It’s My Data and I’ll Share If I Want To

It my data and I’ll share if I want to (Image).jpg

Data is at the heart of any corporation. Though it is not always reflected directly – a large part of a company’s value is in its secrets – data that only it has.

Employment contracts, supplier contracts etc. reflect the value of these secrets - given that they all come with a range of confidentiality agreements and security policies and procedures attached. Presently, a lot of these agreements, policies and procedures are onerous - a simple example is trying to copy a confidential document to a USB disk on your corporate desktop – generally, and understandably, this is impossible.

The escalation in risk averseness around data increases exponentially when a company or business division wants to share data with partners/suppliers etc.; currently, it is an extremely complex problem to deal with.

The real complexity around data sharing is around (classified) data protection from a business, regulatory, legal and technical perspective. 

When it comes to sharing data, business relationships can be truly convoluted – the dimensions and exceptions to how and who data is shared with are, more often than not, based on a myriad of permutations. For instance, Company A may want to share their data with Company B but, only: a) as it relates to their Exploration and Production Department, b) for a restricted time period and c) across a narrow range of topics; in addition, it may be that the data is encumbered with export restrictions.

Add in the many potential process, control, technical and legal restrictions around the data and you end up a breathtaking list of requirements.

Blockchain technology has been touted as a technological solution for sharing data – using the blockchain network to verify that the data can be trusted by having to share the data with, literally, every node and every stakeholder – including competitors - within the blockchain network.   

However, blockchain technology does not satisfy many - if not most - of the multitudes of constraints imposed on data sharing from the business, regulatory, legal and technical perspectives.

If you look at data sharing from a data owner’s point of view, the requirements are simple – it’s my data and I’ll share if I want to. I want to be assured that:

  • I know exactly what is being shared, with whom and who has looked at/interacted with it.

  • The Data Security and IT departments are happy with the security controls,

  • I can show the lawyers and auditors what I am sharing, if they want to know.

  • I am complying with regulatory requirements (e.g. around PII (Personally Identifiable Information) and GPDR).

The points above outline why existing approaches, which are largely about the technical process of sharing data, fail to meet most of the constraints in any meaningful way. Blockchain is no exception. 

Let’s consider the two primary “flavors” of blockchain. The Public blockchain and the Digital Ledger blockchain:

  • Public blockchain has no restrictions on who can be part of the data sharing. Anyone can be part of the Public blockchain process - from competing to mine and add new blocks, to being part of the consensus process to validate new blocks.

  • Digital Ledger blockchain is a variant on the Public blockchain concept but in this flavor permissions and access rights must be granted to the participants in the Digital blockchain process. Lots of big corporations, like IBM and Amazon, market their version of a Digital Ledger.

Any data that is written to either flavor of blockchain is (by definition) on the chain forever; it can’t be removed without breaking the fundamental tenant of how blockchain works. Even in the Digital Ledger flavor, if a one of your competitors joins the same Digital Ledger blockchain then they have access to the data that you have shared via blockchain. This is a business advantage that you would never have given them – but you have done, due to the way blockchain works.  Great for cryptocurrencies but not so much for non-currency challenges.

However, that is not the major problem with the touted blockchain solutions for business. The real problem is Governance.

Governance has two pillars - the computer-controlled part and the human-controlled part.  It’s like having a written Constitution before you start the blockchain and share any data. This constitution describes what power and authority you have delegated to the blockchain related to your data.  

The computer-controlled part is the easier of the two to set up and to update over time because it is limited to computer architecture problems.  When flaws/errors/inconsistencies in computer programs are discovered we fix them.  

The human-controlled part is far more difficult.  How do you decide that something needs to be fixed and what the proper fix is… when the blockchain is distributed across tens of millions of computers, all controlled by their owners?  Who gets to make that decision?  How can you force all those people to accept your decision?  It is a gross understatement to say that there are lots of governance problems with a widely distributed system, which has no real owner.  

If you haven’t set up your constitution prior to the blockchain starting, you’re in real trouble.  Real trouble. You can’t update, bolt-on or add in anything and think that, somehow, the governance problem is solved. 

As such, businesses need to completely rethink how they’re going to solve this emergent, fast growing, and critical business survival requirement. That is why we built Fl@World. 

Fl@World is the robust, next-gen, data ecosystem technology that empowers people to securely share, integrate and analyze data from disparate sources, within and between organizations and technologies, through a real-time unified view, with global compliance built-in.  

But, most importantly, it is designed for multi-jurisdictional/governance environments – solving the real business and technical barriers to data sharing.  Fl@World addresses both human and computer-controlled governance issues. In particular, with human-controlled governance, Fl@World allows the owner of the data to control all aspects of their data; governance is left in the hands of the owner forever.  It is never ceded to others.  

Out of the box, Fl@World forms real-time data ecosystems across organizations and entities, including new and legacy technologies. It:

  1. integrates unstructured and structured data, without changing the format.

  2. ensures data security, PII safety and alignment to global compliance frameworks, with a chain of evidence.

  3. provides a real-time unified view of your customer or company, with customer analytics record.

  4. is a cost effective, scalable solution that is simple to use, scale and implement.

Fl@World allows you to get control and secure your data today and realize the value of your data tomorrow.

By Michael T. McDonald and Les Aker

For further information about Fl@World contact us via this form or email:

One Brand. One Experience. One Data Ecosystem Technology Platform.


Overview: This is the follow up article to "Redefining data ecosystems for the data economy" written for First 5000. In this article we explore the value of a single data ecosystem technology - that integrates internal and external, structured and unstructured data, from legacy systems and new technologies, in real-time, with data protections - in facilitating and enabling alignment of people, brands and data to deliver the hyper-speed, hyper-personalised, hyper-secure experiences people expect. 

People and brands are two of your company’s most valuable assets

Leaders recognize that aligning people and brands has the power to attract, retain and engage employees, customers and stakeholders, driving business growth and raising brand value.

Yet in many organisations their value is not realised due to lack of alignment, between:

  • The company’s and people’s purpose and values;

  • Corporate, customer/product and employer brand strategies;

  • Operational silos; and

  • The promise the company is making to its employees, customers and stakeholders through its communications and their actual experiences.

Add an additional layer of complexity - the valuable asset that is data 

Data - quantitative and qualitative, structured and unstructured, internal and external - is the opportunity to understand and strengthen the relationships between people, brands and business to unlock value and drive growth.

But lack of alignment serves to prevent easy and secure control of and access to data, from within and outside the organisation, and between employees, customers and stakeholders:

  • People operate in silos with their own sets of data, technologies and systems that don’t talk to each other either within and outside of the organisation

  • Many individuals don’t think data is their responsibility whereas data compliance, collaboration and capitalisation needs to be part of the culture and everyone’s responsibility

  • Data compliance and security, privacy and permissions in using, sharing and integrating the data are not clear

  • Exacerbated when combining legacy and new technologies, and M&A organisations

  • There is no unified view of the customer or data of any entity, without expensive, time-consuming and risky stitching together of systems and data

Without alignment of people, brands and data, the experience is disjointed

As a result of lack of alignment of people, brands and data, customer, employee and stakeholder experiences are disjointed and not aligned to each other to ensure consistent delivery against the brand promise. A far cry from living up to people’s expectations of real-time, seamless, personalised, experiences that keep individual’s PII (personally identifiable information) safe.

Without one brand and a unified view of the customer or data of any entity, organisations cannot manage the complexity of experiences between its customers, employees and stakeholders to deliver consistently against the brand promise and business objectives.

A data ecosystem technology has the potential to align people, brands and data

Organisations need to align people and brands to business strategy, and they need a data ecosystem technology that facilitates the data that informs and inspires people and brand relationships to drive business growth.

You can read more about aligning people and brands hereand here.

But what about the data ecosystem? To address the challenges above, the data ecosystem technology needs to:

  • Be user-friendly, easy to implement, use and scale by individuals and teams in-house in order to support a data-driven culture

  • Enable people to share, integrate and analyse data within and between organisations, legacy and new technologies, accessing data across operational and technology silos

  • Efficiently handle high volumes of structured and unstructured data gathered across experience touch-points, internal processes and KPIs (key performance indicators)

  • Have in-built privacy and compliance controls that enable sharing of permissible data between individuals and organisations

  • Provide a unified view of the customer or entity

  • Facilitate data that is useable and updatable in real-time, capturing data related to each data point, with the capability to feed analytics, machine learning/AI and deep learning models, to enable decision-making and action at point of interaction in real-time.

Deliver the hyper-speed, hyper-secure, hyper-personalised experiences people want

The combination of the strategy – aligning people and brands - and the technology – facilitating the data - enables organisations to deliver the hyper-speed, hyper-secure, hyper-personalised experiences that people expect and live up to the brand promise. Raising brand value and driving business growth.

Sound too good to be true? I’ve been fortunate to be working with transformative technology start-up Fl@World founders Michael & Kim McDonald and their data ecosystem technology, built upon years of experience in Tier One companies and Silicon Valley start-ups. Fl@World is designed to do this… and more… solving the data problems that organisations face today in order to open up opportunities for the future. You can find out more here.

Where do I start? 

Michael McDonald, CTO/CDO of FlatWorld Integration, has partnered with Rachel Bevans, Managing Director Strategy & Planning of The Healthy Brand Company, to design a Data Strategy Benchmark Workshop specifically for organisations who are aware of the issues and opportunities surrounding their data, but aren’t sure where to start; or have started and aren’t sure where to go to next; and want an objective, external view of their data before they invest significant amounts of time, money, people resources on the area.

The workshop delivers a Data Strategy Benchmark against your organisation's Strategic Business Vision and Plan. We work to initially understand your key business priorities and strategic drivers towards customer centricity, resource and process efficiency, agile organisation transformation, digital transformation, data security and compliance, brand reputation etc.

We guide you through a review of your entire data ecosystem of internal and external data sources across six key areas including: financial; operations, production and supply chain; data, insight, strategy, innovation and technology; brand, customer and marketing; people, culture and capability; legal, risk, compliance and security.

Together we develop the target state of data against your organisation's future vision and compare it against the current state of data from the review, conducting a gap analysis to identify the key gaps that need to be filled.

Once written up, this provides the Data Strategy Benchmark that will provide you with the start point prior to developing a strategic roadmap, identifying priorities and how to fill the gaps, tactical goals and implementation.

Contact Contact us via the form or email: find out more.

Redefining the data ecosystem for the data economy


The data-driven organisation

Organisations know that to capitalize on the data economy and grow their business, they need data to make decisions that enable delivering a unified customer experience and employee experience, supply chain integration, innovation and new business models. 

In order to become data-driven, organisations are looking to build their data ecosystem. But what is it?   

Perceptions vs reality

When people think about data ecosystems, more often than not, they think about those within the organisation. They aspire to organisations such as Google, Apple and Samsung that have strong data ecosystems within their brand that enable the organisation to provide a seamless, personalized customer experience, connecting smart phone and computer, software and apps, home entertainment and appliances, watch and car; all the while collecting more data to increasingly personalize the experience. 

But in order to deliver that personalized, seamless customer experience – or employee experience, supply chain integration, innovation or new business model - the data ecosystem needs to operate within and outside the organisation, in the customer’s ecosystem. And the reality is once you go outside the brand, like Apple, Google, Samsung, they don’t play well with others, leading to missing data points in the customer journey, delayed response times, friction in the experience and potential customer pain.

In aspiring to build a data ecosystem, people are frustrated, struggling to integrate data within their own organisation, let alone others. The solution of stitching systems together costs money and time, and risks compliance, PII (personalized identifiable information) safety and brand reputation. 

The definition of data ecosystem is limiting its potential 

Half the problem is in the definitions of data ecosystem, of which there are many, mostly alluding to the systems and applications used to capture and analyse data within the organisation or brand (as above), and possibly extending to those used to capture and share data sets between organisations. 

This is a very narrow definition and capability that won’t deliver the seamless, personalized customer experience that people expect.

The data captured within the organisation alone is not enough because much of the customer ecosystem and journey exists outside the organisation. In order to understand past behaviour, respond to, predict, plan for and ethically influence future behaviour, you need to understand relationships between the data. This requires collecting, analysing and applying:

  • data and relationships between data

  • over time and in real-time 

  • at the individual level and the group level

  • across the customer journey and throughout their current and prospective customer ecosystems

  • from sources both within and outside the organisation. 

A new vision

We need a definition or vision of what a data ecosystem could be. 

Michael McDonald, CTO of Fl@World, describes the data ecosystem as follows:

“Similar to a biological ecosystem, a data ecosystem is a living, evolving collection of: 

  • Systems and applications used to capture, integrate, analyse and share data within your organisation and between organisations or individual entities of your “customers” i.e. current, prospective and lapsed customers, employees and stakeholders such as shareholders, suppliers, agencies

  • Structured and unstructured data contained within these systems and applications, captured, integrated, analysed and shared at an individual level (pending permissions) and in real-time;

  • Data history, builds and relationships between the data, systems and applications

  • The controls and conventions on individual data points

  • And in fact, the people who are using the data ecosystem are part of that ecosystem too”

“With the rapidly evolving needs of customers, new technologies and capabilities such as AI and machine learning, organisations need a living, evolving data ecosystem that connects people and data in real-time.”

As first published by First 5000 on April 10, 2019. Author Rachel Bevans.

Pass? No, This Encryption Bill Gets a Failing Grade


by Michael T. McDonald

The Australian Government’s has pushed through their encryption assistance access bill, using the excuse that potential terrorists use encrypted messaging apps. Believing the notion that a ‘local’ (read national/federal) government can geographically ring fence ‘people-of-interest’ into a group that can be secretly listened is nonsensically out-of-touch. In fact, this rushed bill simply illustrates the government’s profound lack of understanding of technology, the web and the global digital economy, which includes everything from email and ecommerce to banking online. 

The Australian Government’s has pushed through their encryption assistance access bill, using the excuse that potential terrorists use encrypted messaging apps. Believing the notion that a ‘local’ (read national/federal) government can geographically ring fence ‘people-of-interest’ into a group that can be secretly listened is nonsensically out-of-touch. In fact, this rushed bill simply illustrates the government’s profound lack of understanding of technology, the web and the global digital economy, which includes everything from email and ecommerce to banking online. 

Some points to consider:

  • Where is the data stored and where is the company based? The majority of companies that have messaging apps (the use case the government puts forward is needing to listen into encrypted messaging) don’t have meaningful legal presences in Australia, nor do they store their data here.

So, under what legislation would they be compelled to provide the data and functionality?

  • Who is going to change their software? Generally speaking, Australia is, at most 5% of a multinational company’s total revenue (and these are typically providing the messaging services that the government is currently focusing on). There is no commercial incentive for a multinational to hack their technology. 

This is particularly true for what is, essentially, a vague idea cobbled together by a foreign (Australian) government to compel them to secretly give access to some of their customer’s data when said government requests it.

  • Precisely who is being targeted? How many pseudonyms do people have on the web? Ask a company like Facebook or Google and they would likely answer – a lot… a whole lot. 

Using the example used by the Australian government, which focusses on encrypted communication going between individuals, how can the government specify the exact (read correct) username(s) to listen into?

  • Who is going to enable the listening? To enable listening software developers would have to introduce ‘hacks’ into their software to enable backdoor access. If they did they would a) never get a new sale and b) most probably be sued by businesses using their software for breaking the terms and conditions of the confidentiality and data protection/security provisions. 

The reality is a) there are hundreds of thousands of software developers in the market – most of whom deliver some form of encrypted functionality (e.g. accounting packages, bank transfers etc.) and b) there are magnitudes more companies operating said software - and they can be anywhere in world. 

So, how is the hack going to be implemented and who is going to operate on behalf of the government?

  • In what instance is someone declared to be ‘of interest’ and who would control the data if it were to be provided to the government? Since there appears to be no set parameters delineating what data can be asked for and about whom, it is possible that highly confidential business information will be captured. Broadly speaking, governments do not have a stellar reputation around data security and data controls. For instance, rather than only the intelligence service that is doing the investigation having access to the captured data, it would certainly not be impossible for a government IT person to, potentially, access, copy it and post the data elsewhere. 

Without strong, independently verifiable process and data controls there is prodigious potential for abuse of this power.

  • Will there be ‘scope creep’? Once the government has this power what else could it be used for? Recent examples show how broad legislation can have unintended consequences as with the Patriot Act being used by the IRS to track down tax dodgers rather than just being used for anti-terrorist actions.

  • And what about PII (Personally Identifiable Information)? Legislation like the EU’s GDPR (General Data Protection Regulation) are specifically designed to protect users data from abuse by individuals and organisations looking to profit off their data without their knowledge or consent - along with the right to be forgotten (i.e. the removal of their data from the company that had it. 

It is not at all clear how a government attempting to get backdoor access to data and not allowing data to be deleted does not contravene the very ideals of the legislative protection around PII. A potential side effect is that any Australian company complying with the Australian legislation could, in effect, be prevented from doing business in Europe and any other jurisdictions that have these data protection legislations in effect.

It appears that the thinking behind this legislation is from an age group that grew up watching FBI shows in the 70’s and 80’s, where ‘the good guys’ could listen into the ‘bad guys’ in the next room or get a wiretap from the country’s one Telecommunication company (there was only one at that time). 

The world has changed immensely and it is time to wake up, keep up and rethink how to address the global problems of the 21st Century without attempting to recast antiquated ideas.

Blockchain: What’s Trust Got To Do With It?


By Michael T. McDonald

Given the enthusiasm and hype surrounding Blockchain, it may confusing for some to understand why every business and institution isn’t rushing to take it up. For instance, following its $700,000 budgeted investigation into the capabilities of Blockchain, the Australian Digitial Transformation Agency (DTA) this week admitted to a lessening of its enthusiasm for the technology being particularly effective in delivering governmental services. As Peter Alexander, CDO (Chief Digital Officer) at the DTA told the Senate Estimates hearing, “without standardisation and a lot more work, for every use of blockchain that you would consider today there is a better technology.

He went on to say, “Generally speaking when the government is engaging with someone, we want to have a trusted relationship with them.” Unfortunately, Blockchain is only good for “low trust engagement.”

Trust IS all its Cracked Up To Be

When you get beyond the overblown hype, the fact of the matter is, it is difficult to find any business or government use cases that don’t rely on trust. Computing solutions have, since their inception, been designed to answer this need; however, at some level (business and/or technical infrastructure) there is a trusted party (or parties) that facilitate transactions by providing:

  1. Authentication of Transactors - Verifying and “vouching” for who is party to the transaction;

  2. The marketplace - So buyers and sellers can find each other;

  3. The Trading Floor - So transaction details can be viewed by all parties; 

  4. The Transaction - Changing the state of the parties to reflect the Transaction e.g. transferring money – one account balance goes up, the other down;

  5. Transaction Verification - All parties confirm/agree the completed state of the transaction is correct (i.e. The account of party ‘A’ went down by $100 and the account of party ‘B’ went up by $100);

  6. Arbitration - What happens when any of the parties do not believe the transaction met the conditions agreed to due to issues such as fraud, faulty goods, non-delivery, incorrect delivery, etc.

These provision points are essential for doing the vast majority of business, be that in commercial/government (private/public sector) marketplaces/ecosystems.

Who Do You Trust?

The touted value of Blockchain is the ability to do transactions in a “trust-less” marketplace i.e. removing the need for an intermediary, trusted parties. The premise being that, by using a distributed ledger built by using marketplace/network trusted/verified transactions, any participant can ‘do business’ using an anonymous (but known/dedicated) identity. They are able to do this because they can determine what the ‘truth is’ by creating their own ledger, using this trusted network transactions independently.

So in relation to the provision points noted above, what this means is:

  1. Authentication of Transactors - Blockchain authenticates an ID. It does not vouch for who the party is;

  2. The marketplace - This only works if you use the same blockchain network;

  3. The Trading Floor - This only works if you use the same blockchain network; 

  4. The Transaction - This only works if you use the same blockchain network;

  5. Transaction Verification - This only works if you use the same blockchain network and is currently very slow and extremely expensive in computing time;

  6. Arbitration e.g. - This is not handled by blockchain.

As you can see, Blockchain does not cover off the majority of use cases in both Commercial and Government eco-systems.

Who Controls the Chain?

It is important for users - individuals, governments and institutions - to see through the hype and hoopla being pushed by enthusiastic vendors, many of whom many not actually understand the technology (and its inadequacies). To do this it is important to understand a few things. 

First, Blockchain networks come in a myriad of incompatible varieties; for instance, Bitcoins can’t be used on an Etherium blockchain network. Even two Etherium networks can’t spend each other’s currency. The result is a random collection of currencies which cost a hefty amount to exchange for another currency - be that real or crypto. (Fees are unregulated and the actual value of said crypto currency can vary massively, even on the same day.) One could say the it is comparable to, if not worse than, travelling and spending in Europe, prior to the Euro.

Additionally, party ‘A’ needs to have an ‘account’ within whatever particular network is in question and party ‘B’ must have an account in that network as well. Think of the thousands of regional banks - which, in this instance, equate to networks - that exist in the world and extrapolate that to internet-scale and you can get some idea of the result: a massive mess.

It is also important to know that, in an attempt to mitigate the requirement failings inherent in majority of Blockchain-based Proof of Concepts, proponents and vendors have:

  • Created closed Blockchain networks to make the Proof of Concept easier to manage;

  • Tightly control who can use the network;

  • Pick one ‘flavour’ of Blockchain, which is difficult due to a bugs, version and architectural incompatibilities;

  • In many cases, control the Blockchain wallets of the participants (including private keys).

These mitigations negate the much touted Blockchain ‘benefit’ of removing a trusted third party/intermediary and, as noted above, does not ‘tick all the provision point boxes’ required for doing good business.

The issues with Blockchain technologies aren’t limited to crypto currencies; they apply to any assets that are tokenised in a Blockchain. This includes such things as the much hyped smart contracts from the likes of Etherium, which are equally locked into specific, individual Blockchain networks and isolated from any other networks. 

There is no standard as to how, or even if, this will ever be resolved. The result is a muddled mess of isolated, competing Blockchain networks that have no standard set of policies, practices or legal protections.

It is, perhaps, ironic that the vast majority of Proof of Concept use cases can be achieved, with all ‘boxes ticked’ and trust intact, far faster, cheaper and more securely, using other technologies instead of a Blockchain equivalent. 

Data Security: Why you'd better stop using unencrypted integration platforms (which is most of them) right now!


by Michael McDonald and Kim Chandler McDonald, Co-Founders of FlatWorld™ Integration

Unencrypted integration platforms, operating system patches; application upgrades; accessing your network through your printer - they’re all potential points of vulnerability for your business. Simply put, any technology that is part of your company or technology belonging to your employee or a visitor to your site (either online or in person) - can, if it has access your network (either via wifi or any other means) leave you and your data exposed and susceptible to data breaches and your organisation liable for serious fines for noncompliance with data breach laws.

You may think that you are already acutely aware of your data security problems. However, what you may not realise is that your favourite, trusted integration platform could be contributing to your vulnerability. 

How? By transporting data between your multiple applications and processes as free text. Because of this, it only takes a single breach, in only one of those node, to expose all of your data and/or or your customer’s data. The more applications you integrate, the greater your exposure. Unfortunately, attempting to keep your data secure using outmoded methods such as firewalls simply won’t cut it. 

Who cares if you have a strong firewall if someone has accessed your network through connecting to a node, such as your printer, via wifi. That’s like relying on security cameras in your office while you’ve left the back door unlocked. That is, in a word, useless. 

Perhaps, in fact, less than useless because you’ve lulled yourself into a false sense of security and let your guard down. The concept of mitigating risk by installing firewalls and hiding behind them simple doesn’t work; you are, more often than not, at risk via your weakest link.

The recent ‘HP Australia IT Security Study’ found that:

Almost half of all Australian SMBs with an annual turnover of $3M+ do not consider themselves to be prepared for the mandatory data breach disclosure laws that will come into operation from February 2018

only 18% currently have a compliance policy in place; while 33% are currently developing a policy

57% of SMBs have not done any sort of IT security risk assessment in the last 12 months, putting their devices, data and documents at risk 

Of the 43% of SMBs that have undertaken a risk assessment, just 29% included printers in their analysis, a device that is increasingly an entry point for data breaches

63% of respondents state their employees work remotely on a regular basis, and as a result are becoming increasingly concerned about associated security risks – e.g. visual hacking

63% of respondents allow employees to access company data from personal devices;

less than half (44%) of respondents have a security policy in place for employees that bring a personal device to work 

only 37% restrict the data that can be accessed from the device

Fl@World is designed to give you agility and improve your data security levels out-of-the-box by encrypting your data onto disk and ‘in flight’. With one click you can grant auditable, access permissions to your colleagues, vendors and partners. They are only given access to what you decide to give them permission to access - via their own unique, auditable IDs. At any time, via this auditability, you are able to see who has accessed what and what they have access to. Adjusting this accessibility is, again, just one click away. 

Now, even if your printer has not been updated and a ‘worst case scenario’ occurs - such as someone, or something (IoT, etc.) unauthorised accesses your network - all they have is encrypted data that is, essentially, useless to them.  Compare that to an unencrypted Excel spreadsheet containing Personally Identifiable Information (PII) - which leaves your company legally accountable for fines, etc., if it falls into the wrong hands. 

Unencrypted integration platforms, data security and data regulatory compliance are serious issues for businesses of any and every size, from the largest Enterprise to the smallest SMB. However, the problems around these issues are eminently and simply solvable. Fl@World stops your reliance on vulnerable platforms and ineffectual firewalls and instead, enables you to connect, collaborate and thrive using secure data.

Automatic, Universal, Data Format Conversion: What It Means To Your Business and Why You Should Care


by Michael McDonald and Kim Chandler McDonald, Co-Founders of FlatWorld™ Integration

There is little argument that accurate real-time data is required for efficacy at every point in the value chain. However, because data lives in different systems and formats, extracting it is highly problematic using existing technologies. Fl@World™ provides a unique architecture that overcomes traditional data unification limitations, enabling enterprises to fully leverage their data assets.

If you want to analyse your customer’s interactions, for example, there are multiple places their data resides: Excel spreadsheets, emails, Twitter posts, chat conversations, CRM records, the accounting system, shipping records, point-of-sale records and so forth. This highly fragmented customer data is bound within specific, separate applications and processes. Each of the systems will ‘understand’ the data and display the information its own way.  What you end up with is multiple vendor-specific data/file formats — data silos — even if the data is about the same customer.

This situation is bad enough if the reader of the information is human. The problem is magnified exponentially if technology tries to deal with these different formats via automation robots or machine learning algorithms;  or if your data scientists want to combine these different data sets in some way.

You’d hoped using data would enable you to service your customer better; instead, this data fragmentation problem is costing you time and money. 

Your company’s IT department (and/or your data scientists) have to write bespoke code for each of the data sources. Often this generates another off-line database or bespoke file, further proliferating data fragmentation.

Even for fairly straightforward scenarios,  the data unification process is time consuming, expensive and prone to error (i.e. if the code has a bug or if the information is old) and does not cover data security issues such as:

  • if it is encrypted on disk,

  • who can access this information, and worse

  • who can change this information.

Existing technology solutions do not address these problems. In fact they force your IT team to write ever increasing lines of code.  

Enter Fl@World™ Integration:

  • Fl@World™ is a unique data integration technology which solves the data unification problem “out-of-the-box.”

  • Fl@World™ automatically creates a vendor-neutral data view, regardless of the application the data resides in.

  • Fl@World™ enables non-specialised IT staff or Business Analysts to combine and use data very easily to drive business value.

  • At the same time Fl@World™ applies bank-level data encryption, regulatory compliance and data access/logging controls without you or your IT team having to write a line of code.

The Fl@World™ benefit is quick, secure data unification —  freeing up IT resources, enabling value creation, innovation and agility, while covering off data-security and compliance.

What is Your Data Quality Score


by Michael McDonald and Kim Chandler McDonald, Co-Founders of FlatWorld™ Integration

Quality is more important that quantity.” - Steve Jobs

If Samuel Taylor Coleridge were alive today perhaps, rather than bemoaning, “Water, water everywhere, Nor any drop to drink.”, he’d be delving into the data drama. We’re drowning in data, yet so little of it is ‘drinkable’ - too much of it is of little to no use, providing little to no actionable acumen. Knowing the quality of your data will go a long way to ensuring you don’t sink under the deluge. Keep reading to find out why its important, and how easy it is to do.

The fact of the matter is, regardless of the quality of your insight-generating algorithms, the old IT proverb, ‘garbage in, garbage out’ holds true.  If you don’t know the quality of your data then you not only run the risk of offering poor service but, worse than that, of offering the wrong service to your clients, customers and colleagues.

Data is replicated all over your company. The same person (be they client, customer or colleague) can have the same type of data (the product data, name and address data) stored in scores of systems over a multitude of spreadsheets and it will, undoubtably, go into a wide number of reports. 

Unfortunately for most companies, this data can be inconsistent, incomplete, out-of-date, or worse, plain wrong.  Moreover, this same data is likely being rolled into processes that are feeding your decision making or, increasingly, into your machine-learning algorithms. Which leads us back to the basic problem: ‘garbage in, garbage out’. Simply put, you need to measurably separate your data into data that works for you and data that works against you. 

Measurement of your data is surprisingly easy to implement. It can be as simple as adding in a confidence or quality level ranking to your data from 1 to 5 (1 being unknown and/or unverified and 5 being completely accurate and/or verified).

This simple assignment of quality can be easily added into your machine-learning/analytics/reports. In doing so, you can confidently ask for “the data we really know about our customers,” and, from there, determine real, actionable and, most importantly, relevant outcomes that can drive happier more valuable customers.

The alternative is being immersed in ‘good decisions based on bad data’ - the worst outcome possible for any investment in data-analytics/machine-learning.

In five easy steps you can create a quick benchmarking/scoring of your company’s data, which will inform everyone from operational to strategic management how much they can trust the data they are building their decisions from.

The steps are:

  1. Identify your core information. For most companies this would encompass their customer profiles and associated product portfolios. Most companies will view customer service as being essential, so product use and any customer service related data can be defined as your core data elements.

  2. Identify your SoR (Source of Record). In most companies you will have more than one system storing your core information. You need to select one system for each core data element – its recommended that you choose the system that has to the most up-to-date and accurate information.

  3. Scoring. You then need to score each data element (e.g. customer address) in your core data on a simple scale between one and five. The range should reflect one equating to, “we don’t know” and 5 equalling, “we know that the information is correct because we had the customers validate the address, we have cross checked it with 3rd party data and the addresses are “real” i.e. they work in Google Maps”. A score of 3 would be the norm for most SoR systems; this is because generally customers update this data, therefore it is only as accurate and as up-to-date as they have entered it and ‘agreed’ to share with you.

  4. Measuring. You now have a simple measurement/score reflecting how much you can trust your SoR data. Now all you need to do is make sure you use this scoring data to generate your reports so you will generate consistent reporting, from different departments, with a known quality of data.

  5. Validation. Machine-learning/deep learning (also known as AI) can require large amounts of data to ‘work their magic’ but they can generate poor results with poor data. Big data in no way guarantees Smart Data so systemic data quality/validation processes need to be put in place for SoR that score a 3 or less. This means creating a method of checking your data for accuracy, timeliness (is is up-to-date) and completeness (are we missing anything). The result will be that your data will a) be of better quality and b) won’t go out-of-date as it would be the case if it was a ‘one-off’ fix.

Data is cheap, information is invaluable.  With your uplifted SoR data driving your analytics, reporting and any machine-learning/AI your company will be set to begin the journey to offer the sought after omni-channel, hyper-personalised service you need to differentiate in today’s global and hyper-competitive market landscape.  

Rethinking Compliance Complexity

by Michael McDonald and Kim Chandler McDonald, Co-Founders of FlatWorld™ Integration

It is rare to find a company anywhere, of any size, that is not acutely aware of compliance issues. We’ll bet yours is.  Additionally, if that weren't enough, in all likelihood you’re in the midst of struggling with the implications of what, logically, should be a relatively simple task. But we’ll bet it isn’t.

Compliance normally takes the form of:

1.  Regulatory (e.g. government legislation on Anti Money Laundering (AML), Privacy of data (GPDR), Regulatory Reporting (BCBS239) etc.);

2.  Contractual (e.g. Reuters may license their data to your company under conditions); and/or

3.  Voluntary (e.g. protecting user’s data etc.).

Generally, most boards and ‘the C-Suite’ (CEOs, CTOs, CIOs, etc) are more focused on number 1) - Regulatory; however, all three have the capacity to capsize a company if they are not dealt with correctly.

To give credit where it's due, most companies treat compliance requirements seriously and put aside (sometimes considerable) funds to address the issue. But, therein lies the root of most company’s challenges: understanding exactly what issues they are attempting to solve. Perhaps that’s your challenge too.

Simply put, to be compliant, you must prove to a third party (be that the government, an external auditor, a company that licenses their data to you) that:

a)      You are capturing and securely storing all the data that you are required to.

b)      That the data that you have captured and stored can only be altered and enriched by authorized systems/devices and/or people.

c)       That extra data has not been added to and/or removed from the relevant data sources.

All this is expected of you in the vastly changed, and rapidly transforming, digital economy wherein the end-user experience (be they client, customer, colleague, partner or supplier) is everything.

To accommodate this seemingly endless list of end-user expectations, many companies are buying in and/or licensing external data sources. Are you? Perhaps you're merging data and then applying data science (machine learning or otherwise) to improve the relevance to your end-users in hopes that this will satisfy them.

Unfortunately most IT departments have:

a)      A lot of different systems;

b)      A lot of ‘’spaghetti' code trying to link those systems together; and

c)       A lot of different views of data (e.g. hundreds if not thousands of Excel spreadsheets).

Combine these issues with your need to interact with ever more demanding end-users and external vendors (data providers or otherwise) and you find yourself in an extremely unenviable position of not knowing what your exposure is to compliance breaches. These breaches, be they regulatory, contractual or voluntary, will, at the very least result in bad PR; however, they can also lead to fines and, in some instances, the loss of your licence to trade.

Within your compliance struggle, there is a strategic opportunity in reimagining how to crack this conundrum simply, swiftly and securely while dealing with the high costs, complexities and slow moving realities of current approaches. That opportunity is at the heart of our Fl@World technology, which has data compliance and security built in and useable out-of-the-box.  Fl@World is secure, compliant, fast, frictionless and easy for users across different divisions and/or organisations to use. To find out more about how Fl@World can help you, complete the form and one of our team will be in touch to organise a demonstration.