IoT success depends on data governance, security and privacy

10 common mistakes spotlight pitfalls and lessons learned

By Karyn Murphy, Managing Editor, IDG Strategic Marketing Services

Tyrone Grandison, Deputy Chief Data Officer at the US Department of Commerce, says “agility and nimbleness” are key to capitalizing on emerging trends like the internet of things (IoT).

But he warns that “waterfall demands” on the data management life cycle will force firms to increase their focus on more complex and detailed data governance. These intensified demands, in turn, lower the probability of organizational success in this space.

When industry experts were asked to weigh in on the topic, several key themes emerged. The result is a list of 10 common mistakes organizations have made in their efforts to seize the momentum around IoT.

With the IoT, big data has become even bigger and more dynamic, amplifying both the opportunities and the challenges.

1. Engaging innovation without the proper preparation

We all know we shouldn’t innovate for innovation’s sake. According to Sam Edelstein, Chief Data Officer at the City of Syracuse, “The biggest danger relative to IoT likely has to do with treating it as a shiny object.” He warns that preparation will “take time and money,” which affects its potential. “Without it,” he adds, “investment in IoT could result in little or no benefit.”

2. Not clearly understanding data or accurately defining the problem

Preparation must be rooted in clarity. Dana Blouin, IoT thought leader, reports that “the biggest mistake a company could make to put themselves in jeopardy would be to not clearly define a data privacy policy, which clearly outlines what the scope of the data being collected will be and how it will be used.”

Calum Barnes, Senior Manager at Xively, adds that not all data is good data. This leads to excessive collection, which comes with its own issues – from processing to security. “All data is not created equal. While collecting and processing data into actionable intelligence is a great benefit of connected devices and the IoT, companies should start by first understanding the problem they are looking to solve and collect the data that will help solve that problem.”

3. Not asking the right questions

Kirk Borne, Principal Data Scientist at Booz Allen Hamilton, reminds us that “the promise of IoT is greater visibility and actionability.” Further, he contends that “this promise can go unfulfilled” if we don’t ask the right questions, such as:

  • Who owns the data?
  • How do we ensure data quality, discovery, usability and security for the many different teams and business units that create, use and manage the data? 
  • What are the key business questions and goals that are driving what data we collect and use?
  • How do we manage ad hoc data analytics? Do we restrict it or encourage it?

4. Failing to anticipate the flood of data and breadth of complexity

“Data governance is getting evermore complex with the devolution of company tech borders, [with] data flowing to and from a breadth of devices, which are more often mobile and across a wider range of operating systems and platforms,” says Ian Moyse, Sales Director at Axios Systems.

Rob Steele, Consulting Systems Engineer at RoundTower Technologies, adds, “Most businesses already have a big data problem as they are constantly trying to keep up with the influx of new data, including the rapid growth of the IoT.”

5. Keeping too strong of a hold on data

To many, governance is synonymous with control – that is, to ensure security and compliance, even data quality. But Chuck Martin, Editor at MediaPost, contends that it’s a mistake to “too tightly restrict the ebb and flow of information, especially among and between connected devices.” That kind of grip can quickly break down the agility and nimbleness for which we strive.

6. Skipping compliance best practices

Compliance best practices are there for a reason and should be embraced. According to Glen Gilmore, Principal at Gilmore Business Network (provider of digital marketing and social business strategic consulting): “The Federal Trade Commission (FTC) has urged business to adopt specific best practices relating to big data and connected devices. The failure to adhere to these articulated best practices is a failure of governance and the Achilles’ heel of legal liability in the use of big data and IoT.”

7. Underestimating security and privacy implications

Bill McCabe, Recruiter at SoftNet, says it’s a mistake to “underestimate the added security and privacy demands that come with the introduction of IoT.”

When everything is connected, everything is at risk, Gilmore points out, and “a data breach destroys consumer trust and can devastate an enterprise’s reputation and business. In the rush to capitalize on big data and connected devices, businesses are putting themselves at big risk by not putting privacy and security first.

”IoT data that’s collected for analytics often includes sensitive customer information. That data should be treated like an asset – governed, secured and safeguarded for privacy.

8. Taking data platforms (and people skills) for granted

We often assume that the infrastructure – both the platform and the people – are there to support our innovations. But Steele urges us to take a hard look at such assumptions. “The infrastructure that data lands on is overlooked and is a critical foundation for dealing with mass amounts of data in an efficient and secure way. Companies must utilize scale-out or hyperconverged infrastructure with native security and Hadoop Distributed File System (HDFS) capabilities.” Then, he says, we can put greater focus on quality and governance.  

Moyse points to “strong, in-house expertise and change methodologies … It will be all too easy for an employee or department to self-serve an IoT device, as we have seen with bring-your-own-device (BYOD) and departmental cloud applications.” This, he says, exposes the business to "risk from an unplanned and unexpected IP device connecting through the corporate network.”

Like any investment, “Companies must invest the time and resources to ensure their employees practice sufficient online safety, and do not reveal weaknesses through unfamiliarity with a device or worse, trust in its apparent innocence,” adds Steve Prentice, Senior Writer at CloudTweaks.

9. Operating under a veil of complacency

We need to take ownership of our data governance. Martin warns that we mustn’t fall prey to “complacency regarding external technologies, expecting that outside suppliers have products that are completely bulletproof.” Do the necessary due diligence to make sure governance is covered – or pay the price.

10. Waiting until all the ducks are in a row

Finally, we often wait until every possible kink has been smoothed. But don’t wait too long. According to Daniel Newman, CEO at Broadsuite Media Group, “It’s a risk to wait on leveraging the power of big data – but even if you aren’t jumping in strategically, your plan to manage compliance needs to be a priority for when you do.” Translation: Get involved.

The internet of things – Rise to the challenge  

These common mistakes are inherent with big data in general. But with the IoT, big data has become even bigger and more dynamic, amplifying both the opportunities and the challenges. The resulting need for data governance, data security and data privacy has never been greater. As Borne reminds us, in the words of Dwight D. Eisenhower: “Plans are nothing. Planning is everything.” So, plan away – and then get underway.


Get More SAS Insights

Want more Insights from SAS? Subscribe to our Insights newsletter. Or check back often to get more insights on the topics you care about, including analytics, big data, data management, marketing, risk and fraud.