Get a Handle on Your Data: DataSeers on the Importance of Data Governance & Management – PaymentsJournal

Podcast: Play in new window | Download

One of the most pressing issues facing companies in thepayments industry is how they handle their data. Since financial transactionsand services generate large amounts of data, financial institutions need tohave a robust system in place to effectively process, analyze, and store theinformation.

Security is paramount, as the data is highly sensitive, andhackers are constantly trying their utmost to access it. And due to howvaluable and sensitive the data is, companies must comply with a myriad ofgovernment regulations dictating acceptable practices. Its essential thatcompanies understand where their data comes from and how to maintain itproperly.

To learn more about the importance of data governance, datamanagement, and what solutions exist to help companies navigate the problemsassociated with data handling, PaymentsJournal sat down with Adwat Joshi,founder and CEO of DataSeers, and Tim Sloane, VP of Payments Innovation atMercator Advisory Group.

PaymentsJournal

PaymentsJournal

During the conversation, Joshi and Sloane discussedDataSeers five step approach to data governance, data management, datasecurity, and what data quality means. They also covered encryption, and the intersectionof encryption with authentication and authorization.

Data governance is a major question facing the paymentsindustry. Regulators are increasingly scrutinizing how companies are governingtheir data and whether they are doing so correctly. Even without the scrutinyof regulators, solid data governance is vital for companies to be successful.

This is because bad data makes it challenging for companiesto use it effectively. If I dont have what I need, and its not in a goodformatits not rightthen how can I ever do anything with it? explainedJoshi.

One element of DataSeers approach is data profiling, whichentails reviewing the various data types to determine whether the data consistsof numbers, text, or a mix of the two. It gives you a clear understanding ofwho is sending what, said Joshi, allowing companies to request that the dataget cleaned before being accepted by that company.

DataSeers solution also enables authentication,authorization, and auditing. We want to make sure that we authenticatedanybody who is trying to access the data, said Joshi. Authorization means thatonly people with proper permission to view data are allowed to do so. The lastpart, auditing, means that companies can keep track of who accessed the data,when, and which data specifically. This helps ward off against internal fraud.

Sloane noted that authentication, authorization, andauditing is more important than ever due to a variety of new regulations,including the E.U.s General Data Protection Regulation (GDPR) and Californiasdata regulations.

Overall, DataSeers approach assumes that the data is comingin as a mess. Therefore, the companys proprietary process is designed to cleanthe data, homogenize it, label it, enhance it, encrypt it, and allow for it tobe seamlessly distributed. By taming the data, DataSeers enables companies tomore effectively leverage it.

Understanding and documenting where data is coming from,when it is coming, and what is coming is very important for companies. Beingable to keep track of all these questions is known as master data management(MDM). Sloane likened MDM to housekeeping, pointing out that while MDM is oftenoverlooked, making sure you know where everything is kept, if it is labeled,and who has access to what, is all essential.

Since it is such an integral part of many companiesworkflow, MDM is a very big industry, with many companies offering productswhich allow clients to better manage their data.

However, unlike a lot of solutions in the market, DataSeersapproach is tailored made for the payments industry. We understand what isrequired in order to have a better compliance platform, a better fraudplatform, and even a better reconciliation platform, said Joshi.

The next major aspect of effective data governance andmanagement is data security.

My definition of data security is the person whos supposedto have access to the data at the very specific time is the only person, atthat very specific time, who gets access to that very specific data, offeredJoshi. If the wrong person tries to access the data, or even the right personbut at the wrong time, denying them access is key to data security.

Joshi provided a useful analogy of someone securing theirhouse. If someone invested in a series of security tools, such as a camera,fancy lock, and expensive security service, yet forgot to lock the front door,all the fancy tools would be for naught. Similarly, the basic thing you haveto really think about is how well protected your data is at the source, saidJoshi.

DataSeers approach to securing data is unique, said Joshi.We call it the submarine architecture. It works by compartmentalizing thedata, so if one section gets compromised, the rest of the data is safe, similarto how a submarine compartment can fill up with water, but the rest of thesubmarine remains safe. An end user faces multiple steps upon logging into thesystem and is ultimately unable to get all the way to the source.

Assessing the quality of a data set is not a straightforwardexercise. You cannot just assign an arbitrary number to data set, labeling itsquality as 80, for instance, and have that make any sense. Instead, the qualityof data is measured by your ability to act on it, said Joshi.

If you are able to act on it with less noise and highaccuracy, your data is potentially very good quality, he said.

Sloane agreed, adding that the quality of data is dependentupon the purpose that youre going to apply the data to.

To this end, DataSeers invented a quality index on scale of1-100, which signals how actionable the data is in various situations.Depending on the specific situation and corresponding algorithm, each data elementis weighted for how important it is.

Encryption is another important aspect of good datamanagement. As Joshi noted, encryption is a broad term, which can refer to datathat is encrypted to simply comply with PCI standards, or data that isencrypted on multiple levels. In the former case, the data is only encrypted atrest, which means it can still be vulnerable.

Therefore, If you really want to do encryption, if youreally want to encrypt your data, data encryption has to happen at multipledifferent levels, said Joshi. DataSeers offers this level of encryption in itslatest release of software. We are supporting even column level encryption,stated Joshi. We are trying to keep the data encrypted as much as possible.

Such an approach allows users to access reports, but maybenot a specific column contained within, depending on who the user is and thecolumn in question.

Sloane pointed out that encryption like this combinesauthentication and authorization, allowing people to view only what theyresupposed to view.

Joshi agreed, adding, One of the things that we areimplementing is everything that comes out of our platform will be encrypted insuch a way that the only person who can decrypt it is going to be our clients.

Approaches to data such as the one embraced by DataSeersprovides companies with the platform necessary to get the most out of theirdata.

Summary

Article Name

Get a Handle on Your Data: DataSeers on the Importance of Data Governance & Management

Description

Security is paramount, as the data is highly sensitive, and hackers are constantly trying their utmost to access it. And due to how valuable and sensitive the data is, companies must comply with a myriad of government regulations dictating acceptable practices. Its essential that companies understand where their data comes from and how to maintain it properly.

Author

PaymentsJournal

Publisher Name

PaymentsJournal

Publisher Logo

Excerpt from:
Get a Handle on Your Data: DataSeers on the Importance of Data Governance & Management - PaymentsJournal