Information is the most valuable asset in the contemporary (business) world, and every company aspiring to stay relevant in the market — regardless of its industry — must become data-driven. However, such an endeavor requires companies to not only have teams and access to tools but also a culture that values data.
Therefore, the sooner organizations acknowledge the power of data, the sooner they can start working on these three prerequisites for their operations’ long-term success.
In this episode of Identity Revolution, Colin Marden, a Senior Solutions Architect at Amazon Web Services, joins Infutor’s host Eric Gastevich. Together they discuss cybersecurity, personalization, and of course data in business.
Also be sure to check out the recent webinar – Enhance your customer’s mobile experience through third-party data – featuring Colin Marden, Ankit Patel – Senior Vice President Engineering at Foursquare, and John Barnes – CTO at Infutor.
How Cybersecurity Has Changed Over Colin’s Career
“I started working in security at the turn of the millenium. So the key issues around security were things like the millennium bug. But since then, we’ve seen an evolution in information security, privacy, and consumer expectations. As a result, we’ve seen regulations such as GDPR, but we’ve also seen other regulations emerge regionally, and it’s a bit of a fragmented ecosystem in that respect.
Other big changes that I’ve seen are moving from security to InfoSec, and we saw the emergence of cyber. I remember when cyber was a much-derided term in the industry, whereas now it’s front and center in terms of what people are looking to learn and achieve.
Those changes extend to culture and mindset as well. So historically — when I first entered the industry, it was: move fast or be secure. And that was the choice that people made. And one of the reasons for that was governance compliance and risk. We’re all ingrained parts of the security posture, and that’s particularly prevalent in financial services organizations and also in those kinds of other highly regulated organizations.
So, as we’ve moved forward, that whole idea of moving fast and being secure has been evolving with the cloud. Cloud has allowed many kinds of consumers to move with greater agility and with arguably better security and control — certainly in observability — and it’s certainly easier. And I don’t say easy — it’s not easy, but it’s certainly easier to put in place a modern control and security framework with good governance in the cloud.”
Mobile Is Often the Gateway to the Internet
“As individuals, we probably have a sense of how important the mobile experience is because we all interact with the internet via our mobile applications today. Billions of people are doing that at home. They’re doing that for work; they’re doing it in the workplace even to move between those locations.
Travel is one of those big areas where we find ourselves using those mobile solutions. The rate at which mobile internet use is growing has already exceeded desktop growth, with over 90% of the global internet population using a mobile device to get online.
So, in reality, mobile is often the gateway to the internet, and this is particularly relevant for continents where internet access is largely mobile-first, for example, in Africa.
So, once we think about the major prevalence of mobile applications and a primary route for accessing the internet, we need to think about where people spend their time on the device. So when we did an analysis on that, 90% of screen time on mobile is expected to be spent on applications rather than direct browsing.”
Challenges Around Personalization
“It’s a data challenge, and one of the reasons that consumers are not getting what they need and companies can’t produce the experience that consumers want is the data. It’s because there’s often not enough of it. So maybe, they’re not collecting it at the source — from the end user.
The second aspect is that it’s often siloed. We have modern agile development teams, and they own data domains. That means that the data that resides in their domains hasn’t been democratized. It isn’t available to the whole organization, and if it is, it’s often badly structured.
So interacting with applications often means that your data is going to come in JSON formats, which isn’t necessarily perfectly structured for use by a business analyst. It might need some interpretation or transformation. So structure can be an issue. Trust and data quality are a big consideration for organizations wanting to use data to derive insight into consumers because it’s really easy to get wrong; it comes with a risk. […]
Added to that, we have this concept of owners, and ownership is often both positive and effective for governance and control, but in contrast, it creates barriers. People think ownership means that you own distribution. People think that that kind of distribution might loosen their grip or devalue the data or create duplication or replication that may be damaging their golden source.”
AWS Helps Companies Concentrate on Their Core Business
“One of the things that AWS brings you is the ability to meet core security and compliance requirements out of the box. So think about things like data locality and the ability to prove that data is in a particular place and stays in that particular place. AWS and our global infrastructure have been built to accommodate those compliance and assurance expectations — not just in terms of locality but in terms of data, privacy, protection, confidentiality, and integrity.
You don’t have to do that over and above engineering. We talked about bolt-on security and how security should be an ingrained part of your development processes throughout the entire product life cycle. And that’s an ethos that we have at AWS in the wider Amazon organization. We talk about security being job zero at AWS.
What that means for you as a consumer is that security is an ingrained part of data processing. So when we talk about encryption, it’s not a matter of being able to overlay controls on existing things in AWS. It’s a matter of choosing the appropriate encryption, clicking the button, and clicking safe.
So a lot of what we do is enable our consumers to scale with superior visibility and control. We want to take a lot of the effort that companies are putting into security and privacy and help them concentrate on their core business, and we do that by providing the tools and the automation and the techniques for you to deliver that kind of automation in terms of quality and consistency.”
[04:24] “Whilst we have the tools and an evolution of mindset, companies still face the same barriers and restrictions because ultimately they still have the same security posture and expectations when it comes to data. And that’s my new frontier. It’s the data. So I take an interest in the data space for a range of reasons.”
[14:23] “No single individual owns the data; it’s a corporate asset. And when we talk about ownership, we talk about responsibility and accountability for it. They can’t take it home at the end of the day; it’s not their property. So to be able to use data in personalization, we need to move away from that mindset and begin to think about how we can democratize data, make it accessible, and connect our consumers to our producers.”
[17:49] “They’re the two areas that I would focus on. One is access to data, cleanliness of data, and use of data; and, then two is being organized for success, having the appropriate culture and mindset, and being able to bring the people to the data without traditional barriers that we might have faced in the past.”
