It’s all about the data…

confidentiality Aug 03, 2020

Today I’m going to talk about something completely different….. But kind of the same…..

I’ve long been an advocate of technology and infrastructure, but todays post is how the human and legal wrangling’s of Information are not actually a technical problem to solve.

Big Tech and Privacy

The anti trust hearings in the US are giving some very public insights into Big Data companies stance versus the US legislature, and apart from the political posturing and theater it’s clear that all the big tech companies see their competitive advantage in data.  From analysis of buying patterns, presentation of ads, app store analysis and understanding the market through that data. It’s also abundantly clear that they don’t always do as they say and there is a very really need for data privacy.  The lines are also challenged when law enforcement agencies leverage the big data that these companies have access to.  E.g. Simple example of 500% increase in geofence location data requests in the last couple of years.

The phrase ‘you are the product’ often comes up with the FaceBook/Google/Amazons/Apple’s of this world.  It’s not a ‘free’ platform.   The users are providing the data to feed the beast, which becomes the revenue as they sell the ad space/ sell the data.  I may be vastly simplifying the problem, but in the US the data belongs to the entity collecting it, in the EU the data belongs to the individual that data is about.

Data Sovereignty

I always thought that Data Sovereignty would be a problem solved by technology.  If you could encrypt and control that data, then why would it matter where it was?   The only defining factor would be speed/latency and the speed of light.  Turns out that governments, politics, and law are a far bigger problem.

The Court of Justice of the European Union issued a ruling last week that invalidated the US-EU Privacy Shield Agreement which allowed US companies to receive personal data from the EU if they adhere to EU standards on data protection and privacy. The Court found that the US legal system doesn’t provide adequate protection for personal data, particularly from US legal entities.

Even for NZ, we had the green light to move government workloads into the Cloud in Australia, but rule changes along the way caused the NZ government to reconsider that stance and that throttled the cloud migration.

And while it’s old news now, a Microsoft Azure datacenter in NZ goes someway to addressing this.  But’s it’s still a US company.  We don’t really have control over the analytics and metrics that will be generated from that platform.

Here at vBridge we take the NZ Privacy Laws, GDPR and customer data seriously.  We are there as a Service Provider to our customers. We are there to protect that data and not mine it for sale to the highest bidder. New Zealanders are a trusting bunch, but we need be careful who we trust with our data with.

yes. that is my laptop

Knowing what your data is

When it comes back to your own data, that’s your valuable information and IP (intellectual property).   You need to understand what it is and how important it is to decide how to treat it.  It needs to be stored in appropriate locations and format.  It needs to be appropriately protected, and it needs to be accessible for analysis/use that can lead to actionable insights.  I see far too many examples of companies that have ‘important file servers’ that are just full of stuff that no one really knows what it is, but IT are too scared to delete or move – because the data might be important.  If you can’t differentiate between users cat videos downloaded from YouTube to important research data or business statistics then you are in trouble.  Your data shouldn’t be a burdening IT cost that is forever increasing.  You shouldn’t have vaults of offline tapes or mammoth S3 cold storage – just in case, because everyone is too scared to maintain those stores and delete unneeded data.  Your data should be an asset that brings you freedom to act with confidence, knowing that decisions were made on a sound basis.

Your business data is just that. It’s yours – not some other provider or entities.  But is also your business data.  It’s not really an IT function to decide what is important and how accessible it needs to be.  It’s up to the business or data owner to define what’s important and how long it need to be kept for and how it needs to be protected and used.

Recognize the importance of your information and you are well on the way to managing it appropriately.

#Veeam – Complete Data Protection #PureStorage – Modern Data Experience #Cloudian

Phil Snowdon

Phil is the Technical Operations Manager at vBridge. Loves all things infrastructure. Network/Security/Storage/Compute and Virtualization.