The result is a slow brew of gathering risk without sufficient safeguards
I agree that "Many times, those projects demonstrate the utility of bringing together diverse data that was previously hard to assemble given the radically different data types. Big data systems gain utility as more data is brought in. The result is a slow brew of gathering risk without sufficient safeguards."
To reach the goal of securing the data while preserving its value, the data itself must be protected at as fine-grained a level as possible. Securing individual fields allows for the greatest flexibility in protecting sensitive identifying fields while allowing nonidentifying information to remain in the clear.
Protecting this information within the enterprise is a significant challenge on its own, but monetizing the data means sending it to one or many other organizations, each of which have their own security profiles. Anonymizing privacy data completely may not be feasible in a monetizing scenario, but deidentifying the most sensitive information, e.g., names, social security numbers, birth dates, is vital to protecting the privacy of individuals.
Using data protection methods such as tokenization can also allow businesses to preserve the type and length of the data, as well as deidentifying only part of the data fields, while leaving the relevant parts in the clear, such as exposing a birth year rather than the entire date. This will keep the data usable for third parties to analyze, while helping to protect the privacy of the individuals who make up the data.
We may not be able to completely prevent hackers from stealing data, but we can make it far more difficult for them to cause significant damage with it. By protecting data at a very fine-grained level—fields or even part(s) of a field—we can continue to reap the benefits of data monetization while putting forth a significant barrier to identity theft.
Ulf Mattsson, CTO Protegrity