’s a post for another day.
Leadership training — in particular, the shaping of future CIOs — was the topic, but as with many conversations about the CIO role, the conversation veered off to a seemingly unrelated topic: mission-critical systems.
More to the point, the talk concerned how CIOs increasingly are finding new uses for the business management systems that have been in place for years. The need to make data more useful to the organization is in part driving this trend, said Bob Rouse, director of the Society for Information Management’s Regional Leadership Forum training program and professor of computer science at Washington University in St. Louis.
“CIOs are expected to make administration systems more efficient and save money for the company, but that isn’t enough,” Rouse said. “They need to make the systems and themselves more valuable to the company.” One way of doing that is by channeling more capabilities through existing systems, he said.
Doing this exposes CIOs to their true customers — the external ones — by improving how the business delivers services to and meets the needs of the people buying its products and services.
To be more industry-specific: Mission-critical systems that gather reams of data can be used to help farmers find better ways to fertilize their fields. Or such systems can help doctors avoid future errors by looking for mistakes in dispensing medications. “Existing systems capture all sorts of data that can be used in new ways to gather intelligence,” Rouse said.
As I was talking to Rouse, another conversation popped into my head, one I had with Jay Leek, vice president of international security at Equifax Inc. He was using his company’s and Equifax customers’ billing systems to identify fraud. By looking at billing systems data and working with the accounting department, he could spot anomalies. For example, he found that one company’s billing systems had been infiltrated by a third party, which was using the systems to bill an Equifax customer for fake services.
In another case, Larry Bonfante, CIO for the United States Tennis Association Inc., is using data analysis from ticket scanners that gives exact on-campus headcounts at the U.S. Open, to pave the way for additional day-pass sales. This equals an additional $1.5 million in revenue for the association. And as SearchCIO.com Features Writer Karen Goulart explains, Bonfante is looking at more ways to use mission-critical systems to generate revenue. One example is the association’s event management system. It is a coordinated public safety response system created for the U.S. Open that is now being shopped to other large-scale event organizers.
It only makes sense, given that the CIO increasingly is being called on to monetize IT , in addition to running business operations, mentoring staff, tapping mobile devices to serve customers in new ways, helping the business expand its global reach through the cloud or social networking …
Let us know what you think of this blog post; email Christina Torode, News Director.
The week is drawing to a close, and for some of you there’s a long weekend ahead. Why not use a bit of your extra leisure time to peruse some interesting news from around the Internet that you might have missed this week? Today’s offerings include uses of data ranging from the somewhat shocking (but nonetheless pretty amazing) to the seriously sweet.
- Scary or impressive? It’s amazing what information can be culled through data analysis when the right minds are put to it. But how would you feel about Target knowing before your closest family and friends that you might want to join its baby registry?
- It’s the rise of the machines! It’s predicted that soon the world will be populated by more mobile devices than people. Good thing we can hold them in our hands and have access to their power sources.
- We’re psyched about the return of “The Walking Dead” – zombies are so much cooler than brooding vampire teens, IOHO – but we’ve got to draw the line right about here. Our brains are one thing, but hands off the passwords, zombie spambot!
- It could seem like Google is everywhere, but its footprint on the enterprise market is a relatively small one. Fortune‘s Michal Lev-Ram looks at their attempt to make a bigger mark by riding the consumerization of IT wave.
- Sharing might be caring, but it also can get you sued. If your altruistic side has led you to leave your Wi-Fi unsecured, just remember that no good deed goes unpunished.
- That previous entry was such a downer, so let’s wrap up this Valentine’s Day week on a happier note. Who says the geek never gets the girl (or boy)? All you need is love — love plus the ability to crunch numbers into an adorable infographic. Awww.
Marcia Nizzari, director of informatics at Good Start Genetics Inc. in Boston, compares becoming a CIO to the school of hard knocks: When it comes to technology leadership training, CIO newbies are pretty much on their own.
What she has seen in her technology career, and now as a teacher of a course on enterprise architecture at Boston University, is that there’s no real-world training for young people who have been promoted to the CIO position.
“It is a lonely place to be for many of these new CIOs,” she said. “There’s really no one to ask about vendor due diligence, building enterprise architecture, how to talk to the business so a project makes sense and finances it, or how to hire and bring the correct team together.”
In her class Nizzari uses exercises from the book Enterprise Architecture As Strategy: Creating a Foundation for Business Execution by Jeanne W. Ross, Peter Weill and David Robertson. But much of the course consists of students sharing experiences and asking each other questions, and visiting speakers who talk about the invaluable on-the-job, albeit sometimes painful, lessons they’ve learned.
Rather than on IT, a focus of the technology leadership training course is on making an enterprise architecture diagram in business terms — and better yet, ways to get the CEO to take ownership of it and promote that design as his or her own.
One thing is clear from Nizzari’s training course and others being offered by the Society for Information Management and the startup Global Institute for IT Management, as we wrote about recently on SearchCIO.com: The technology leaders of the future are more focused on business strategy and goals than on technology, which is just a means to achieving those goals.
Still, I’d like to hear from up-and-coming CIOs and seasoned ones alike. Were you a student at the school of hard knocks? And what lesson would you share with your peers? Email me, Christina Torode.
Top o’ the week to you. We’re as laden with interesting Web tidbits as Adele is with Grammy awards today. Without further fanfare, here are six stories from around the Internet, the leadoff one a reminder that rising to the top doesn’t always have to start with being at the head of the class.
• From the “don’t tell your teenager” file, sometimes a GPA ain’t nothin’ but a number. There’s book smart, there’s street smart and there’s Steve Jobs smart.
• How well do you know your colleagues in marketing? If you haven’t taken the time to get to know them, you’re going to want to, because, well, it just makes good business sense for everyone. (And Gartner predicts that in five years, your CMO will be spending more on IT than you do.)
• In Forbes, Erica Dhawan, writer, speaker, leadership consultant and Wharton grad, asserts that business schools don’t prepare women for leadership roles. Do you think the same is true in IT?
• Up in the sky, it’s a bird! It’s a plane! It’s — Oracle CEO Larry Ellison trying to buy the cloud?
• Is there room for one more in the C-suite? Pondering the creation of the Chief Collaboration Officer role.
• The storm clouds are gathering. According to Michael Chertoff, former secretary of homeland security, Europe and the U.S. are on the verge of a global-scale clash on privacy laws.
Forget about that 12/21/12 Mayan calendar thing. If you’re planning to make the move to Windows 7 but haven’t made any actual moves, the scariest date in your future is 4/8/14. OK, maybe it’s a bit much to compare the speculated end of days to the date Microsoft will cease to support your current operating system. But being ill-prepared for either date is bound to cause some chaos.
The unhyperbolized truth is this: If you haven’t started a Windows 7 migration, you’re already late. This was the message imparted by Gartner Inc. analyst Michael A. Silver during a recent live webinar. Early on in his talk, he pointed out that your problem isn’t just Microsoft being a big, bad stickler for deadlines. Other vendors will make your life difficult too. Last year — that is, three years before the dreaded deadline — Silver started getting phone calls from clients bemoaning that new apps couldn’t run on XP.
And it’s only going to get worse. Silver said it’s expected that 60% of important independent software vendors will have a new release that isn’t supported on Windows XP. In other words, there’s a good chance that your business is going to request an application and you’re not going to have the infrastructure to run it.
Another thing to bear in mind is cost. If you miss the Windows 7 deadline, there’s always custom support, right? Sure, but at $200,000 to $500,000 the first year and $500,000 to $1 million the second, it’s anything but budget-friendly.
If you’re wondering where you stand among your peers, a quick straw poll of 100 participants in the webinar showed that 16% hadn’t started, 49% had completed inventory and were about to start or had started testing, 6% were finished with application testing, 7% were in pilot phase, and 22% were in production deployment. Broader polling shows that 55% of companies are finished or nearly finished, 25% are just getting started, and less than 10% have yet to begin.
So, if you like system support, viable applications and a happy business, you’d best get cracking. Silver suggests allowing three to nine months for app testing and remediation, and at least three months for piloting. And while the atmosphere may be rushed, don’t go in without a solid plan. It’s also crucial that you utilize your human resources wisely — and humanely. Marathon Windows 7 migration sessions on nights and weekends will only lead to IT staff fatigue and possible mistakes, so be sure to give your team breaks. On the same note, break up responsibility: The project manager and the technical lead should not be one and the same. Also know that there could come a point where you need to bring in third-party help, so budget for it and don’t wait until the last second to use it.
So, where are you? What has your experience been? Any advice for the 10% still on the bench? Let me know in the comments.
Is big data dead already? I guess that depends on how you define it. If you’re analyst Mark McDonald, a VP and fellow at Gartner Inc., and you equate big data with the kind of business intelligence (BI) technology that functions as an enterprise-wide system, then the answer is — maybe. We were talking by phone this morning about the challenges facing CIOs in developing a BI strategy.
“If you think of big data as a belief that there is going to be a single giant data warehouse just as there is a single instance of ERP, and that this is going to be the source of intelligence and the driver of business decisions, then that attitude is on the wane,” McDonald said. “What we found in this year’s surveys is a shift to a much more operational or tactical application of analytics apps.”
“I’m not quite ready to say big data is dead,” he added. “But the interest we’re seeing is in disaggregated BI, as opposed to a unified, over-mined version of the truth.”
Cost is one of the reasons big data is disaggregating, McDonald said. Like the economics of ERP, the economics of big data BI — where the data is unified and clean –is prohibitive, especially as data increases.
The way his clients describe analytics is in combination with other business functions: analytics apps and social media, analytics apps and supply chain, analytics and mobile, for example. That’s in distinction, McDonald said, to the traditional view of analytics as a “corporate shared services capability.”
In this worldview of BI, the job of CIOs is to think about analytics apps just as they would about other applications, with an emphasis on providing practical business value. “A CIO who can demonstrate the use of data in formulating business cases, in sizing up business opportunities and in making fact-based decisions is providing business value,” McDonald said.
Sounds good, but that’s kind of the problem. I’m left wondering — as with so much in IT — whether the shift away from traditional “big data” BI to analytics apps for specific business functions is more semantics than “qualitative change.” And I can’t wait to hear the hue and cry from big data experts about how big data cannot by any definition be equated with traditional BI — not to mention emails from all those big-name BI vendors selling something called big data analytics.
In writing for the Web, as in movies, sometimes there are choice bits that don’t make the final cut. (That’s why DVDs include extras, and blogs are, well, blogs.) Here is some food for thought from Gartner analyst James Richardson that didn’t make it into a recent story about the growing interest in Software as a Service (SaaS) business intelligence (BI) tools.
When asked if SaaS BI is now mature enough for the enterprise, Richardson said it was. Adoption, while still “patchy,” is definitely under way. He pointed to data from a Gartner survey of approximately 1,300 IT executives: About 30% said they used or planned to use some form of cloud-based BI or analytics tools in the next 12 months. And while much of the action on the SaaS BI scene looks to be coming from pure-play startups, the growing acceptance of cloud computing architectures in IT has nudged established BI vendors like Microsoft, SAP and IBM to offer this model, he said. IT leaders want options, and they’re not necessarily looking for all-or-nothing propositions. To that end, SaaS offerings are not yet replacing on-premises BI entirely.
“In the main, they’re being used to augment what’s already there, often for urgent tactical needs where this delivery model offers value,” Richardson said.
In fact, of those companies already using SaaS BI solutions, 37% said “implementation cost and effort” was a key reason for their adoption. Cloud-based BI tools do offer faster, typically lower-cost and easier-to-deploy alternatives. But these solutions are not without their areas of concern that need to be scrutinized — security and privacy topping the list.
“Especially in an age of compliance, security and privacy must be considered carefully when evaluating whether to store data off-premises,” Richardson said. “Business purchases of SaaS BI and analytics systems can disrupt long-term data management, governance and stewardship processes recently put in place.”
Another risk to watch for? The unintended creation of off-premises BI silos.
“If data is now spread across multiple SaaS analytic applications, there’s a danger of firms heading back to the days when analysis was done in silos with limited connection across the enterprise,” Richardson said. “Firms must consider how, when and what data to bring back on-premises to ensure SaaS BI systems and the insights they contain are reused fully.”
Are you part of the wave looking at the cloud as a home for some of your BI tools? Maybe you’re already there. I’d be interested to hear your thoughts on whether this is a trend that’s here to stay.