Mike Williams, CEO of Pushfor talks with Temenos Marketplace and explains how banks can retain control of sensitive information when sharing ‘unstructured’ content. By pushing content rather than sending it, banks not only put a tick in the compliance box but they protect the bank’s reputation too.
By Mike Williams, CEO- Pushfor
Data protection is big news, and rightly so. It’s time for companies that collect, store and use personal data to be held to account. The imminent General Data Protection Regulation (GDPR) coming into force in May is going to do this. Big fines are the stick, happy customers the carrot.
An army of consultants is helping banks prepare for the stricter rules on data protection. There’s lots to do – from clearing out stores of unnecessary data to ensuring that all the required permissions are in place. But most of the focus seems to be on structured data, the term used for organised information. This is held in fields such as name and address, or transaction history. While important, it only accounts for about 20 percent of all data. Unstructured data accounts for the balance and is by far the more unwieldy beast.
Unstructured data is that held in documents for example. Think emails with attachments including customers’ names and addresses, purchase histories, dates of birth, employment records, employment terms. Just like structured data, unstructured data will also be covered by GDPR and must be protected.
While many banks have put up security walls around unstructured data, to date these walls have proven pretty ineffective. Bans on using personal devices for work matters – sending work emails from your own laptop or phone, for example – are regularly ignored by staff, and encryption is far from failsafe because it’s easy to send the key along with the document. People also duplicate and photograph content. Each time a new copy is made of any personal data, the door is opened to a GDPR breach. So what can banks do?
To read the full article click here