View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Data
January 13, 2016updated 31 Aug 2016 10:20am

Compliance with data regulation: How big data analytics vendors are tackling data protection

Analysis: Information management may provide the solution to keep your analytics flowing while better managing your data.

By James Nunns

The use of big data has sometimes been pitched as a cure all to businesses; it can earn you money, increase efficiency and generally make your business better and more agile.

While this may be true to some extent, there are different ways of going about it and not all of them lead to success.

The big data market as a whole is also heavily impacted by governance and regulations and you should be aware that there is no free for all on use of data. You should particularly bear in mind how you use personal data and sensitive personal data.

With a changing landscape surrounding regulations it’s necessary to know how that impacts vendors trying to sell data services and how businesses can use information governance and information management to make sure they don’t fall foul of regulations.

At the beginning of the year, Huawei said that its FusionInsight service had been granted an "ePrivacy Seal" from ePrivacy. The significance of this is that it means the service complies with both EU and German data protection laws and regulations.

FusionInsight is a Hadoop based enterprise grade Data-as-a-Service platform and by meeting the regulations it can be offered throughout Europe.

Meeting the requirements is no simple task, the process took the company four months and saw it pass through five different phases.

Content from our partners
Why the tech sector must embrace faster, smarter talent recruitment
Sherif Tawfik: The Middle East and Africa are ready to lead on the climate
What to look for in a modern ERP system

The phases for this award include detailing the identification of the products and processes requiring the certification and also the scope of data privacy and communities affected.

The second phase is analysis, where technical and legal evaluation of both the products and processes is undertaken. Phase three required Huawei to optimise the product and processes and phase four is an audit of these products and processes.

Phase four also includes legal due diligence which is designed to ensure that the vendor reaches the acceptable levels for certification.

Finally, phase five which is where the certification is sealed.

The point of outlining these phases is that it highlights just some of the many hurdles that need to be overcome in order for a service like this to be offered.

Another important element is that this is just one of many different certifications that are out there and there is the potential to comply with some and not others. Finding out what applies to you is another important step.

For businesses, these regulations are important to comply to and information management can be an important element to help you while making sure that you can still get the most out of your data.

Information governance should be the foundational aspect of big data projects, rather than just going to the analytics software, you should probably start with governing who has access to what data – but you don’t necessarily have to start big.

Joe Garber, VP, Marketing, HPE Software, Big Data Solutions, told CBR: "They might choose to start small or might start to govern very specific employees information but then realise the benefits of that downstream." This means that your business can expand it later, which can be done by setting policies based on who needs to access data and what they can look at.

Most organisations have dark data, which is data that is unknown, so if you face a data breach you are unlikely to know what data exactly was taken and who it affects, so reporting becomes extremely difficult; this is another area that information management can help with.

Another of the ways that a solid information management strategy can help you, certainly in regards to the upcoming EU General Data Protection Regulation, will be reporting the breach.

Under the regulations a company will be required to report the breach within 48 hours and managing your information can help you in the first instance to see if you’ve had a breach and secondly help you report it.

Getting information management right requires being able to set the right policies, but the challenge is getting those right so that you don’t end up overly restricting what data people have access to, which could potentially ruin any data driven approach.

Garber, said: "It’s an age old question, you have IT saying keep nothing and legal and compliance saying keep everything so you have to find that balance."

There are a couple of ways to address the problem, one is through historically looking over time and getting them right, the other way is to get close to those policies and to properly analyse them so that you’re running analytics on the policies and you can see what is necessary and what isn’t.

Figuring out what in your data is redundant, obsolete or trivial is an important element of information management and can both save you time and money; why keep all of that data if it’s not necessary?

Your best bet is so start with the big policies that are the most vital and work your way down so that in time everything is covered.

Topics in this article :
Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU