SUMMER READING TIP

Summer is here and the longer days it brings means more time available to spend with a ripping read. That’s how it ideally works at least. We selected 3 valuable books worth your extra time.

 

The Chief Data Officer’s Playbook

The issues and profession of the Chief Data Officer (CDO) are of significant interest and relevance to organisations and data professionals internationally. Written by two practicing CDOs, this new book offers a practical, direct and engaging discussion of the role, its place and importance within organisations. Chief Data Officer is a new and rapidly expanding role and many organisations are finding that it is an uncomfortable fit into the existing C-suite. Bringing together views, opinions and practitioners experience for the first time, The Chief Data Officer’s Playbook offers a compelling guide to anyone looking to understand the current (and possible future) CDO landscape.

Search on Google


Data Virtualization: Going Beyond Traditional Data Integration to Achieve Business Agility

Data Virtualization: Going Beyond Traditional Data Integration to Achieve Business Agility, the first book ever written on the topic of data virtualization, introduces the technology that enables data virtualization and presents ten real-world case studies that demonstrate the significant value and tangible business agility benefits that can be achieved through the implementation of data virtualization solutions. The book introduces the relationship between data virtualization and business agility but also gives you  a more thorough exploration of data virtualization technology. Topics include what is data virtualization, why use it, how it works and how enterprises typically adopt it. 

Search on Google


Start With Why

Simon Sinek started a movement to help people become more inspired at work, and in turn inspire their colleagues and customers. Since then, millions have been touched by the power of his ideas, including more than 28 million who’ve watched his TED Talk based on ‘Start With Why’ — the third most popular TED video of all time. Sinek starts with a fundamental question: Why are some people and organizations more innovative, more influential, and more profitable than others? Why do some command greater loyalty from customers and employees alike? Even among the successful, why are so few able to repeat their success over and over? 
 
People like Martin Luther King, Steve Jobs, and the Wright Brothers had little in common, but they all started with Why. They realized that people won’t truly buy into a product, service, movement, or idea until they understand the Why behind it.  ‘Start With Why’ shows that the leaders who’ve had the greatest influence in the world all think, act, and communicate the same way — and it’s the opposite of what everyone else does. Sinek calls this powerful idea The Golden Circle, and it provides a framework upon which organizations can be built, movements can be led, and people can be inspired. And it all starts with Why.

Search on Google


Summer Giveaways

We’re giving away 50 copies of ‘Data Virtualization: Going Beyond Traditional Data Integration to Achieve Business Agility’.  Want to win? Just complete the form and cross your fingers. Good luck!


Winners are picked randomly at the end of the giveaway. Our privacy policy is available here.

RABOBANK GIVES CUSTOMERS ANIMAL & PLANT NAMES TO ADDRESS GDPR REQUIREMENTS

The Dutch bank Rabobank has implemented a creative way of using customer data, without having to request permissions. If you are one of their customers and they use your data with internal tests to develop new services, there is a chance that you will get a different name. With special software data is pseudonymized and they do so with Latin plant and animal names.

Your first name will become i.e. Rosa arvensis, the Latin name of a forest rose, and your street name i.e. Turdus merula, the scientific name of a blackbird. It is a useful solution for the bank to be somehow in line with the General Data Protection Regulation (GDPR) that takes effect on the 25th of May. When developing applications or services, analyzing data or executing marketing campaigns based on PII (Personally Identifiable Information) type of data, companies require to have an explicit consent. In order to be able to do this after May and without getting your consent, the bank uses data masking / pseudonnymization techniques.

 

Explicit consent & pseudonymization

With the new privacy law the personal data of citizens are better protected. One of the corner stones of the GDPR is the requirement to get an explicit consent and linked to that the purpose. Even with a general consent, companies do not get a carte blanche to do whatever they want to do with your data. Organizations must explain how data is used and by whom, where they are stored and for how long (more info about GDPR). Companies can work around these limitations if they anonymize / pseudonymize this PII type of data because they can still use and valorize this data but without a direct and obvious link to you as a person. You as a person become unrecognizable but your data remains usable for analysis or tests.  


Why scientific animal and plant names?

‘You can not use names that are traceable to the person according to the rules, but suppose it is a requirement to use letters with names, you have to come up with something else,” explains the vendor that delivered the software. “That’s how we came up with flower names, you can not confuse them, but they look like names for the system. Therefore, it is not necessary for organizations to change entire programs to comply with the new privacy law”.° 

Note that data anonymization/ pseudonymization technology does not require you to use plant and animal names. Most of this type of implementations will convert real to fictitious names and addresses that even better reflect the reality and perhaps better also match the usage requirements (i.e. specific application testing requirements). Typically substitution techniques are applied where a real name is replaced with a another real name.

 

Take aways

Pseudonymization vs anonymization

Pseudonymization and anonymization are two distinct terms that are often confused in the data security world. With the advent of GDPR, it is important to understand the difference, since anonymized data and pseudonymized data fall under very different categories in the regulation. Pseudonymization and anonymization are different in one key aspect. Anonymization irreversibly removes any way of identifying the data subject. Pseudonymization substitutes the identity of the data subject in such a way that additional information is required to re-identify the data subject.  With anonymisation, the data is cleansed for any information that may be an identifier of a data subject. Pseudonymisation does not remove all identifying information from the data but only reduces the linkability of a dataset with the original identity (using i.e. a specific encryption scheme). 

 

Pseudonymization is a method to substitute identifiable data with a reversible, consistent value. Anonymization is the destruction of the identifiable data.

 


Only for test data management?

You will need to look into your exact use cases and determine what techniques are the most appropriate ones. Every organization will most likely need both. Here are some use cases that illustrate this: 


Use caseFunctionalityTechnique
Your marketing team needs to setup a marketing campaign and will need to use customer data (city, total customer value,  household context, …).Depending on the consent that you received, anonymization or pseudonymization techniques might need to be applied. Data Masking
You are currently implementing a new CRM system and have outsourced the implementation to an external partner.Anonymization needs to be applied. The data (including the sensitive PII data) that you use for test data management purposes will need to transformed to data that cannot be linked to the original.  Data Masking
You are implementing a cloud based business application and want to make sure that your PII data is really protected. You even want to prevent that the IT team (with full system and database privileges) of your cloud provider has no access to your data.Distinct from data masking, data encryption translates data into another form, or code, so that only people with access to a secret key or password can read it. People with access but without the key will not be able to read the real content of the data. Data Encryption
You have a global organization also servicing EU clients. Due to the GDPR, you want to prevent  your non-EU employees to access data from your EU clients.Based on role and location, dynamic data masking accommodates data security and privacy policies that vary based on users’ locations. Also data encryption can be setup to facilitate this. Data Masking
Data Encryption
Your have a brilliant team of data scientists on board. They love to crunch all your Big Data and come up with the best analysis. In order to do that, they need all the data you possibly have. A data lake also needs to be in line with what the GDPR specifies. Depending on the usage you may need to implement anonymization or pseudonymization techniques.Data Masking

 

Is Pseudenomization the golden GDPR bullet?

Pseudonomization or anonymization can be one aspect of a good GDPR approach. However, it is definitely not the complete answer and you also will need to look into a number of other important elements:

  • Key to the GDPR is consent and the linked purpose dimension. In order to manage the complete consent state you need to make sure that this information is available to all your data consumers and automatically applied. You can use consent mastering techniques such as master data management and data virtualization for this purpose.



  • Data Discovery & Classification

    The GDPR is all about protecting personal data. Do you know where all you PII type of data is located?  Data discovery will automatically locate and classify sensitive data and calculate risk/breach cost based on defined policies.


    Data Discovery & Classification

  • Data Register

    A data register is also a key GDPR requirement. You are expected to maintain a record of processing activities under your responsibility or with other words you must keep an inventory of all personal data processed. The minimum information goes beyond knowing what data an organization processes. Also included should be for example the purposes of the processing, whether or not the personal data is exported and all third parties receiving the data.

    A data register that is integrated in your overall data governance program and that is linked with the reality of your data landscape is the recommended way forward.




° Financieele Dagblad

Also in need for data masking or encryption?

Would you like to know how Datalumen can also enable you to use your data assets in line with the GDPR?

Contact us and start our Data Conversation.

EUROPEAN RETAILERS ARE MISSING 35% OF SALES DUE TO LACK OF PRODUCT INFORMATION

The holiday season is the most important sales moment of the year. Nevertheless, a Zetes study reveals that retailers miss about 35 percent sales due to products not being immediately available or the lack of product information.

A quarter of consumers leave a store without actually buying anything if they do not immediately see the product that they are looking for or if that is not immediately available. It is one of the conclusions of a market research conducted by supply chain expert Zetes. The study specifically focused on buyer behavior during the annual peak period between November and January and analyzed both physical and online retail. 120 European retailers and over 2000 consumers were interviewed for this study in the January 2018 timeframe.

Time is money

The study states that stores miss 35 percent of sales due to the unavailability of products. The main reason for this is the expectation of the customer: more than in the past, customers will simply leave a store if they do not immediately see a product and they do not bother to talk to a shop assistant. 

If customers do however approach a shop assistant, they expect to receive more information about the product availability within two minutes. A rather limited window of opportunity especially if you know that the study also calculated that 51 percent of shop employees need to go to a cash desk to obtain the necessary information, and that 47 percent also needs to check the warehouse to verify the availability of a product. Both actions cost time and time is very expensive during the peak period. The study also reveals that 62 percent of retailers do not have access to real-time product data.  

Return Management

Also deliveries and returns typically cause extra problems during these busy months. It is common knowledge that people tend to buy quicker when they are sure that they can possibly return a product. The processing of returned parcels also causes problems. 26 percent of retailers indicate that they are having problems during the peak, so that only 39 percent of the returned goods are available for sale within 48 hours.  

Conclusion

“A lack of visibility of data is the core of these sales problems during the holidays,” the report states. “Consumers want choices, and they want to be informed. Instead of a general “not available” message, a retailer has a much greater chance of securing sales by telling the customer that a product will soon be back in stock and delivered within three days or will be available for click & collect.” There is still a significant room for information management improvement with direct sales optimization as a result. 

More information
https://www.zetes.com/en/white-papers

Also in need for real-time product information?

Would you like to know how Datalumen can also enable you to get real-time product information?

Contact us and start our Data Conversation.