I think about data encryption, physical access controls to servers and such on a regular basis. But there are all kinds of formats via which data gets stored or communicated. The Rhode Island Department of Labor recently had a data breach involving their call center. Customers were able to hear conversations on other calls. The department estimates fewer than 700 people were affected.
- Paper forms in which data is originally collected. Think membership forms, applications, feedback and suggestion forms. I remember seeing a binder full of membership forms being used to prop open a door on the sidewalk in front of a store. When I pointed out to the manager that this was a problem, he shrugged and said it wasn’t a problem because all the data had already been keyed in and therefore no longer had any value to them except when the systems were down.
- Video and photographs. The advent of video analytics and photo analysis means that we are collecting, storing, and putting at risk more data than ever before. I remember seeing a retailer’s security video tapes sitting all lined up on a counter at the back of a store. The only thing that made this somewhat safe is that most likely the security system was probably so poor it would be impossible to determine who was on those videos. But now video analytics allow retailers to determine when you visit their store, who you shop with and what products interest you.
- Conversations. Yes, all those "may be recorded for quality purposes" call center calls are most likely chock full of your personal information. I worry how well those data sets are being protected, too.
I believe our role as data professionals should go beyond protecting the data held in a traditional database. Because I’m not sure anyone else is even considering that data. And I’d bet the bad guys are betting that no data professional is involved in protecting it.
Love your data. Love your customers’ data, too.