We have all experienced this ourselves in the workplace lately: One week to another never looking the same with a mix of working from home, from the company office, and on the road travelling. The modern workplace has allowed many of us to benefit from a flexible-first philosophy as an employee, adopting practices that best suit our work patterns and lifestyle. However, it has also created a new set of worries for us as consumers, often wondering if the businesses we engage with and purchase from will protect our information to assure privacy-first protection.
In today’s day and age, it is critical that businesses commit to the active protection of all types of data to be deserving of customer trust and gain an information advantage. Trust is hard to build, and even harder to regain once lost. But how can organizations stay compliant and protect customers’ data against a backdrop of increasingly major data security breaches? And with the explosion of data (e.g., structured, unstructured, human-generated, machine-generated, in the data center, on the edge, fast moving, slow processing, in the cloud, within on-prem applications, etc.), consumers are becoming wary of where their data may end up and the implications of it falling into the wrong hands.
The fragility of trust
To truly understand consumer attitudes towards data privacy today, OpenText commissioned a global survey and discovered three key takeaways:
- Renewed and pervasive concerns around privacy: Since the pandemic began in March 2020, almost three quarters (76%) of consumers globally have new concerns about how organizations are using their personal data.
- Rise in remote and hybrid working has created this worry: Four out of five consumers (82%) worry more about their personal data being stolen because organizations now operate in distributed work models, and one in two (49%) say their worry stems from not understanding how businesses commit to protecting the data collected.
- Brand trust threatens business results: Globally, a third of consumers (33%) said they would no longer use or buy from a brand they were previously loyal to if the company failed to protect and leaked their personal data. Moreover, a quarter (27%) of consumers would completely abandon a brand if the company failed to respond to a Subject Rights Request (SRR) – including a request to access, correct, delete or port the information that company has about them. Lastly, almost two thirds (63%) of consumers said they would be willing to pay more to use or buy from an organization that was expressly committed to protecting personal data.
And let’s not forget this is all in the context of a rise in the volume and complexity of data being generated, the number of sources where data is created and stored, and the number of channels through which data is shared – be they commerce channels, social media platforms or collaboration tools that facilitate modern work. Take the fact that 79 zettabytes of new data was created in 2021, and this amount is expected to more than double by 2025, to reach 181 zettabytes.
What these results show us is that businesses must act now to address these new concerns and ensure customer trust is not lost. Here are five practical steps business can take.
Step 1: Establish a strong information management core
The foundation to addressing these concerns is breaking down siloes to get one integrated view of all information – all types, all speeds, all locations – to understand how personal data is managed.
With information governance solutions, organizations can manage the flow of personal and sensitive information from capture through archiving and disposition. By improving how to keep track of where data is located and stored, what categories of data are being managed and when it’s time to dispose of personal data to satisfy data minimization principles, organizations can reduce risk and meet growing data sovereignty requirements in complex regulatory environments.
In addition, using a modernized cloud platform for Enterprise Content Management (ECM), organizations can consolidate key systems to streamline information governance and bolster information sharing by implementing policy-driven, role-based access to reduce unwanted exposure.
Step 2: Get faster and smarter with embedded AI
Many organizations are sitting on years of data and terabytes of content that has not been appropriately classified in terms of value and risk. Examples include network file shares or laptop archives.
Using AI-powered data discovery tools (e.g., OpenText™ Magellan™ Risk Guard), organizations can scan this unmanaged or unclassified information to identify personal and sensitive information across pockets of data and various content repositories. Then, with the power of AI and machine learning, managers can assess the severity of the risk and prioritize remediation activities to strengthen adherence to compliance mandates. Once tagged, risky and sensitive content can be protected and secured with just a few clicks. Also, bulk policies can be set once repeated patterns are identified so automation can replace manual efforts.
Step 3: Respond to customer needs better
Demands made by consumers seeking to act upon their exercisable rights – mainly SRRs –expose many businesses who continue to perform these activities manually. Struggles to meet prescribed deadlines is why automation and workflow management remain top data-privacy technology capabilities being pursued today. Investment in solutions like OpenText Privacy Management, with strong case management tools to track performance of privacy processes required for an enterprise privacy program, can go a long way to automating workflows and operationalizing the SRR fulfilment request process.
Step 4: Create a culture of cyber resilience
With cybercrime presenting a formidable challenge to modern life and work and the potential to wreak havoc on our businesses, an organization’s best defense against cyber threats is a cyber resilience framework including robust, multi-layered security and data protection.
OpenText security solutions protect businesses. Here are a few critical components of a holistic approach to cyber resilience:
- Training to help strengthen the first line of defense – employees – with Security Awareness Training (SAT)
- Blocking threats before they can infiltrate a network with DNS Protection
- Protecting endpoints from the latest threats to ensure users stay productive and data stays secure with Business Endpoint Protection software including next-gen antivirus and antimalware
- Preventing email-borne threats such as ransomware, phishing and business email compromise (BEC) causing downtime, fines and closure with Email Threat Protection
- Threat hunting with security analysts to detect and respond to breaches as quickly as possible with MDR services
- Recovering data by keeping critical systems online during a worst-case scenario with Disaster Recovery as a Service (DRaaS) ensures organizations can retrieve vital information with minimal downtime to keep their operations moving.
Step 5: Be ready for the unforeseen
It’s clear that the distributed nature of work today, on top of an incessant growth of data volumes and information sources, has led to growing concerns among consumers about how their personal data is managed and secured. New data privacy, information governance and security practices are needed to address these concerns. By embracing information management software and an effective cybersecurity strategy, businesses can take an important step forward to manage the unforeseen. Whether it is geo-politically driven needs for data sovereignty, continued supply chain disruptions, or new ESG (Environmental, Social and Governance) regulations, not having the foundations described above in place will put businesses at a disadvantage.
Establishing an integrated data management approach will help businesses to differentiate themselves in the marketplace, maintain customer trust and loyalty, and create a true information advantage.