Opinion, advice, and analysis by the TNW community
Co-Founder and Chief Security Officer,EgnyteKris is a co-founder of Egnyte. He is responsible for creating and implementing Egnytes global information security and compliance management strategies, policies and controls that protect all of Egn(show all)Kris is a co-founder of Egnyte. He is responsible for creating and implementing Egnytes global information security and compliance management strategies, policies and controls that protect all of Egnytes customers content and users.
Its easy to aspire to be just like a Fortune 500 company killer quarterly earnings, adulation from the press, respect from your peers, etc. Its just as easy to forget theres a reason these largely successful companies stay on top. They innovate, they provide superior service, and they often have a strong ecosystem of partners. However, theres one element of these companies that has historically been overlooked but is now receiving an increasing amount of attention trust.
With an increased focus on consumer privacy and an explosion of data being created, companies have to take a much more active approach in building trust between themselves and their customers. A core part of building that trust is the handling of data where data is stored, who has access to it, and how it is being accessed on the company side and on the customer side. By showing your ability to properly manage and protect data, you will gain respect and trust from customers, prospects, partners, and the public in general.
On the flip side, if you are unable to properly handle data it will not go unnoticed. These days breaches are being publicized via blogs, news outlets, social media, and more. Just one breach can send a companys reputation in a freefall, crumble any trust they have built with the public, and cost them dearly.
There are a few of the things you can learn directly from the most successful companies in the world about how to securely handle your data and build trust with the public.
Sanjay Saxena, SVP of Enterprise Data Governance at Northern Trust (no.486),accurately described thatdata governance isnt simply a defensive measure, but a way to actively bring value to your customers. Saxena eloquently puts that data governance should also be focused on improving, maintaining, and acting upon the data you have and that once youve made the steps beyond security and compliance, its a huge competitive edge.
While you should always be secure and compliant, that doesnt mean that you shouldnt use the data responsibly to understand your customers. For example, Saxena says that another aspect of the monetary benefits of data governance is the role of metadata. Firms are increasingly focused on collecting metadata about their clients and the products they have purchased.
Well-governed data isnt simply secure and accessed by the right people its understood, built upon and manipulated. AT&T (no. 9)s Steve Stine also echoed similar points onwhat makes a good Chief Data Officer.
Apple, no. 4on theFortune 500, subtly mentioned data governance in the rollout of one of the most pervasive pieces of consumer fintech Apple Pay.Apple specifically made Apple Paycreate tokens of randomized credit card numbers for each card youd load into your Apple device, never actuallystoringthe credit card data on their servers.
This is productization with governance inherently built in Apple understood exactly where the issue may be if theres a loss of a device or a breach (the customer information), and limited that entirely to singular tokens that, if lost, would be easily locked and not leave the user vulnerable.
The simplest decision you can make with your customers data is to keep it as far away from the outside world as possible even if its more difficult to build, it will protect themandyou, no matter how large or small your company is.
IBMs 10 essential security practicesare valuable, but the most powerful lesson to internalize is that you should have a risk-aware culturefrom the very beginningof your company.No. 34 on the Fortune 500likens a risk-aware culture to how we take preventative actions to stop ourselves getting sick or from getting hurt, and I think its a powerful way to, even in your early days, save yourselves from future issues.
This means taking care of business from day one, and instilling in your people that your data, and especially your customers data, should not be treated in a cavalier manner (such as keeping customer information in plain text), and enforcing access to critical data in such a way as to prevent it easily leaking. Theres a fine line between risk-awareness and paranoia but its necessary to internalize this message from day one.
A Fortune 500 company may have billions of dollars in revenue and exabytes of data to govern, but you share similar goals delighting your customers in the fastest and safest way possible. You also likely have an advantage in considering data governance at an earlier stage you can embed the ideals of great data governance in your culture early and often, and build your infrastructure to reflect it without having to change vast legacy systems. Its a win-win for you and your customers.
TNW Conference 2019 is coming! Check out our glorious new location, inspiring line-up of speakers and activities, and how to be a part of this annual tech bonanza by clickinghere.