Daily Tech Digest - July 21, 2019

Top 9 Ways Artificial Intelligence Prevents Fraud

What’s needed to thwart fraud and stop the exfiltration of valuable transaction data are AI and machine learning platforms capable of combining supervised and unsupervised machine learning that can deliver a weighted score for any digital business’ activity in less than a second. AI is a perfect match for the rapid escalation of nuanced, highly sophisticated fraud attempts. Fraud prevention systems can examine years and in some cases, decades of transaction data in a 250-millisecond response rate to calculate risk scores using AI. Taking this more integrative, real-time approach to AI across a digital business yields scores that are 200% more predictive according to internal research completed by Kount. They’ve recently announced their next-generation AI-driven fraud prevention solution as well as a new scoring feature, Omniscore. Omniscore incorporates the most predictive components of both supervised machine learning and unsupervised machine learning and additional predictive factors into one score.

What is bias in AI really, and why can’t AI neutralize it?

The whole point of machine learning is to infer the relationships between objects when, unlike the tides, it isn't already clear to human beings what those relationships are. Machine learning is put to use when linear regression or best-fit curves are insufficient -- when math can't explain the relationship. But perhaps that should have been our first clue: If no mathematical correlation exists, then shouldn't any other kind of relationship we can extrapolate be naturally weaker? Does a relationship exist, for instance, between a certain tech journalist with a goatee and any recorded inferences from suspected, goatee-wearing watch-list terrorists? And if there does exist such a relationship, should it? Bias, at least in everyday discussion, is exemplified by evidence of a relationship where there shouldn't be one -- for example, the annual divorce rate in Ohio and the national consumption rate per capita of margarine. If bias is endemic, then by definition it must be a pattern. And neural networks are supposed to be good at detecting patterns.

Digital innovations and disruptions- a panacea for today's evolving fintech landscape

Digital innovations and disruptions- a panacea for today's evolving fintech landscape
Emerging technologies are changing the way we live, shop, travel and make transactions. Technologies such as machine learning and artificial intelligence are making our lives effortless and secure. Emerging technologies like blockchain and smart contracts have helped companies like IndiaLends to enhance the security of consumer data and make the digital lending process more transparent. "For the identification of the borrowers, blockchain has been serving as a huge solace. Users can enter the data on the digital platform which is verified, protected with the help of passwords and encryption and then passed on to the blockchain. Users can also choose which information to be shared with which lender," says Gaurav Chopra, CEO and Founder, IndiaLends- a digital lending and borrowing marketplace. To ensure that the entire lending process is transparent and clear to its customers, smart contracts come into play. And this is, in fact, more feasible for it. Instead of using cumbersome electronic data storage systems, the company can record all the information on blockchain.

DoD Announces the Cybersecurity Maturity Model Certification (CMMC) Initiative

The CMMC is expected to designate maturity levels ranging from “Basic Cybersecurity Hygiene” to “Advanced.” For a given CMMC level, the associated controls and processes, when implemented, are intended to reduce risk against a specific set of cyber threats. Notably, DoD will assess which CMMC level is appropriate for a particular contract and incorporate that level into Sections L and M of the RFP as a “go/no go” evaluative determination. This assessment of appropriate maturity levels on a procurement basis is akin to the Cyber Security Model that the United Kingdom’s Ministry of Defence (“MoD”) currently employs for all MoD contracts. In general, contractors will be required to be certified by a third-party auditor. The FAQs on the website note that certain “higher level assessments” may be conducted by government assessors, including requiring activity personnel, the Defense Contract Management Agency (“DCMA”), and the Defense Counterintelligence and Security Agency (“DCSA”). The website does not, however, explain what qualifies as a higher level assessment.

Could RegTech Be In Line For A FinTech Boom?

Identity Management & Control facilitates counterparty due diligence and Know Your Customer (KYC) procedures. Alongside Anti Money Laundering (AML) and anti-fraud screening and detection. Identity management is the second biggest sector in terms of the number of firms and is hugely important in a wide range of ways especially when growing and taking on new customers and clients. Compliance pertains to real-time monitoring and tracking of the current state of compliance and upcoming regulations. Compliance is the largest RegTech sector with a large scope and responsibility. Companies from this sector are charged with meeting key regulatory objectives to protect investors and ensure that markets are fair, efficient and transparent. They also seek to reduce system risk and financial crime. As regulations change when we do leave the EU, this will likely be one of the key sectors to face some of the challenges that arise. Transaction Monitoring provides solutions for real-time transaction monitoring and auditing. It also includes leveraging the benefits of distributed ledger through Blockchain technology and cryptocurrency.

Changing attitudes about cyber security

Regardless of what is driving behaviors and decisions, keeping your business safe is paramount if your organization wants to remain competitive and successful. But getting everything in place and preparing your company for something that may never happen can be challenging. Consumers are demanding more transparency on what is being done with their data, while at the same time looking for improved levels of customer service and global access to goods and services. When you put these together, it becomes clear that organizations need to align and connect all areas of their business. As a result, many are investing significant resources and budget into digitization and implementing improved technologies. The customer experience is being digitized, including omni-channel, multi-platform and AI-supported technologies, back-end processes are being harmonized, and supply chains are being enhanced through increased levels of transparency.

Explainable Artificial Intelligence & The Limits Of Human Deliberative Process

There’s considerable research that demonstrates humans’ lack of insight into their own deliberative processes. People are generally willing to concede that they don’t know where their own creative breakthroughs come from. But when it comes to more ordinary achievements of the mind, our mental processes seem more understandable. Say you’re asked to name a brand of gum. You respond with “Wrigley’s Doublemint.” Why? “Because that jingle from their early ‘90s ad campaign is still stuck in my head,” you might offer. Or if asked why you chose to buy a particular pair of socks, you’ll reason, “they were the best combination of high quality and low price.” Similarly, on the battlefield, warfighters can sometimes explain why they made a particular decision, while in other cases, they may acknowledge an inexplicable sort of divine inspiration. Mike Jaco, former Navy SEAL and author of The Intuitive Warrior, voices the latter when he explains, “by fine-tuning my intuition as a Navy SEAL, I was able to predict and avoid attacks to protect myself and my fellow soldiers.”

Increasing Access To Blockchain And Ledger Databases

Amazon Web Services 1
Managed Blockchain manages certificates and track operational metrics, such as usage of compute, memory, and storage resources. With Managed Blockchain's voting API, network participants can add or remove members. When a network member requires additional capacity for creating and validating transactions,the member can quickly add a new node using Managed Blockchain's APIs. In addition, Managed Blockchain provides a selection of instance types that comprise varying combinations of CPU and memo. This gives you the flexibility to choose the appropriate mix of resources to support your nodes. Users pay according to their usage and don't worry about any upfront costs for infrastructure. Managed Blockchain supports two popular blockchain frameworks, Hyperledger Fabric and Ethereum. Hyperledger Fabric is well-suited for applications that require stringent privacy and permission controls and with a known set of members.

Security, Risks and Governance: Three Pillars for Agile Business

Security, Risks and Governance: Three Pillars for Agile Business
Governance is all about initiatives and strategies for setting the tone. It has to be taken care of at the level of the board, regulator and other nodal agencies. It also involves customers. These days they demand better control over the data. They worry about the safety of their data while sharing it with various entities. It is a natural demand from the community, whether it is customer, regulator, government, law enforcement, etc. It will determine the nature of controls and their design. Bharat Panchal, Senior Vice President, Head – Risk Management, National Payments Corporation of India (NPCI) talks about these issues in the Book Titled “Accelerating Enterprise Innovations”. The following is an excerpt from the same book: As the threat landscape keeps changing, agility in control deployment will be an essential component of cybersecurity strategy. In risk identification, you have to be proactive rather than reactive. This will help figure out the potential chances of breaches. Looking at the larger picture. I believe security, risk and governance are key pillars for any business. 

Phishing Attack Aimed at Stealing Payroll Deposits

Wise says that while it does not believe that it was the intent of the phishing attack to obtain patient information, access to the email boxes may have compromised patient information, such as medical record number, diagnostic and treatment information, and potentially insurance information. "Again, we believe the purpose of this campaign was to divert payroll direct deposits rather than to obtain patient information," the statement notes. Wise Health System has not received any reports of patient identity theft since the date of the phishing incident, the statement adds. ... Tom Walsh, president of consulting firm tw-Security, says that the process for making any changes to employee-related data should always require an authorization. That includes changes involving an employee's bank and account numbers for payroll direct deposits, beneficiaries on life insurance policies and health insurance benefits. "The employee portal makes it easier and more convenient, but the assurance that the HR department is actually communicating with the employee may have been lost for the sake of convenience," he says.

Quote for the day:

"A man's character may be learned from the adjectives which he habitually uses in conversation." -- Mark Twain

Daily Tech Digest - July 20, 2019

FinServ in the age of AI – Can the FCA keep the machines under check?

There are banks who are also looking at reverse engineering the explainability when the AI algorithm is complex. The FCA and the Bank of England have tried this approach too. A complex model using several decision trees to identify high risk mortgages had to be explained. The solution was to create an explainability algorithm to present the decisions of the black box machine. The pace at which startups are creating new solutions makes it harder for service providers. In recent times I have come across two firms who help banks with credit decisions. The first firm collected 1000s of data points about the consumer requesting for a loan. One of the points was the fonts installed on the borrowers laptop. If the fonts were used in gambling websites, the credit worthiness of the borrower took a hit. As the font installed indicated gambling habits, the user demonstrated habits that could lead to poor money management. The second firm had a chatbot that had a conversation with the borrower and using psychometric analysis came up with a score. The score would indicate the “intention to repay” of the customer. This could be a big opportunity for banks to use in emerging markets.

Foundations Of Business Architecture

The work of creating and defining a business architecture is not meant as an academic exercise. A business architecture is based on the organization’s business strategy. The business architecture positions the organization to operate efficiently in pursuit of its goals. As defined, a business venture is about creating value. Value is demonstrated in the form of corporate profits or in returns to owners and shareholders. Corporate goals tend to be high-level and wide. Organizations use various processes and methods for capturing and documenting the corporate goals. The method used in capturing the corporate goals is less important than having the discipline, structure, and communication methods to support the creation and dissemination of the corporate goals across the entire organization. Used most effectively, corporate goals are developed within the context of a larger enterprise wide strategic planning function. Often, the process is used in creating the organization’s data strategy, which may occur during enterprise architecture planning.

The Pipeline Driven Organization - Enabling True Continuous Delivery

"Pipeline driven" means we want to rely more and more on pipelines to make technical decisions (judgements) related to the code and its associated artifacts, and then have the pipeline immediately act based on those decisions as autonomously as possible. ... Continuous Delivery is a software engineering approach in which teams produce software in short cycles, ensuring that the software can be reliably released at any time. I believe that the key to succeeding with continuous delivery is to remove human bottlenecks from the chain of tactical decision making, and enable pipelines to work almost autonomously in deciding and pushing code around, all the way to production, without human fear and doubt getting in the way of receiving fast feedback about the way our code behaves. In order to be able to trust a pipeline enough so that we can rely on its decisions, we need to start teaching our software pipelines to make those tactical judgements without needing humans in the process.

5 Tips for Agile Testing

Agile Planning
When both of the teams cooperate closely, they clearly understand the functional requirements of the software even if user stories are described superficially. The developers distribute the tasks to be performed and the order of passing the results to software testing engineers. At this time, the QA specialists start preparing test documentation and clarifying technical issues with the developers.Why is it important? By following the above-mentioned process, you can prevent errors earlier in the development, improve the code quality, and reduce the number of defects. ... According to the Scrum Guide, it should be an external specialist who will have control over the Scrum processes finding out the gaps and detecting all possible risks. Most often, a manager performs this function. Nevertheless, whomever is a Scrum Master on the project – a QA engineer or a developer – the person should be able to smoothly switch the role and carry out appropriate duties. With practice, even experienced software testing engineers with managerial skills successfully coped with this role.

How one bank is using AI, big data and chatbots to create new services

Simon McNamara, chief administrative officer at RBS Group, was brought into the bank in the wake of that episode in September 2013. He says the very reason he was brought into his job was that the executive team believed he was the person to "fix" the bank's IT systems and to create resilience. McNamara refers to "material progress" in regard to achieving that resiliency. It's provided a platform for him and his colleagues to face the challenge of digital disruption in the banking sector head on. In fact, pushing an innovation agenda has been one of his key aims since the day he started – yet it was something that some of his executive peers were reticent should be a focus when he first joined the bank in 2013. "I was actually told by some people that you're not going to be able to do that," says McNamara. "Some people said I was here to fix things and should forget about innovation. And that's literally where we started – and I'm somewhat proud of actually ignoring that advice and building an innovation agenda here, which is second to none in the UK in terms of any financial institution."

Why do 87% of data science projects never make it into production?

“It’s broken because nobody owned it, we didn’t have the data science team to be able to continually iterate on the models, think of it as an asset, and have data operations making sure it’s working well,” Chapo said. “We’re starting to bring those ways of working to life. But it’s hard, because can’t just do it all overnight.” “One of the biggest opportunities for all of us today is to figure out how we educate the business leaders across the organization,” Leff said. “Before, a leader didn’t need to necessarily know what the data scientist was doing. Now, the data scientist has stepped into the forefront, and it’s actually really important that business leaders understand these concepts.” AI is not going to replace managers, she adds, but managers who use AI are going to replace those who don’t. We’re starting to see that awakening of business leaders wanting to understand how machine learning works, and what AI really means for them, and how to leverage it successfully. And those leaders are going to be the most in demand, Leff said. Another essential key to success, Chapo added, is keeping it simple.

As FTC cracks down, data ethics is now a strategic business weapon

GettyImages 1058320822
To weave ethics into the very fabric of their business strategies and tech systems, startups should adopt “agile” data governance systems. Often combining law and technology, these systems will become a key weapon of data-centric Third Wave startups to beat incumbents in their field. Established, highly-regulated incumbents often use slow and unsystematic data compliance workflows, operated manually by armies of lawyers and technology personnel. Agile data governance systems, in contrast, simplify both these workflows and the use of cutting-edge privacy tools, allowing resource-poor startups both to protect their customers better and to improve their services. In fact, 47% of customers are willing to switch to startups that protect their sensitive data better. Yet 80% of customers highly value more convenience and better service. By using agile data governance, startups can balance protection and improvement. Ultimately, they gain a strategic advantage by obtaining more data, cultivating more loyalty, and being more resilient to inevitable data mishaps.

Will Cyberattacks Lead to Prolonged Conflicts?

"We need to separate what is happening with corporations, where the news is relatively good because the technologies are getting better and it is now possible if you spend enough to defend yourself," says Clarke, a former adviser on intelligence and counterterrorism in three presidential administrations. "We need to separate that good news from the bad news that governments are behaving badly - governments are engaging in increasing cyberattacks and boasting about it." In an interview with Information Security Media Group, Clarke says he's concerned that more cyberattacks of a sufficient gravity will lead to kinetic responses and prolonged conflicts. "We actually have had a government engage in a conventional or kinetic attack because of cyberattacks - the Israelis, frustrated by the cyberattacks on them by Hamas, flew F-16s and bombed the Hamas cyber facility," he points out. Clarke and Knake believe that the key to dealing with future cyberthreats can be distilled to a single word: resilience. 

Data Governance Program Team Structure

The need for business data stewards, both the lead business stewards and the line data stewards, is especially important in an incremental approach to data governance. Using this method, the organization usually establishes one or two data stewardship teams to address specific data-related challenges with the support of the small Data Governance Program team, after they are trained in data governance and data stewardship concepts. The data stewards may be asked to support the DG program team in writing policies that apply to their specific issue – and that will be expanded to include the organization in general – under the approval of the Data Governance Council. Additional data stewardship teams should be enacted according to a schedule developed by the DG Program team and the DG Council, for projects identified by the DG Council. This schedule should be assertive, to maintain program momentum and to retain interest across the organization in data governance and data stewardship, while demonstrating value. In the starting projects, and perhaps with smaller organizations, the data stewardship teams may consist of a lead business data steward and one to three line business data stewards, based on the organization’s subject areas.

Q&A on the Book Virtual Leadership

It’s for those who lead virtual teams and those who are part of virtual teams. Even if you don’t consider yourself a leader, you will be able to make a lasting difference in the quality of your virtual work through developing your own virtual leadership. Do you strive to work well with people spread around the globe, or even just around your locality? Do you wonder how to overcome the challenges and frustrations of virtual working? Do you want to see real and lasting benefits for your organization through your virtual work and that of your colleagues? If so, I wrote the book for you, whatever your role and whatever type of organization you work within. Of course, InfoQ caters to the software development community, and readers say that there is a lot in it that is really helpful there. While you are likely to be incredible with technology, it takes more than technology to make virtual teams work well! My background was as a software engineer initially, and many of the case studies are from situations involving IT.

Quote for the day:

"You may not control all the events that happen to you, but you can decide not to be reduced by them." -- Maya Angelou

Daily Tech Digest - July 19, 2019

How edge computing is driving a new era of CDN

network traffic earth
It’s not that long ago that there was a transition from the heavy physical monolithic architecture to the agile cloud. But all that really happened was the transition from the physical appliance to a virtual cloud-based appliance. Maybe now is the time that we should ask, is this the future that we really want? One of the main issues in introducing edge applications is the mindset. It is challenging to convince yourself or your peers that the infrastructure you have spent all your time working on and investing in is not the best way forward for your business.  Although the cloud has created a big buzz, just because you migrate to the cloud does not mean that your applications will run faster. In fact, all you are really doing is abstracting the physical pieces of the architecture and paying someone else to manage it. The cloud has, however, opened the door for the edge application conversation. We have already taken the first step to the cloud and now it's time to make the second move. Basically, when you think about edge applications: its simplicity is a programmable CDN. A CDN is an edge application and an edge application is a superset of what your CDN is doing.

Despite BlueKeep Warnings, Many Organizations Fail to Patch

Despite BlueKeep Warnings, Many Organizations Fail to Patch
BlueKeep is a serious vulnerability that could enable attackers to compromise Remote Desktop Services in Windows, which enables access to networked computers via remote desktop protocol. Attackers who successfully exploit the flaw could gain full, remote access to a system, including the ability to create user accounts and give them full administrator privileges, as well as to execute any code. "The vulnerability requires no authentication and is regarded as 'wormable,' meaning that if it were successfully exploited it could be used by self-replicating malware to spread across the internet rapidly," security firm Sophos warns in a new report. "WannaCry and NotPetya used a similarly wormable flaw in Microsoft's SMB v1 to spread around the globe in a matter of hours." One saving grace - so far at least - is that security experts have yet to see any in-the-wild attacks that use BlueKeep. But until companies patch, they remain at risk. "Patching, or rather good cyber hygiene, is an integral component of every company's defense against cyberattacks," Raj Samani, chief scientist at McAfee, tells Information Security Media Group.

Microsoft gets boost in SaaS revenue and pushes Teams platform

The company said its Commercial Cloud business achieved annual revenue of $38bn, and grew by 39% in the quarter with revenue of $11bn, while its Intelligent Cloud business grew by 19% with revenue of $11.4bn. The company also reported growth of 23% in the number of commercial Office 365 seats and strong demand for Windows 10 among commercial PC manufacturers driven by end of support for Windows 7 in January 2020. Satya Nadella, chief executive officer of Microsoft, said: “Every day we work alongside our customers to help them build their own digital capability – innovating with them, creating new businesses with them, and earning their trust. This commitment to our customers’ success is resulting in larger, multi-year commercial cloud agreements and growing momentum across every layer of our technology stack.” During the earnings call, Nadella described Teams as Microsoft’s fastest-growing platform. “There is no question this last fiscal year has been an absolute breakout year for Teams in terms of both product innovation and, most importantly, at-scale deployment and usage,” he said.

Digital technologies and the future of geospatial data

Mapping an area correctly can be a painstaking responsibility, but it's easier with help from drones. They work especially well for geospatial analysis needs due to their maximum altitude capabilities of 400 feet and imaging technology that enables capturing ground image data in higher resolutions than satellites or planes. The versatility of drones makes them fantastic for a wide range of mapping projects. For example, a retail brand might use a drone to get details about terrain in the potential location of a new retail store. Then, construction companies can do something similar by factoring drone mapping data into their plans as new buildings or renovations get underway. One of the main reasons why drones are such a hot topic now is because people associate them with the rapid delivery of things they order from e-commerce stores. Although drones do make things more convenient that way, they are also used when companies plan the most efficient distribution routes. Geospatial mapping data offers information to e-commerce enterprises, whether people receive their shipments with drones or through other means.

Does net neutrality still matter in our post-web world?

When the phrase was coined, it was in the context of a debate in the US Congress over the idea of a possible nationwide license for broadband service providers. States and municipalities were responsible for granting such licenses to limited geographies, and Republicans in the House were looking for new sources of revenue. Under the provisions of a never-passed law called the COPE Act, ISPs would be given incentives to purchase nationwide licenses instead of more localized ones. One such incentive was a waiver of enforcement of any laws or regulations restricting ISPs' right to divide their pipelines into "good/better/best" service tiers. There was substantive opposition, but Sen. Ron Wyden (D – Oregon) raised the stakes to a moral issue. At issue, he argued, was the small publisher's and garage-based enterprise's right to conduct their business on the same Internet like Google and eBay, as equal players in a digital market. Politically speaking, the concept of net neutrality has been as malleable as sediment from an Oregon mudslide.

Is SQL Beating NoSQL?

What we need is an interface that allows pieces of this stack to communicate with one another. Ideally, something already standardized in the industry. Something that would allow us to swap in/out various layers with minimal friction. That is the power of SQL. Like IP, SQL is a universal interface. But SQL is in fact much more than IP. Because data also gets analyzed by humans. And true to the purpose that SQL’s creators initially assigned to it, SQL is readable. Is SQL perfect? No, but it is the language that most of us in the community know. And while there are already engineers out there working on a more natural language-oriented interface, what will those systems then connect to? SQL. ... SQL is back. Not just because writing glue code to kludge together NoSQL tools is annoying. Not just because retraining workforces to learn a myriad of new languages is hard. Not just because standards can be a good thing. But also because the world is filled with data. It surrounds us, binds us. At first, we relied on our human senses and sensory nervous systems to process it.

Container security improves overall enterprise IT posture  

Once apps reach the production Kubernetes environment, security policies enforced through Aqua allow all developers and IT ops pros read-only access to their activities. This improves and speeds up application development, and lets IT pros troubleshoot faster than they could with VMs -- in the past, Recurly's security staff more carefully restricted such access without automated whitelisting tools available for containers. Also, since containers separate application processes from the underlying host, admins can more strictly lock down the host itself with tools such as Google's Container-Optimized OS. "We are heavily running immutable hosts today, so even if you break out of a container and get on a host, good luck," Hosman said. "You can't run anything, install anything, or pivot to anything, and if we restart the host, everything just resets." Recurly's goal is to move away from human responses to alerts, whether they refer to IT monitoring or container security issues, and toward a remediation response to issues through code.

Microservices: Myth, Madness, or Magic?

The reality is, you almost always don't need microservices to achieve the above "holy grail", you just need a decent architecture. So let's redefine microservices: Microservices: Yet another concept to fix the bad architecture created by bad software developers and to make money for big businesses that feed on the bad software practices of others. An article on Medium writes "Conceptually, Microservices extend the same principles that engineers have employed for decades."2 Wrong. These principles have existed for decades, but "employed?" Hardly ever. Similarly, a post on New Relic states: "When using microservices, you isolate software functionality into multiple independent modules that are individually responsible for performing precisely defined, standalone tasks. These modules communicate with each other through simple, universally accessible application programming interfaces (APIs)."3 Wait, we need microservices to achieve this? Wasn't this the promise of OOP? Isn't this the promise of every newfangled framework like MVVM, Angular, and so forth?

Microsoft to explore using Rust

"A developer's core job is not to worry about security but to do feature work," Thomas said. "Rather than investing in more and more tools and training and vulnerability fixes, what about a development language where they can't introduce memory safety issues into their feature work in the first place? That would help both the feature developers and the security engineers-and the customers." Microsoft looking into Rust, as a safer alternative to C++ isn't actually such a big deal. The OS maker has been looking for safer C and C++ alternatives for years. In June 2016, Microsoft open-sourced "Checked C," an extension to the C programming language that brought new features to address a series of security-related issues. Microsoft looking into Rust before any other memory-safe language is also not a bad decision. Besides being superior to C# in regards to better memory protections, Rust is also more popular with developers these days and might be easier to recruit for. ... Developers love it because of its simpler syntax and the fact that apps coded in Rust don't yield the same amount of bugs, allowing developers to focus on expanding their apps, instead of doing constant maintenance work.

Data governance in the age of AI: Beyond the basics

Ensure governance team members have defined roles, including tactical and high-level strategy responsibilities, Smithson says. Split data champions into two groups: data stewards, who make recommendations about formulas or algorithms, for example, and director- or VP-level data owners who make the decisions, Walton adds. And put roles and responsibilities into job descriptions. “The job responsibilities come from the workflows and the tasks that need to be accomplished.” Those job descriptions should fall into two buckets, he says: data quality assurance and information consistency. For the former, tasks include identifying a data quality issue, remediating that issue with a workflow change, for example, and monitoring to ensure the effectiveness of the data governance initiative. For the latter, tasks include creating a business measure to support key performance indicators, to modify it when business rules change, and to sunset any items that are no longer relative. A bonus tip: Tie data owners’ bonuses to data quality. “That will get people’s attention,” Walton says.

Quote for the day:

"Leadership is the art of giving people a platform for spreading ideas that work." -- Seth Godin