CROSS-INDUSTRY STUDIES SHOW THAT ON AVERAGE, LESS THAN HALF OF AN ORGANIZATION’S STRUCTURED DATA IS ACTIVELY USED IN MAKING DECISIONS—AND LESS THAN 1% OF ITS UNSTRUCTURED DATA IS ANALYZED OR USED AT ALL. MORE THAN 70% OF EMPLOYEES HAVE ACCESS TO DATA THEY SHOULD NOT, AND 80% OF ANALYSTS’ TIME IS SPENT SIMPLY DISCOVERING AND PREPARING DATA. DATA BREACHES ARE COMMON, ROGUE DATA SETS PROPAGATE IN SILOS, AND COMPANIES’ DATA TECHNOLOGY OFTEN ISN’T UP TO THE DEMANDS PUT ON IT.
-Harvard Business Review, May-June 2017 Issue
Data strategy “zooms out” several levels to include the users of – and uses for – information to support new, rapidly changing business processes and new opportunities for analysis
Data management is no longer just about the ability to store and process or create and delete data. It’s now about a holistic approach to managing all the information your business is collecting to improve business processes and discover new opportunities for analysis, then turning that into better decisions and companywide value.
Digital transformation (DX) is the hot topic in nearly every boardroom, but many executives are asking the question: “Where do we get quick wins that will kick-start our efforts and show the organization that DX can help them do their work?”
Numerous articles and presentations focus on the “how to” – creation of your digital strategy, but far fewer actually point you in the direction of implementation tactics, and even fewer, quick wins to support the transformation efforts.
Here are some ideas to gain quick wins in your digital transformation efforts.
Map One Success Metric to Actionable Data
Like the age-old question, “How do you eat an elephant? One bite at a time!”, picking a single success metric achievable through a data-driven effort, makes getting underway much easier.
One common metric is eliminating data “silos” – data accessible to only a limited group of users or one function within the organization - which make access to data difficult from areas that do not utilize the application(s) directly producing or consuming the data. By increasing access, you can encourage innovative use of that data by other areas.
One of the highest impact efforts might be to survey the organization regarding their ability to gain a full perspective on your customer, and use that as the driver to determine the first data silo(s) to attack.
Establishing a simple front-end dashboard application for that specific data store, provides a way to support 360o access and encourage innovative use of that data by other areas. This also provides a great opportunity to gain valuable feedback from the organization in a proof-of-concept but live “hands-on” example. With that feedback, additional data stores can be easily added and a more feature-rich front-end established, either purchased based on the feature set defined through this effort, or built out more fully by the internal team. One of the highest impact efforts might be to survey the organization regarding their ability to gain a full perspective on your customer, and use that as the driver to determine the first data silo(s) to attack.
Identify A Specific Data Quality Issue
You can leverage the effort you invest in your first quick win to extend that to a data quality element. Let’s say you picked end-to-end customer view as your actionable data access goal. Along with that, you could determine, though user feedback, validity of the data they are now seeing. This creates a closed loop and that feedback allows you to monitor and manage the quality of the newly visible and available customer data.
It may be that a simple adjustment to one or more applications, each of which use different input selection lists, would improve quality immediately – for example one application might use the full state name “Massachusetts” while another might use “MA” for the state field. These simple changes have a big impact in future analytics usability and overall data quality.
Address Key Management Reporting Accessibility
We also frequently hear the lament “I can only get a report after weeks of waiting, if at all, and then it may not actually provide the analysis I needed.” This quick win is to move the reporting ability into the hands of the users. One key here, of course, is ease of use. The tool provided must be simple to use and intuitive. Including video tutorials, 1-on-1 or other training for the managers as it is rolled out is vital. It might be the same application or tool you used to provide your initial integration effort in the first quick win, which may mean less effort here as you continue to deliver incremental additional function.
This is a powerful quick win, however, due to the spotlight you have now aimed at your data. If management users can now easily see a view of the data from areas previously inaccessible, it pours fuel on the fires of change and speeds you along the DX journey.
Looking for a key quick win that spans several of the elements of the data strategy stack, as you can see, will power up your DX journey and demonstrate value to the organization, which, as we know, is key to motivating the necessary change adoption so vital to success in the transformation to a data-driven model.
Cybersecurity Quick Wins NOW / Feel Like You’re the Hamster? – Take Control of Cybersecurity / (3 Ways to) Gain the Offense in Cybersecurity / Balancing Offense and Defense in Cybersecurity / The Best Defense IS Offense (in Application Development)
We have seen how the cybersecurity landscape has sifted significantly in the last few years. According to the 2017 Verizon Data Breach Incident Report, web application attacks were the fourth most significant incident category and the #1 most frequent source of breaches. As enterprise security professionals, tools, and counter-measures continue to improve the security of the infrastructure, cybercriminals have move on to areas where vulnerabilities are easier to find and exploit.
This highlights the conventional wisdom of defense - securing endpoints, your network, and implementing sophisticated malware and virus management, though still extremely important, lack the ability to address the new reality – the application layer that is now the target.
Forrester, in the description of their report The State Of Application Security, 2018, states “In 2017, applications rolled out the welcome mat to malicious hackers, topping the list of successful external attack targets. Why? Developers continue transitioning from perfect to fast to provide unique customer experiences, and there aren't enough security pros to maintain manual application security review processes.”
Here’s some quick wins that application security can provide to put you on the offensive in cybersecurity.
Reduce Risk at the “Source”
Studies show that application errors are 10 times more expensive (read difficult) to find and fix once the application has been released. The inverse, therefore, is where the benchmark should be set. Security tools, several of which nicely integrate directly into the development environment, provide immediate feedback on potential vulnerabilities. Developers can then immediately eliminate the identified vulnerability so it doesn’t even make it into unit test.
Security Training for Non-Security Development Staff
Overall, people, and their predicable behavior, are still the #1 source for active breach incidents. So along with the user training your security staff has implemented for your users ongoing training should be established for your development team. Making sure they understand key vulnerabilities like the top-listed injection vulnerability identified in the OWASP 2017 Top 10 report, cross-scripting attacks, components with known issues, and other possible attack vectors will assist in significantly reducing risk.
Inventory and Schedule Assessments
One leading application security vendor has found that as many as 70% of applications fail the OWASP vulnerability scan, while another indicates that many mid- to large enterprises may have many web pages, websites, and web applications no longer actively managed or even inventoried. Assigning responsibility for a comprehensive inventory of active web pages, web applications, and as well as externalized application interfaces that are web-accessible should be a high priority. Then schedule a check-up – determine on a priority basis which applications pose the most significant risk and assess them first, but be sure to assess all your web applications as soon as possible.
George Washington wrote in 1799: "…make them believe, that offensive operations, often times, is the surest, if not the only (in some cases) means of defense". Good application security planning will allow you to take the offense.
You’ve selected your solution, IT and business managers are in alignment, enterprise software implementation begins...the system goes live as planned. But as you talk to staff who are supposed to be using the system, adoption is not what you intended it was supposed to be. Users are rebelling, the old process lingers – except now it is manually managed outside the shiny new system. Rather than productivity gains, things are now taking longer. The board room is awash in argument about how to fix the “failure”. If you’ve experienced this – or if you are in it right now – it may be reassuring to know it is, sadly, a common situation. You know that change is difficult and the fear of change ranks nearly as high as the fear of public speaking or death! Yet all too often the project plan fails to include, consider or budget for specific change management elements, certain to result in project failure, or at the least, lengthy and painful transition.
You are on top of the company’s financial state and everything is in tip-top shape. You can instantly show where the company stands – from days receivables to payables balance, cash on hand, employee turnover and cost of benefits. But, if you were asked what the finance department has for an internal “ROI”, what would you say? If you were focused on improving the productivity, efficiency, and effectiveness of your department, where would you start? What might have the largest impact? We frequently hear from CFO and Finance Executives who feel that IT distractions are high on their list of things that, if addressed, could achieve all these benefits.
Those Clouds Have Rocks!
When I took flying lessons, my instructor would always warn, “watch out for the rocks in those clouds”. What he meant was you might encounter hidden dangers - dangers that pretty much only occur in the clouds.
Similarly, there are a number of hidden dangers when running your business on a cloud-centric IT architecture, whether you are privately developing and managing that infrastructure, utilizing SaaS applications, or cloud-hosted applications. So if your business depends on the cloud, be sure you’re not vulnerable to spinning out of control should you encounter a “rock in the cloud”!
MIND THE GAP: SURVEY KEY TO AVOIDING QUICKSAND IN ERP SOFTWARE IMPLEMENTATIONS
When I talk with IT leaders, whether they’re at companies as big as the top of the Fortune 500 list, or much smaller, I hear stories about the dark underbelly of business process automation. Just the other day I had an example from the top IT troubleshooter at a Fortune 10 pharmaceutical manufacturer.
White-hair Software: 5 Simple Steps to Modernization
If you are still running text-based software – often called “green screen”, you’re not alone – many companies do because it just works! Further, the cost to upgrade to new systems can break the budget, if not the entire company.
But text-based systems are challenging. You’re probably frustrated at the dwindling number of people who are interested in working on a text-based system, and concerned that at some point you’ll have to update your system. So, in the face of limited budget and potentially a lack of experienced developers for the platform, what can you do?
Here are 5 simple steps to evaluating your choices and moving toward a modern interface: