data security

The Agile, Evolving Organisation Needs a Living, Evolving Data Ecosystem

The Agile, Evolving Organisation Needs a Living, Evolving Data Ecosystem

An agile and secure data ecosystem supports the future organisation, delivering seamless customer and employee experiences, supply chain and M&A integration and speed to market innovation.

It’s My Data and I’ll Share If I Want To

It my data and I’ll share if I want to (Image).jpg

Data is at the heart of any corporation. Though it is not always reflected directly – a large part of a company’s value is in its secrets – data that only it has.

Employment contracts, supplier contracts etc. reflect the value of these secrets - given that they all come with a range of confidentiality agreements and security policies and procedures attached. Presently, a lot of these agreements, policies and procedures are onerous - a simple example is trying to copy a confidential document to a USB disk on your corporate desktop – generally, and understandably, this is impossible.

The escalation in risk averseness around data increases exponentially when a company or business division wants to share data with partners/suppliers etc.; currently, it is an extremely complex problem to deal with.

The real complexity around data sharing is around (classified) data protection from a business, regulatory, legal and technical perspective. 

When it comes to sharing data, business relationships can be truly convoluted – the dimensions and exceptions to how and who data is shared with are, more often than not, based on a myriad of permutations. For instance, Company A may want to share their data with Company B but, only: a) as it relates to their Exploration and Production Department, b) for a restricted time period and c) across a narrow range of topics; in addition, it may be that the data is encumbered with export restrictions.

Add in the many potential process, control, technical and legal restrictions around the data and you end up a breathtaking list of requirements.

Blockchain technology has been touted as a technological solution for sharing data – using the blockchain network to verify that the data can be trusted by having to share the data with, literally, every node and every stakeholder – including competitors - within the blockchain network.   

However, blockchain technology does not satisfy many - if not most - of the multitudes of constraints imposed on data sharing from the business, regulatory, legal and technical perspectives.

If you look at data sharing from a data owner’s point of view, the requirements are simple – it’s my data and I’ll share if I want to. I want to be assured that:

  • I know exactly what is being shared, with whom and who has looked at/interacted with it.

  • The Data Security and IT departments are happy with the security controls,

  • I can show the lawyers and auditors what I am sharing, if they want to know.

  • I am complying with regulatory requirements (e.g. around PII (Personally Identifiable Information) and GPDR).

The points above outline why existing approaches, which are largely about the technical process of sharing data, fail to meet most of the constraints in any meaningful way. Blockchain is no exception. 

Let’s consider the two primary “flavors” of blockchain. The Public blockchain and the Digital Ledger blockchain:

  • Public blockchain has no restrictions on who can be part of the data sharing. Anyone can be part of the Public blockchain process - from competing to mine and add new blocks, to being part of the consensus process to validate new blocks.

  • Digital Ledger blockchain is a variant on the Public blockchain concept but in this flavor permissions and access rights must be granted to the participants in the Digital blockchain process. Lots of big corporations, like IBM and Amazon, market their version of a Digital Ledger.

Any data that is written to either flavor of blockchain is (by definition) on the chain forever; it can’t be removed without breaking the fundamental tenant of how blockchain works. Even in the Digital Ledger flavor, if a one of your competitors joins the same Digital Ledger blockchain then they have access to the data that you have shared via blockchain. This is a business advantage that you would never have given them – but you have done, due to the way blockchain works.  Great for cryptocurrencies but not so much for non-currency challenges.

However, that is not the major problem with the touted blockchain solutions for business. The real problem is Governance.

Governance has two pillars - the computer-controlled part and the human-controlled part.  It’s like having a written Constitution before you start the blockchain and share any data. This constitution describes what power and authority you have delegated to the blockchain related to your data.  

The computer-controlled part is the easier of the two to set up and to update over time because it is limited to computer architecture problems.  When flaws/errors/inconsistencies in computer programs are discovered we fix them.  

The human-controlled part is far more difficult.  How do you decide that something needs to be fixed and what the proper fix is… when the blockchain is distributed across tens of millions of computers, all controlled by their owners?  Who gets to make that decision?  How can you force all those people to accept your decision?  It is a gross understatement to say that there are lots of governance problems with a widely distributed system, which has no real owner.  

If you haven’t set up your constitution prior to the blockchain starting, you’re in real trouble.  Real trouble. You can’t update, bolt-on or add in anything and think that, somehow, the governance problem is solved. 

As such, businesses need to completely rethink how they’re going to solve this emergent, fast growing, and critical business survival requirement. That is why we built Fl@World. 

Fl@World is the robust, next-gen, data ecosystem technology that empowers people to securely share, integrate and analyze data from disparate sources, within and between organizations and technologies, through a real-time unified view, with global compliance built-in.  

But, most importantly, it is designed for multi-jurisdictional/governance environments – solving the real business and technical barriers to data sharing.  Fl@World addresses both human and computer-controlled governance issues. In particular, with human-controlled governance, Fl@World allows the owner of the data to control all aspects of their data; governance is left in the hands of the owner forever.  It is never ceded to others.  

Out of the box, Fl@World forms real-time data ecosystems across organizations and entities, including new and legacy technologies. It:

  1. integrates unstructured and structured data, without changing the format.

  2. ensures data security, PII safety and alignment to global compliance frameworks, with a chain of evidence.

  3. provides a real-time unified view of your customer or company, with customer analytics record.

  4. is a cost effective, scalable solution that is simple to use, scale and implement.

Fl@World allows you to get control and secure your data today and realize the value of your data tomorrow.

By Michael T. McDonald and Les Aker

For further information about Fl@World contact us via this form or email: moreinfo@flatworld.world.