From low code and cloud, to AI and encryption: What you do with data needs to be about more than buzzwords

Just as every company is now a technology company because you can't be in business without technology, every company is a data company - but most companies don't know about data or what to do with it.
Written by Mary Branscombe, Contributor

Digital transformation is one of those infuriating buzzwords because it's both slightly meaningless and also a very sound but obvious idea; the same is true for 'digitalization'. 

Really, they're both code for 'we already automated a lot of business processes and made them digital, but humans are complicated and rules aren't good at expressing complexity, so now we're trying to make things more flexible and powerful as we automate business processes with something better than a rules engine'.

SEE: 60 ways to get the most value from your big data initiatives (free PDF)

You can understand why some people glaze over when the term comes up. We can't call it 'business process automation' because we already did that, so we call it digital transformation to distinguish this new trend of using technology to automate parts of your business from the old trend of, err, using technology to automate parts of your business. Robotic process automation: this time the automation is a bit smarter.

But low code and no code tools are part of this: they're what allow the people who actually know how the process works -- because performing that process is their actual job -- to code up small applications that help them handle the parts of the process that can't be fully automated. 

Business process terminology calls those parts of the process "exceptions" but when a large part of your work day is "handling exceptions" I think you probably just call it your job.

At first glance, that looks a lot like the way that enterprise social networking was going to let employees find and fix broken business processes. Yet replacing phone calls between employees to sort out problems with online chat might make the wet string and sticky tape holding that business together less painful, it was still up to managers to listen to the employees and actually make some changes. 

But easier ways of coding up apps could be the same kind of sticking plaster for broken business practices, like the Excel spreadsheets that have run many business processes for years – formulae written by someone who understood the job and maintained by IT because the department came to depend on them.

What might save low code and no code from being the same kind of cul-de-sac is that to build them, employees need access to APIs and data, and making those available means the company is curating data and creating application programming interfaces (APIs) for core services that get maintained by the IT team. With IT creating the infrastructure and the cloud for the things that are the same at every company (email, document search, file sharing, team chat and so on), employees can use low code and RPA to get tools that handle the things that are unique to your company. And every company is trying to work out how to do something useful with data.

"Every company is trying to figure out how to digitally reinvent themselves and to transform businesses in new ways," as Microsoft cloud and AI chief Scott Guthrie put it at a recent Microsoft event on using data and AI. "They want to be more digital in terms of how they reach customers, in terms of reinventing supply chains, in how they recruit, train and motivate employees." 

What they're using to do that is data, and techniques to get insight from data, which we're calling AI because it's another buzzword that distinguishes how we used to get useful insights out of data with statistics and analytics from the more powerful and flexible techniques we now have to get useful insights out of data with statistics and analytics.

AI is by no means simple, but there are tools and services and techniques that businesses can adopt that will work reliably to get insights out of the right data – if you know what the right questions are to ask. The question might be 'is this a photograph of one of my products and is it broken?' or 'is there a pattern to my shipping delays and is it different for different places, different products or different times of year?' or even 'based on all the deliveries I've ever done and what I can find out about traffic and weather forecasts, how much should I bid for this delivery job so that I'm neither so cheap I lose money or so expensive I lose work?'

In fact, it's probably easier to find the AI technique or service to answer the questions than to know what the right data is to start with and what the right questions are to ask for your business (that your competitors can't also ask of the data they have access to).

I prefer to call that a data science strategy to underline that it's about what you do with the data as well as which data you do it with, as well as the fact that it should be strategic. You need to be looking for data and questions to ask about that data that can find efficiencies in your business.

But you can't do that without what most organisations think of as their data strategy, which is actually data management and is maybe really just a competency (as in, don't be incompetent with your data).

SEE: Sensor'd enterprise: IoT, ML, and big data (ZDNet special report) | Download the report as a PDF (TechRepublic)

Combining and cleaning up all your siloes of data, in the cloud and out of it, and creating a data workflow, is part of that. But so is the more janitorial task of working with data in a way that's secure, compliant and meets all the legal regulations

"A lot of that comes down to using access control and encryption in your data stores," Guthrie told me. "Is the data being stored so that everyone can read it or is it locked down so that only certain roles can access it? An awful lot of security breaches come down to storing non-confidential data and confidential data in the same system and relying on apps to do the right thing when it comes to data, versus assuming the app can be breached so let's have the data store say the only thing that can see the credit card information is the payment system, not these other systems around it."

Think of it as bringing the 'assume breach' mentality from security to data handling. But you also need to be able to audit data access to prove who has used it. "CIOs tell us 'I want to know my office in a different country can't look at this data and I want you to tell me I can audit it, so I know they can't look at the data.' They want to write a policy so that if you're in New York, you can only see this data and if you're in London you can only see this data over here, and they can run a query against all their systems so they know the policy is in force. They want the ability to close the loop and to turn [data access management] into something that's auditable and operationalizable."

Auditable and operationalizable aren't buzzwords like digitization; they're only strategic if you need a strategy that means you don't get into trouble, and that's more usually called 'running the company'. With the vast number of data breaches that are still happening and the fines for those breaches starting to become significant, getting your data management right absolutely matters. Just don't confuse doing that right for having a strategic approach for getting insights out of that carefully curated, cleansed, access-controlled and audited data.

Editorial standards