While big data can offer big rewards, writes Marc Vael International Vice President of ISACA in a guest post for BCS, it also poses significant risk - from incorrect data (and, therefore, misleading results) to unexpected costs.

It is critical for organisations to put in place a governance program to ensure that the information it utilises remains accurate, consistent and reliable - but that can be easier said than done. This article examines the benefits of managing big data and offers some tips for staying in control.

Big data is both a marketing and a technical term that refers to a valuable organisational asset -  information. It also represents a trend in technology that is leading the way to a new approach in understanding the world and making business decisions. These decisions are made based on very large amounts of structured, unstructured and complex data (e.g., tweets, videos, commercial transactions) which have become difficult to process using basic database and warehouse management tools.

Data is collected and analysed to find patterns and correlations that may not be initially apparent, but may be useful in making business decisions. For example, personal data is useful from a marketing perspective to understand the likes and dislikes of potential buyers and in analysing and predicting their buying behaviour. The primary objective of analysing big data is to support organisations in making better business decisions to positively impact:

  • Product development;
  • Market development;
  • Operational efficiency;
  • Customer experience and loyalty;
  • Market demand predictions.

With great reward

As mentioned, big data can supply a competitive advantage and other benefits; however, it also carries significant risk.

Consider first that, for some organisations, big data can be counted in hundreds of gigabytes, while for others, it is in terabytes or even petabytes, with a frequent and rapid rate of growth and change (in some cases, almost in real time).

And proper use of big data goes beyond simply collecting and analysing it, as organisations must also perfect the fine art of understanding how and when to use the data in making crucial decisions.

Another challenge to overcome is that some data can become ‘toxic’ in the sense that loss of control over data could be damaging to the organisation. Examples of potentially ‘toxic’ data are:

  • Private or custodial information such as credit card numbers, personally identifiable information such as social security numbers, and personal health information;
  • Strategic information such as intellectual property, business plans and product designs;
  • Information such as key performance indicators, sales figures, financial metrics and production metrics used to make critical decisions.

Big data in bite-size pieces 

When new initiatives, such as adoption of big data, are properly aligned to the business, existing governance structures can be easily adjusted to address security, assurance and a general approach to embracing new technologies. The COBIT 5 governance framework is a resource that can assist enterprises with this.

Here are seven steps from global IT association ISACA that will help address risk, improve the organisation’s ability to use big data so that it can meet its business objectives:

 Set priorities with your data.

  1. Set priorities with your data. For data to be utilised productively, the organisation needs to consider a corporate data lifecycle process. Data quality in any system is a constant battle, and big data systems are no exception. After all, big data insights are only as good as the quality of the data itself. Certain types of data are business critical, while others are not. Ensure that critical processes get precedence. Figuring out the end goal is vital.
  2. Understand what happens with your data. The concept of big data risk management is still at the infancy stage for many organisations, and data security policies and procedures are still under construction. Provide insight by monitoring all data that runs in the company, and analyse and then take action based on the results.
  3. Your data is precious, so secure it accordingly. The faster and easier it is to access big data, the greater the risk to all of that valuable information. Organisations must get a proper insight into the performance of their data-handling processes to minimise the risks. Don’t forget to check service level agreements with clients and adapt them where necessary.
  4. Provide clear data security and governance guidelines. Make sure your organisation's employees, data, networks, partners and customers are protected end-to-end. To minimise the potential for damages resulting from inaccurate or fraudulent data, organisations need to consider all the data sources they are pulling into their analyses and assess each source for vulnerabilities.
  5. Ensure future proof systems. This means that not only the right systems, but also the right tools and processes are implemented for big data today and can cope with the inevitable data growth of tomorrow. Companies should invest in tools that help ensure their data is accurate, up-to-date, and clean at all times. Figure out how you can incorporate what you already have.
  6. Take the cloud into consideration. The cloud offers a new option in the storage and usage of data aside from building and buying options. The proper controls must be in place in order to trust the cloud service provider with their sensitive and / or valuable data. Ideally, companies start using a private cloud solution and gradually move toward a secure hybrid version.
  7. Find a data coach. Don’t be afraid to seek the advice and guidance of external data experts when needed. Talk to companies and cloud service integrators, and consider companies that run platforms for big data analytics.
  8. Finally, ensure compliance with current relevant laws and regulations. Logical and physical access security controls are needed to prevent unauthorised access to sensitive and / or valuable data. Stay informed of the legislative proposals, such as that of the European Commission, and use the opportunity to employ data lifecycle 'best practices'.

Organisations that master the emerging discipline of big data management can reap significant rewards and differentiate themselves from their competitors. In fact, research conducted by Erik Brynjolfsson, an economist at the Sloan School of Management at the Massachusetts Institute of Technology (USA), shows that companies that use ‘data-directed decision-making’ enjoy a five to six per cent boost in productivity (Swalwell, John; 'Big Data and Intelligent Image Capture Platforms', Technology First, USA, August 2012).

Organisations need to take a good look at their big data opportunity, and take steps to manage and manipulate the growing data within the organisation, if they’re to turn big data from a revenue-haemorrhaging liability into a revenue-enhancing asset.