jcs journal vol.3, issue1
DESCRIPTION
The Jamaica Computer Society is proud to present the latest installment in its Journal series. (Oct-2015)TRANSCRIPT
2
3
JCS Journal ISSN: 0799-3838
Published in Jamaica by Jamaica Computer Society
2 ¾ Ruthven Road,
Kingston 10, Jamaica, W.I
Tel: (876) 497-1442
Email:[email protected]
www.myjcs.com
Vol. 3, No. 1
Copyright © 2014 by Jamaica Computer Society
All rights reserved. No part of this publication may be reproduced or utilized in any form
or by any means, electronic or mechanical, including photocopying and recording, or by any information storage or retrieval system, without the prior permission of the publisher
and copyright holders.
Editor:
Jovan Evans
Editorial Committee: Dean Smith (President – JCS)
Jovan Evans
Photographs by: Jovan Evans
All correspondence and subscription requests should be addressed to: Jamaica Computer Society
2 ¾ Ruthven Road,
Kingston 10, Jamaica, W.I
Tel: (876) 497-1442
Email: [email protected]
Subscriptions:
Single copies J$900; three or more copies J$600
4
5. ICT as Enabler VTI Graduation Ceremony Address
7. JCS Governing Council
9. Careers in Cyber Security
11. Effective Mobile App Development
15. Biztech Forum
Conference Chairman Address
Conference Schedule
17. Conference Presenters
Carlton Samuels
Dr. Louis Shallal
Dr. Paul Golding
Yoni Epstein
Dr. Noel Cowell
Mervyn Eyre
Dr. Maurice McNaughton
21. Abstracts
Academic Perspective for an ICT led national economic
growth agenda: The role of ICT policy in productivity im-
provements.
Beyond eGovernment: Thoughts on Smart Government
Building High Performance Work Systems in Caribbean En-
terprise: Harnessing the Synergy of Human Capital & ICT
New ICT Consumption Models: Helping CIOs Make the Leap
Open Data & The Private Sector: Business Models & Opportu-
nities
25.Big Data Security
33.Big Data & Government
43.Governance of Big Data
5
A t a seminar held at the Uni-
versity of Technology
(UTECH) under the theme:
“Regulating the ICT Indus-
try and its Effects on Growth & Devel-
opment” on Tuesday, December 2,
2014; several presenters highlighted
the various efforts to promoted ICT as
an enabler:
1. Entrepreneurial efforts among
the younger ICT professionals,
such as; Connectimass, DigiJam,
Kingston Beta, and so on.
2. Curriculum improvements and
programs at almost all our Ter-
tiary and some secondary schools.
3. Introspection in Private sector
SMSEs and larger entities as well
as the public sector on ICT usage
and relationships with elements
of the ICT ecosystem.
4. The work being done to establish
a single regulator for the ICT sec-
tor.
This highlighted to me, that there is a
groundswell of concern for meaningful
growth. This growth must of necessity
be reflected in improved ICT global
rankings and national economic out-
put. While yet to attain critical mass,
there is still evidence of a missing link,
that ingredient that will bring com-
pleteness to the recipe. More and more
I am convinced that this ingredient
must come collectively in “we the ICT
people”. The solutions lie within US.
The focus has to be on the human capi-
tal, our people. The ICT profession is
ripe for attention;
1. There are so many so-called ICT
practitioners that give the profes-
sion a bad name, accepting assign-
ments for which they are not certi-
fied or competent, then doing a
poor job because the esoteric na-
ture of their tasks do not allow un-
informed oversight.
2. The value of the contribution of
many ICT professionals in both
private and public sectors is not
fully recognized in the remu-
neration that they receive as
well as the weight given to con-
tributions they make to busi-
ness strategy and tactical oper-
ations. Many just relegate
themselves to “do as they are
told” and just “keep the sys-
tems running” .
3. The need to have ICT govern-
ance input from the highest
levels is not fully appreciated;
so many boards especially in
the public sector languish with-
out a board vision of how ICT
should be leveraged to further
the organizational goals.
ICT Excerpts from the address by JCS President, Dean Smith at the
Graduation Ceremony of Vector Technology Institute (VTI),
held at the Knutsford Court Hotel on December 7, 2014
6
In a 2013 study at the JCS, we found that there is a strong
positive correlation between membership subscriptions
for the JCS and the World Economic Forum – Global In-
formation Technology Readiness (WEF GITR) index.
When JCS membership went up, the index went up, when
the membership went down, the index went down. While
there is no claim to causality (one does not cause the oth-
er), the evidence points to the fact that apathy within ICT
the profession (reflected in fall of JCS membership and
lack of involvement in JCS programs) does have a national
impact.
So many national initiatives that affected the ICT industry
came out of efforts and activities within the JCS. We re-
call the liberalization of the telecoms industry being a hot
topic of meaningful discussions when it was mooted for
the first time at a panel discussion in a JCS conference,
just prior to activities in that regard.
Now you have this opportunity as young professionals to
be catalysts for ICT leverage on a national scale. I chal-
lenge you therefore, to be agents of positive influence as
vectors and conveyors of a message: there is value in the
collective ICT intelligentsia of the ICT community. This
challenge is to examine and contribute to advancement of
some issues that have been identified by the JCS as critical
elements for serious ICT adoption:
1. Mandated continuous education programs at the JCS,
for professional development and capacity building.
2. Broadening a regulatory scope of professional over-
sight and rating of ICT professional; as proposed to
NICTAC
3. Revolutionizing vendor/client interaction that feature
good IT governance, business value and national in-
terest
4. Organization of Government of Jamaica’s (GOJ) ICT
efforts thru an effective national CIO
5. Island wide and comprehensive inclusion of all ICT
professionals in the JCS
All of these have the common thread of significant partici-
pation of ICT professionals with demonstrated value at the
personal, enterprise and national levels. As professionals,
you too can and should contribute as active members of
this intelligentsia. By looking at these issues or developing
new perspective in the many Special Interest Groups that
exist within the JCS, you can advance the programs that
are so necessary for Personal, Enterprise and National
growth. We look forward to your contributions.
The aim of the JCS is to be the national body that pro-
vides leadership in the promotion of the efficient and
effective use of Information Technology in Jamaica, pri-
marily through practicing professionals.
The high level objectives of the JCS include: setting
standards to ensure professional competence and pro-
fessional ethics, encouraging continuous education, pro-
moting social responsibility and professional steward-
ship as well as addressing membership interests.
I challenge you therefore, to be agents of positive
influence as vectors and conveyors of a mes-
sage: there is value in the collective ICT intelli-
gentsia of the ICT community.
7
Jovan Evans ………………………………..………………………………...Deputy President
Khari Bryan …………………………………………………………………………VP Finance
Brad Clark …………………………………………………………………….VP Membership
Glenice Leachman …………………………………………………………………..VP Events
Rohan Morris……………………………… ……... VP Certification Education Standard
……………..…………………………………………………..& Accreditation & VTI Campus
……………………………………………………………………………………Chapter Liaison
Dean Smith………………………………………………………. Immediate Past President
……………………………………………………………..…………& Conference 2015 Chair
Mervyn Eyre…………………………...………Council Member and President of JITSA
Richard Shaw……………………………………...…………………………Council Member
Douglas Williamson ………………………………………………………Council Member
Keita Mendes ………………………………...………………..CS Western Chapter leader
……………………………………………………………..& MBCC Campus Chapter liaison
Andre Thompson…………………………...……..MBCC Campus Chapter Coordinator
Maurice Coke……………………………………………….. PCC Campus Chapter liaison
Kerene Graham………………………………...…….PCC Campus Chapter Coordinator
Henry Osborne……………………………...………..NCU Campus Chapter Coordinator
Oliver Hylton………………………………...……...Utech Campus Chapter Coordinator
Governing Council
8
9
T he Cyber-security area of IT is one of the fastest grow-
ing fields, dynamic and ever-evolving. There are how-
ever emerging trends and career standards. Jamaica is
stepping up to match pace with the rest of the world.
There have been a few recent efforts to define cyber-security ca-
reers, highlighting the dearth of skilled personnel as well as the
need to immediately build capacity. The Jamaica Computer Soci-
ety (JCS) has joined efforts to support capacity building, having
participated in the development of the recently launch National
C y b e r - s e c u r i t y
Strategy. One of the
first steps, along
with industry ex-
perts, was to launch
the cyber-security
s p e c i a l i n t e r e s t
group (SIG). At its
inaugural meeting;
the topic was Team
Composition. The
gist of the proceeds of this meeting is presented here in an effort
of local practitioners; defining the needs of the local industry seg-
ment.
At last check (April 18, 2015) there were only sixteen (16) CISSPs
(Certified Information Security Professionals) designated certifi-
cations attributed to Jamaica. This CISSP certification is useful in
almost all areas of a career in cyber-security (See Table 1). In-
creasing this number is seen as a priority. The main certifying
bodies in cyber-security are ISACA (Information
Systems Audit and Control Association) and
ISC2 (International Information Systems Secu-
rity Certification Consortium) which does the
CISSP certification. There is also CompTIA
(Computing Technology Industry Association).
CompTIA has been established in Jamaica and
has a good working relationship with the JCS and
its training partners as well as several tertiary
institutions. The JCS-CS (SIG) is to work with the
local planning group for the formation of a local
ISACA chapter to conduct events geared towards
promoting the value of the certification as well as
other useful certifications in cyber-security field.
These certifications make professionals more
marketable to organizations locally and interna-
tionally. Certifications also give an indication of
the profession’s role on the team and industry
career.
Typically, IT security team will consist of defini-
tive roles and functions that may sometimes re-
side in a single person depending on the size of
the organization and IT resources available.
These functions may even be outsourced. Pre-
senter Derick Burton of Digicel group had this to
say:
“Whether you use a dedicated team approach or
embedded resources or even outsourcing as a
management strategy, Management sponsorship
is critical.”
“There must be an un-
derstanding that cyber-
s e c u r i t y i s n o t t h e
‘Business Prevention
Department’. Clear au-
thority and responsibili-
ties must be defined and
acceptance of risks ap-
propriatel y ac knowl-
edged.”
Staff retention may become a concern for em-
ployers, especially in the public sector and as
State Minister in the Ministry of Science Tech-
nology and Mining, Hon Julian Robinson stated
in his remarks at the JCS SC-SIG launch “We
know that our government pay scales for cyber-
security and other IT functions are very low in
A Statement by the Cyber-security Special
Interest Group (CS-SIG) of the Jamaica
Computer Society (JCS)
The JCS has joined efforts to support ca-
pacity building, having participated in the
development of the recently launch Nation-
al Cyber-security Strategy.
10
relation to the private sector but we still have to try to re-
cruit and retain good staff”. He went on highlight plans
that cut across several ICT initiatives, including the estab-
lishment of a Cyber-security Incident Response Team
(CIRT).
Role functions Expected Qualifications
Useful certifications
IT Security Engineer Network Security, Endpoint, Database BSc (IT) BSc (CS) BSc (CE)
CISSP MSCP MSCE Network+ Security+ Mobile+ SSCP
Manage security infrastructure IDS, Firewalls
Overlap with System Administrator Create Procedures, Standards and Guide-
lines Incident Response
Information Security Analyst
Systems design validation, System assur-ance
BSc (IS) MIS
CISM CRISC Security+ CISSP
Monitor systems / logs /reports /trends Risk assessment Recommend courses of action Policy writers Incident Response Penetration Testing / Vulnerability As-
sessment
System Architect Design of complex systems
BSc (IS) MIS MSc (IS) with specialization(s) in:
Enterprise Archi-tecture
System de-sign
ITIL/CObIT/MOF/ISO SABSA/TOGAF/ZACHMAN CISSP CISM CRISC ITSM CGEIT CISSP-ISSAP
Ensure consistency in solutions across enterprise
Business requirement analysis Define control objectives Contribute to policy Consultant for new projects & improve-
ment efforts
Information Auditor Management controls review BSc(IS) CISA CISSP ITIL/CObIT/MOF/ISO CSSLP Data security/integrity
Procedure integrity Software assurance
Digital forensics Investigation and recovery of data & metadata found in digital devices
BSc (CS) BSc (IT) BSc (IS)
CEH CISSP CCFP GCFE GCFA CSSLP
Law Enforcement support Most often related to suspected crimes
involving computers Providing expert witness in court cases
11
There is a closer relationship between the Mobile applica-
tion design and development process and the finished
product, than most people realize. With that said, the ef-
fectiveness of the mobile application development pro-
cess, does not guarantee that effectiveness of an applica-
tion. Effective mobile applications, solve a clearly defined
problem, continuously and is repeatable and scalable . An
effective development process should incorporate the fol-
lowing processes,
Problem Identification
Solution Design
Marketing
Product Support.
To illustrate our point we will examine the development
process of an application that will allow Jamaicans to send
packages of any type, from one place or person to another,
for a fee.
We will call the application “Gimmie & Gwaan.”The pro-
cess of Product Identification, involves sub activities,
which may include identifying the problem the application
will solve. The following are the sub activities of the Prod-
uct Identification process,
Focus Groups
Product Ownership
The focus group process does not have to be clinical in na-
ture, but can be as informal as soliciting opinions from
friends and family. However, when a more frmal approach
is taken, and a clinical style focus group is created the
“true” product emerges. Participants should represent
users in the mobile application’s ecosystem. The applica-
tion’s core functional elements are normally born from
this process, as the Focus Group Director should be
careful not to “lead” the group, but rather state the
problem vaguely and facilitate the idea flow from the
group, as they start defining the product as “they” see
it. This process sometimes result in a significantly dif-
ferent idea than the original problem statement.
The Product Ownership role is the responsibility of one
person, the “Product Owner,” This person plays sort of
a supporting cast role throughout the life of the Appli-
cation Development Process. This process involves con-
tinuous research and monitoring of the “market” and
the “product requirements” to determine if the prod-
uct is “still” viable. The application development pro-
cess can be halted for reasons that may include, but not
limited to,
Another entity has a legal claim
Application requires technology not yet available
or too costly to produce.
Market oversaturated with the similar solutions.
An effective Product Identification process, directly
drives the effectiveness of the mobile application devel-
opment process as it clearly outlines the features that
the application should have, as suggested by the focus
group. At this point, application design can and should
begin. It is important to point out that, the focus groups
and product ownership should continue perpetually
throughout the design process.
The Solution Design process of a mobile application is
arguable the most important process, as most people
think that if the application is well designed, then it’s
likely to be a successful application when deployed.
That could not be further from the truth. What increas-
es the success factor of the design process is the how an
application is designed. The following are the key fac-
tors that contribute to how an application is designed.
The Development Team
The Functionality Analysis
The Technical Design
The Testing Strategy
The Deployment Strategy
Kevin Moore, CTO NubeSystems
12
The Development Team
Product Owner
The person that continuously researches the market
industry to determine if the product is viable or is any
changes are necessary to make the product viable
Project Manager
This individual is responsible for ensuring that the devel-
opment process adheres to the required timelines and
that al features and functionalities have been met. Also
serves as liaison between the Product Owner and the de-
velopment team, as changes in functionality may be re-
quired, during the development process
Developers
These individuals will be responsible for the application
code, both on mobile device and server
Tester
This individual will continuously test the application as
each coding functional task is completed
The Functionality Analysis
The Functional Analysis process can make or break a
Mobile Application. This is the process where the results
of the focus group are grouped functionally and func-
tional elements are determined. These functional ele-
ments , also known as functional tasks, are normally
manageable and are decoupled units of work. Using an
Agile Development Methodology (outside the scope of
this article) , these units of work represents product back-
log items (PBI’s), aka items to eventually be completed,
and are grouped together in what is known as sprints.
Sprints represents, normally, a two week burst of an appli-
cation development effort, consisting of the following,
processes,
Grooming
Development
Testing
Retrospective
The grooming process can be a technical or functional
design session, which serves to provide clarification to the
team. The development is the code execution of what
came out of the grooming sessions. Testing is done imme-
diately on each functional element as they are completed
during the sprint. At the end of each sprint, a retrospec-
tive is done, discussing what went well, what did not, and
how to correct it if necessary, for the next sprint.
Technical Design
Technical design becomes easier to manage when the
functional analysis’ grooming process is carefully done.
The grooming process helps the team generate PBI’s
which are normally represented in a functionality matrix.
For Gimmie & Gwaan, the Functionality Matrix would
look like this:
13
Items highlighted in green represents items completed
and tested successfully. At this point it is important to
mention that technical documentation is key to effective
mobile application development. Each of the functional
elements in the functionality matrix, should have its own
mini-document potentially consisting of diagrams, code
snippets, algorithm design, screen mockups, data flows,
ER Diagrams, Acceptance Criterias and any other docu-
mentation necessary explain what the developer did or
intended to do .
The Testing Strategy
A mobile application development process certainly can-
not be considered effective, without the Testing compo-
nent. One of important characteristic in software devel-
opment regardless of the platform, is the ability to test
the decoupled portions of the application. Consequently ,
it is considered effective development when the applica-
tion is "testable." Staying with Agile methodology of de-
velopment, testing happens concurrently with develop-
ment
Observing the functionality matrix in figure 2. , you can
see that the function of the application is broken down
into functional group and further into smaller functional
elements. Each of these elements should be inde-
pendently testable. When a functional element is con-
sidered “code complete” and its status is changed to am-
ber, it is assigned to a tester for testing.
The documentation for the specific functional element
being tested, must includes a “acceptance criteria.” The
acceptance criteria outlines a set of behaviours that this
functional element should perform. In the Gimmie &
Gwaan functionality matrix, item B5 represents a high
level summary of the behavior of the B4 - Crud Pickups
functionality.
When the tester is asked to test the B4 functionality,
they will follow the “testing directions” provided by the
developer. These directions, may indicate which screens
to navigate to perform a the creation of the a pickup re-
quest , the retrieval, update and and subsequent deletion
of a pickup request. Once the acceptance criteria is met,
the functional element set to green indicating completed
and successfully tested. The PBI - product backlog item
B4, is now considered done. This testing process activity
happens is parallel to the development effort.
The Deployment Strategy
The attention span of mobile application users exacer-
bated by the competitiveness of the various mobile “App
Markets,” may cause your users to either lose interest in
your application, or be distracted by another more
“shiny” and “new” application promising the same func-
tionality. To combat this is consider effective mobile ap-
plication development , to “release quickly and often.”
Deployment of a mobile application can happen at any
time. If there is at least a single functional element com-
plete, the application can be released; in most cases not very useful, but I am making a point . The Gimmie &
Gwaan functionality Matrix in our example is considered
the minimum amount functionality for an initial release of this application. If you think about it for a second, there
are many other functionalities that we could add to the application to make it even more compelling. For exam-
ple, “real-time two-way” communication with the courier.
This is a nice to have feature, however, releasing the appli-
cation without it, would ruin the user experience..
The Marketing Strategy
One of the most challenging aspects of effective mobile
application development is letting the public know about
your application. The various mobile Application Market /
Stores and filled with millions of apps that all promise you
“the world.” How then do you get your application no-
ticed. The Gimmie & Gwaan mobile application has cul-
tural elements and would not likely be immediately un-
derstood by a global market. With that said, focus the
marketing on local the culture where app was designed
for, suggests that imagery of application should show mo-
torbike couriers as is common place in Jamaica.
Good old fashion marketing is proving to still be effective
in this new paradigm of “There’s App for That.” The intri-
cacies and discussion of advertising campaigns should
better be left to the pros and is not in scope in this article.
However, what can be said is that, effectively marketing
your mobile application should start the day the decision
to write the application was made.
The Support Strategy
One of the most common and effective mobile application
development practices, is the building-in of support relat-
ed characteristics into your application. The two most im-
portant ones are Analytics and Bug Reporting.
B11- Analytics, in the Gimmie & Gwaan functionality ma-
trix indicates functionality for analytics. This functionali-
ty reports user usage metrics back to the development
team. The team uses this information to support the ap-
plication by making changes based on the observed met-
14
rics. For example, if the team notices that a particular
functionality is not being used in the application by the
users, the team would either consider improving it or
removing all together.
Bug reporting is equally as beneficial, as the develop-
ment team can learn about issues in the application and
fix them even before the user has a chance to complain.
This provides an awesome user experience.
Finally, providing the traditional way for the user-
community to reach you, email, phone and snail-mail
address are all very important and key to the support
strategy. Even though your application may be very inex-
pensive ,U$0.99, users have the expectation that it will
work as advertised, without errors or glitches, always on
any device, and will fiercely defend that U$0.99. Being
proactive is still the most effective form of support.
Conclusion
This article described what an Effective Mobile Applica-
tion Development process looks like. It outlined that
application or solution that solves a specific problem was
created. We did this by using a focus group, that eventu-
ally determined the features of the application.
Once the application decision was made , we identified a
Product Owner, whose job it is to ensure that the applica-
tion was viable in the marketplace. Given the OK from the
Product Owner, a development team was formed and
their roles clearly outlined. The ability to test the applica-
tion to ensure quality, led us into a test strategy that ran in
parallel with the development effort, ensuring problem-
identification early and often.
With the application development and testing well under-
way, and the Product Owner’s continuous viability-
product-research, the marketing effort took shape. The
application was being marketed to the public and partners
were being solicited and formed. An application release
date is set only after the application support strategy is
finalized, and once released, the development team can
respond quickly and effectively to the users.
What makes this Mobile Application Strategy truly effec-
tive, is that the process is simple, repeatable, and scalable.
15
A s far as ICT systems go, the main elements
can be succinctly and mnemonically stated
as: Programs, People, Processes, Pieces of
equipment, Procedures and Policy. It is in-
deed timely and relevant for a focus on the “people” re-
source in these systems as Jamaica desperately needs to
leverage resources for economic growth and ICT will
play a huge role. The human resource offers immense
potential but must be harnessed with finesse. By far the
system element that can make the biggest difference, the
Jamaica Computer Society (JCS) recognizes the possibili-
ties and dearth that exist within the knowledge worker
operating in the Jamaican milieu.
This 2015 event; under the theme: “Human Capital in
ICT systems: the Jamaican Knowledge worker” seeks
to examine some of the factors that impinge on this im-
portant system element. The sessions have been orga-
nized to target specific audiences from CEOs through to
CIOs and ICT technologists.
We also want to take time out to honor some that have
made exceptional contributions to the ICT sector and
profession over many years. Exemplary projects executed
over the last 18 months will also be acknowledged. These
will be done at the Awards banquet. So we invite all to
come out and support them.
Message from Conference Chairman for Showcase
2015 and Awards Banquet Launch.
Dean Smith, Conference Chairman
16
Show
case
Show
case
S
how
case
Show
case
Slot 1
Workshop
Track 1
Slot 2
Presentation
Track 1
Slot 3
Tutorial
Track 1
Slot 4
Tutorial
Track 2
Slot 5
Exhibition
Exhibitors’ set up T
h
u
r
s
d
a
y
IT Governance
(ITIL founda-
tions)
Mobile
App Dev
(MAD) on
Android
Cyber threat
responses:
Cecil McCain
9:00am to
12:30pm
L U N C H 12:30 to 1:30pm
Vendor presentations slots 1 1:31 to 2:30pm
IT Governance
(ITIL founda-
tions)
Mobile
App Dev
(MAD) on
Android
Cyber threat
responses:
Cecil McCain
2:31 to 5:30pm
IT Governance
(ITIL founda-
tions)
Opening Ceremony and official tour
(8:30 to 9:00am)
Mobile
App Dev
(MAD) on
Android
Cloud Essen-
tials
8:30 – 10:00 a.m F
r
i
d
a
y
Opening plenary: Smart e-
ICT Govern-
ance (ITIL foun-
dations)
Defining BPO as an ICT growth busi-
ness: Yoni Epstein
Mobile
App Dev
(MAD) on
Android
Cloud Essen-
tials
10:05am to
11:30pm
Internet Governance: Its significant
role in developing nations: Carlton
Samuels ICT4D/IGS
11:35am to
12:30pm
L U N C H 12:30 to 1:30pm
Vendor presentations slots 2 1:31 to 1:59pm
IT Govern-
ance (ITIL
foundations)
The Mobile Money/e-wallet projec-
tions : Livingstone Morrison (Deputy
Governor-BOJ)
Mobile
App Dev
(MAD) on
Android
Cloud Essen-
tials
2:00 to 2:55pm
IT Govern-
ance (ITIL
foundations)
Open Data Business Models & Busi-
ness OpportunitiesDr Maurice
McNaughton(MSBM)
Mobile
App Dev
(MAD) on
Android
Cloud Essen-
tials
3:00 to 3:50
New ICT consumption models; helping
CIOs make the leap:
Mervyn Eyre (CEO, Fujitsu)
Mobile
App Dev
(MAD) on
Android
Cloud Essen-
tials
4:00 to 4:50
XSOMO Party 8:30pm
17
Slot 1
Workshop
Slot 2
Presentation
Slot 3
Tutorial
Slot 4
Tutorial
Slot 5
Exhibition
IT Governance
(ITIL founda-
tions)
Proposal papers from Utech
Data visuali-
zation with
R program-
ming lan-
guage
Cloud Es-
sentials
9:00 to10:30am
S
a
t
u
r
d
a
y
Panel Discussion: “The projected
impact on Jamaica’s GDP of greater
Cloud Es-
sentials
10:31am to
12:30pm
L U N C H 12:30 to 1:30pm
Vendor Presentations slots 3 1:31 to 1:55 pm
IT Governance
(ITIL founda-
tions)
Building High Performance Work
Systems: Human Capital & ICT
Data visual-
ization with
R program-
ming lan-
guage
Cloud Es-
sentials
2:00 to 2:50pm
Academic Perspectives for an ICT-
led national economic growth agen-
2:55 to 3:40pm
Closing Plenary: A proposed ICT leg-
islative agenda focus – 5 year plan:
3:45 to 4:30pm
A W A R D S B A N Q U E T
Key note speaker: Hon. Minister Phillip Paulwell
(4 Awardees in 2 sections; 3 Lifetime Achievement Excellence awards and 1 President’s award)
7:00pm to 10pm
18
Meet this year’s conference presenters
CARLTON SAMUELS Carlton is actively involved in the policy development pro-
cess of the Internet’s Domain Name System. He’s served
as a member of the Strategy Panel reviewing ICANN’s role
in the Internet Governance Ecosystem as well as a mem-
ber of the Expert Working Group for the Next Generation
Registration Data Directory Services for the Internet. He
was formerly a Vice-Chair of ICANN’s At-Large Advisory
Committee (ALAC) and a founding Director of the Carib-
bean Internet Forum.
He has held several senior executive positions in private
sector and academic environments, most recently as CIO
and University Director of IT at The University of the West
Indies. He now works mostly as an international ICT4D
consultant specializing in policy, strategy and regulatory
affairs and is an adjunct lecturer in Information Science
in the School of Library and Information Studies, Faculty
of Humanities and Education, the UWI at Mona. He was
recently appointed by the Cabinet of the Government of
Jamaica to chair the National ICT Advisory Council of
Jamaica.
_______________________________________________________
DR. LOUIS SHALLAL, PHD Formerly CEO, Shallal Strategic Services providing exec-
utive advice to senior government officials through a
dozen or more consulting associates. Prior to this,
served for eight years as Chief Information Technology
Officer for the Government of York Region catering to
the technology needs of over 3000 employees. He also
served as the CIO for the City of Hamilton and enjoyed a
career with the City of Ottawa and the Region of Ottawa-
Carleton as Director of Geomatics then Executive Direc-
tor of IT serving tech needs of over ten thousand em-
ployees. Prior to that, he held a number of senior and
strategic engineering and planning positions with the
Region of Ottawa-Carleton and the Ministry of Transpor-
tation of Ontario.
Dr Shallal has a Ph.D. in Civil Engineering from Car-
leton University, Ottawa and holds a diploma from a
Program for Senior Executives in State and Local Gov-
ernment, the Kennedy School of Government at Har-
vard University. He has served on boards and or execu-
19
tives of a number of organizations and associations in-
cluding the CIO Associations of Canada and the Munic-
ipal Information Systems Association in Canada.
________________________________________________
PAUL GOLDING, DBA Paul Golding, DBA is an Associate Professor and Dean of
the College of Business and Management at the Universi-
ty of Technology (UTech), Jamaica. He has also served
the University as Head of the School of Computing and
Information Technology. Golding is an academic, an in-
novator, consultant and philanthropist. He is a multiple
winner of several of UTech’s most prestigious awards for
excellence in; research community service, teaching,
and innovation.
Golding is a prolific writer and has authored publications
in several journals including the Journal of Information
Technology Teaching Cases, Journal of Information Sys-
tems Education, International Journal of Internet Proto-
col Technology and the International Journal of Multi-
media and Ubiquitous Engineering. He has also authored
several teaching cases highlighting Jamaican issues with
global relevance and is a contributor to the Jamaica
Gleaner. His current research interest includes Energy
Management Technologies, the use of Technology to
teach Deaf Students, Telecommunications, and Mobile
Commerce, Radio Frequency Identification (RFID). Dr.
Golding is married with one child.
___________________________________________________
YONI EPSTEIN Mr. Epstein currently holds a leading authority on the
subject of outsourcing in Jamaica and is tasked with the
responsibility of collaborating with industry players and
the Government to expand Jamaica’s outsourcing indus-
try in his capacity as President of the Business Process
Industry Association.
He has over sixteen (16) years of professional experience
in the contact center industry and was ranked one of the
50 most influential executives in Nearshore Outsourcing
in Latin America and the Caribbean. He also represents
the ICT-BPO cluster on several private and public sector
committees geared towards enhancing the growth and
sustainable development of the ICT/BPO sector.
As CEO of itel-BPO Solutions, Mr. Epstein organization
has 500 full-time employees across 5 sites located in
Montego Bay and Kingston, Jamaica and Freeport, Grand
Bahama; with the Montego Bay office awarded
“Employer of the Year” both in 2013 and 2014 by the
Montego Bay Free Zone Company. Prior to establishing
itel-BPO Solutions in 2012, Yoni served as Global Director
of Site Operations at Sandals and Beaches Resorts’ con-
tact centre; where he managed fifteen (15) business units,
400+ employees in six countries simultaneously.
Mr. Epstein pursued his education in Hospitality Man-
agement at the Florida International University and later
studied Culinary Arts at Johnson and Wales University in
Miami, Florida.
20
DR. NOEL COWELL Dr. Noel M. Cowell is a Senior Lecturer in Employment
Relations at the Mona School of Business and Manage-
ment at the University of the West Indies, Mona. He has
conducted research and published on different aspect of
employment relations and human resource manage-
ment and is currently involved with a project focusing on
human resource models for corporate transformation in
the Caribbean.
DR. MAURICE MCNAUGHTON Dr. Maurice McNaughton is Director of the Centre of Ex-
cellence for IT-enabled Innovation at the Mona School of
Business & Management (MSBM) and lectures courses
in Modelling & Decision Support Systems; IT Economics;
IT Governance & Strategic Use of ICT. He is a UWI Engi-
neering Graduate and holds a PhD in Decision Sciences
at Georgia State University. His research interest spans
the domain of emerging Open ICT ecosystems, and in-
cludes Open Source Software, Open/Big Data, Mobile and
Cloud Computing.
MERVYN EYRE Mervyn Eyre serves as President and Chief Executive
Officer of Fujitsu’s business in the Caribbean, Central
America and Mexico regions. He is responsible for man-
aging the strategic direction as well as general manage-
ment of Fujitsu’s regional operations, assets and capabili-
ties. Leveraging over 25 years of experience in the global
IT industry, Mervyn has led the introduction of managed
and cloud based IT services in the region, opening up
new consumption models to Caribbean governments
and enterprises.
21
of information and communications
technologies (ICT) is a key factor in
Jamaica’s productivity problem. It ar-
gues that productivity improvements
must be the centerpiece of economic
policy and ICT must be the catalyst for
improved productivity and transforma-
tive change. This paper will discuss
public policies and business practices
that are conducive to the adoption ICT
and economic growth.
__________________________________
Academic Perspective for an ICT led national eco-nomic growth agenda: The role of ICT policy in
productivity improvements. Paul Golding
There is an increasing body of work focusing on Jamaica’s productivity problem. A comparison between Jamaica and its
main trading partners such as the United Kingdom, Canada, United States, Brazil and Colombia and several Small Island
Developing States (SIDS) such as Barbados, St. Lucia, and Trinidad reveals that over the period 1990- 2013, Jamaica rec-
orded the lowest labour productivity levels and growth rates. Another study has shown that Jamaica’s GDP per capita,
when compared to the USA, has reduced from 31% in 1950 to 19% in 2013. In comparison, the study showed rapid growth
for Trinidad and Tobago increasing from 34% in 1950 to 61% in 2013. Productivity increases stem from a variety of fac-
tors, chief of which is the use of more and better “tools” by producers; in other words, the use of more and better ma-
chinery, equipment and software. This paper hypothesizes that more ubiquitous adoption – as distinct from production –
Productivity increases stem from a
variety of factors, chief of which is
the use of more and better “tools” by
producers;
22
The presentation will highlight the trends in adoption of
IT by government over the past two decades and take the
audience in a journey on memory lane tracing the surge
in use of internet-based services and the lessons learned
from eGovernment implementation. It will then consider
a number of IT legacies such as desk tops, data centres,
telephony, applications and data access or lack thereof that
are currently facing governments. Finally, it will illustrate
the strategic directions in the adoption of smart IT to re-
place these legacies in the areas of customer service, com-
munication and open data and pin point the essential ingre-
dients for success: Smart Collaboration for Smart Services.
Beyond eGovernment: Thoughts on Smart Government
Dr. Louis Shallal, P.Eng, Ph.D.
The presentation is not at all political in nature, in fact it is all about defining the building blocks for a smart government
which is defined simply as a government that utilizes Information Technology (IT) to Provide: (a) Effective and conven-
ient services to citizens and businesses, (b) Meeting certain level of service that citizens wish, (c) at a cost lower than
without information technology and (d) in a sustainable manner.
business performance, the idiosyncratic structural char-
acteristics, resource configuration and business context of
the Caribbean enterprise demands a distinctive approach.
The role of ICT and in particular, an emerging generation
of Agile Business Intelligence / Analytics applications is
key to enabling the modern HPWS. The paper presents
findings and insights from current research conducted on
the HR practices of top HR professionals associated with
successful Caribbean companies.
_________________________________________________________
Building High Perfor-mance Work Systems in
Caribbean Enterprise: Harnessing the Synergy of Human Capital & ICT
Drs. Noel Cowell & Maurice McNaughton
A High performance work systems (HPWS) is as a bundle
of synergistically aligned human resource manage-
ment practices, designed to support the strategic objec-
tives of the organization. While there is clear evidence of
the positive impact of high performance work systems on
Productivity increases stem from a variety of factors, chief of
which is the use of more and better “tools” by producers;
23
ing. To be relevant, CIOs will need to leap into the future
even as their role is being rapidly redefined over the next
5 years. Join us in this presentation where we will share
with you;
1. The emergence of the Third Platform of computing
and how the digitization of industries and the inter-
net of everything is redefining the role of ICT
2. New ICT consumption models and their impact to
business and IT service delivery organizations
3. The changing role of technology management and
the CIO
4. How CIO’s can make the leap in embracing new ICT
consumption models and lead innovation in the en-
terprise.
Those CIO’s that most readily accept the new reality of
hybrid IT and reconfigure their IT leadership to manage
a radically different landscape, will find they are better
positioned for the future. In particular, they will find
themselves more able to innovate, less vulnerable to se-
curity risks and system-performance issues, and, more
responsive to the demands of their respective markets.
Join the conversation and find out how you can take the
leap!!
New ICT Consumption Models: Helping CIOs
Make the Leap Mervyn Eyre.
The emergence of the “Third Platform” of computing - the
convergence of social interaction, mobility, cloud and in-
formation – are transforming the way that people and busi-
nesses relate to technology. The adoption and consump-
tion of ICT is rapidly changing, and with it the role of the
CIO. Additionally, hyper-connectivity and the digitization
of industries have increased the pressure on organizations
to become more agile and look to ICT as a platform for in-
novation and e ffici en cy. Acco rdin g to G art ner,
“enterprises and their CIO’s need to Flip from old to new
in terms of information and technology leadership, value
leadership and people leadership”. Fundamentally, CIOs
will need to become more business savvy.
Research has shown that only 40% of today’s CIOs under-
stand the emerging third platform technologies, the ur-
gency to adopt and their future impact. This is quite worry-
Open Data & The Private Sector: Business Models &
Opportunities Dr. Maurice McNaughton
Open Data, has become a global phenomenon, propelled
by growing consensus and an irrefutable logic in the no-
tion that data created by public funds should be publicly
accessible and freely reusable, thus creating opportuni-
ties for increased economic efficiency and civic equity.
Over 40 countries at different stages of development are
pursuing Open Data policy actions and/or initiatives to
influence social, political and economic outcomes. Alt-
hough most often associated with Government policy and
initiatives, the spotlight of the Open Data narrative is be-
ginning to focus on the private sector to determine what
roles and opportunities exist for businesses to become
more actively involved in the open data value chain? The
presentation discusses the economic value potential of
open data and various business model options and oppor-
tunities for the private sector in Jamaica and the Caribbe-
an to play an active role in the emerging open data eco-
system.
24
25
B ig data refers to a situation
where there exists extremely
large data sets that have
grown beyond our ability to
use traditional data processing tools to
manage and analyze them. Sagiroglu
(2013) refers to big data as huge data
sets with varied and complex struc-
tures with difficulties storing, analyzing
and visualizing as well as identifying
patterns and hidden correlations. Big
data however is not just about size but
encompasses the amount of sources
from which data is available, the vari-
ous formats and the fact that most of
the data is user generated [1]. For in-
stance was revealed that the digital uni-
verse grew by 62 percent or almost
800,000 petabytes with social media
networks like twitter facilitating over
29 billion tweets [2]. YouTube made
Data Privacy & Security in the Era of Big Data
more than 70 million videos availa-
ble while Facebook has more than 1
billion active users who spend over
700 million minutes per month on
their site. It was further stated that
there were one trillion unique URLS
in Google’s index and two trillion
google searches done every day.
These statistics provide an idea of
the volumes and amount of different
sources from which data surround-
ing an individual is being generated
and the extent of the information
that can be gathered once proper
data aggregation is conducted.
Big data, in recent years, have been
characterized by high volume, ve-
locity and variety of data (referred to
as “3V”) challenges. Nonetheless,
the reduction in price of hardware
components required for processing
Abstract—since the mid-1990’s the amount of data being collected by private organizations and govern-ments has been growing at an exponential rate. In addition to the amount of data, the types of data and its sources have also increased significantly. This situation has led to the term “big data” being coined and
concerns being raised surrounding privacy and security of these data. This is so as there is a lack of effec-tive tools and approaches for securely managing large-scale data and distributed data sets. Also, the fact that these data sets contain high volumes of sensitive and personal information, persons with malicious
intentions are increasingly motivated to find new ways of gaining access so that they can exploit the infor-mation. Consequently, the aim of this paper is to analyze the effects of big data and the resulting privacy
and security concerns. The validity of these concerns will also be examined and some of the proposed solu-tions identified.
Keywords- big data; security; privacy; cloud computing;
big data and growing usage of cloud
computing concepts for storing
large volumes of data, has contribut-
ed to an increase in the number of
private businesses being able to col-
lect and analyze big data. This grow-
ing interest in collecting large vol-
umes of data, which in many situa-
tions is considered personal data,
has motivated businesses to sell this
information to third parties for a
usually high fee and unauthorized
persons to try accessing these data
by breaching security. Unfortunate-
l y , p ro g ra mm i ng mo de l s l i k e
MapReduce which are designed to
handle big data efficiently do not
protect intermediate data efficiently
26
grams [4]. These programs saw the NSA being given ac-
cess to limitless amounts of data surrounding individuals
in the interest of national and global security. It is there-
fore abundantly clear that big data collection and pro-
cessing is a growing trend for governments and private
businesses. This trend however has for several years now
raised concerns about security and the privacy of person-
al information, encouraging one to analyze the situation
as one of the contemporary issues facing the area of In-
formation Technology. This issue being properly ad-
dressed is also just as important for big data itself as if
data is not authentic, new data mined may not be con-
vincing; while if privacy is not properly addressed then
individuals may be reluctant to share information.
RELATED WORK
Non-relational data stores like NoSQL databases are be-
coming synonymous with big data processing. However,
these databases are still evolving with respect to security
and are still not considered mature. Furthermore, each
NoSQL database was built to tackle different challenges
in the analytics world hence security was never part of
and do not allow operations on ciphertexts. Also, there is
an increase in the amount of data being leaked, whether
accidentally or intentionally, thus creating a need for the
continual reassessment of current approaches to manag-
ing data leakage. Therefore, in addition to the 3V challeng-
es, managing the emerging security and privacy challeng-
es must be a priority in the evolution of big data technolo-
gies.
MOTIVATION
The evolution of technology and web 2.0 concepts have
been a major contributing factor to the ever increasing
avenues for data generation and collection. Internet based
social media like Facebook and Twitter have been rapidly
growing, serving as examples of the ever increasing
amounts of data surrounding individuals that are being
generated. Online retailers like Amazon.com who facilitate
millions of transactions per day keep large databases with
customer purchasing information to analyze customer
tastes and buying habits [3]. Also, the United States Gov-
ernment’s National Security Administration (NSA) carried
out surveillance operations through its programs such as
Wind, Prism and a wide variety of other data intensive pro-
the model at any point of its design stage [14]. [14] further
states that data and transaction logs are stored in multi-
tiered storage media. Manually moving data between tiers
allows the IT manager to directly control what data is
moved and when. The challenge is that the 3Vs that are
synonymous with big data have created the need for the
use of auto-tiering. The resulting problem however is that
auto-tiering solutions do not keep track of where the data
is stored thereby creating new challenges as it relates to
secure data storage. These two points highlighted by [14]
reinforce the argument of big data technologies being
inherently insecure.
Healthcare Privacy Concerns
Today our lives are continuously being digitized and ar-
chived at unprecedented scales. This includes GPS infor-
mation, cell phone calls, text messages, credit card pur-
chases, e-mails, online social network conversations and
even our electronic medical records are being aggregated
and shared with third parties both public and private [5].
[5] states that it is possible to use non-DNA-based barcode
which is specific enough to uncover an individual’s iden-
tity in a collection of hundreds of millions of individual
genotypic profiles acquired in a completely different con-
text. In addition, DNA barcodes could be generated from
public data sets and screened against DNA databases that
are held by the government agencies to identify an indi-
vidual involved in an unsolved crime. While there are
obvious benefits that can be derived, these situations are
seen as proof of the fact that protection of privacy in the
era of big data is increasingly becoming more limited. For
example, it is estimated that when big data is exploited in
the healthcare context, it could save the industry up to
US$450 billion. Nevertheless, the sensitive data collected
27
social media rests with the individuals themselves who
are sharing the information.
Security has gradually increased like privacy concerns
when looking at social media. Predators, hackers and
state actors search social media websites trying to find
information or people to target for exploitation [10]. Secu-
rity is even more directly compromised with the trend of
modern devices being capable of embedding geo-data
into the created content. Individuals, some unknowingly,
upload pictures with these location services enabled al-
lowing Facebook Places or Google maps to know their
location at the time each photo was taken. This empow-
ers the companies to gather information such as where
an individual has been throughout the course of the year.
This creates issues not just surrounding privacy or data
security but can have serious implications for an individ-
ual’s personal safety. Predators wishing to physically
harm the individual can use this information to identify
their possible location.
Cloud Environments for Big Data
Big data and cloud computing are two of the fastest-
raises privacy issues that must be addressed [6].
Privacy & security Issues in Public Social Media
In the context of social media there is an increase in the
awareness of the value and risk of personal data being up-
loaded to the web [7]. Particularly, social media is de-
scribed as being an online technology tool that allows peo-
ple to communicate easily, using the internet to share and
discuss information [8]. According to [7] there has been a
lot of work done in the small data area to protect privacy,
i.e. how users control access to what they themselves post.
However, when looking at big data the issues are focused
almost entirely on what the controlling companies do with
the information [7]. While [9] refers to statistics that list
Facebook as the most popular social media and states that
though there are increased privacy, security and trust con-
cerns, research on Facebook found that individuals will-
ingly shared content despite these concerns [9]. The re-
search also found that people seem to be more open in
online social networks and are more willing to share infor-
mation about themselves than in the real world. This infor-
mation provides some insight and encourages one to think
that part of the solution to privacy and security concerns in
moving technologies identified in Gartner Inc.’s 2012
Hype Cycle for emerging technologies [11]. The constantly
increasing volume and variety of data to be processed and
the need for effective management and storage of this
data have helped to fuel the trend of moving to cloud
based services [12]. The main idea behind cloud compu-
ting is to leverage virtualization technology to maximize
the usage of computing resources. This includes basic
ingredients such as storage, CPUs and network band-
width. However, [12] notes that big data storage and pro-
cessing affects security and privacy, since there is great
use of third-party services and infrastructures that are
used to house important data or perform critical opera-
tions. This causes some unease to potential users of cloud
services because cloud service providers (CSP) have full
control of the stored data. Additionally, attackers may be
able to access data stored in the cloud if there is not suffi-
cient secure mechanisms provided by CSPs [13]. Unlike
traditional security management big data security seeks
to try and find a way to process huge data sets without
exposing information of users. The challenge with big
data security is further compounded by the fact that cur-
rent technologies privacy protection methods are based
on static data sets, while big data is constantly changing,
thus making it difficult to implement effective privacy in
this complex situation. Additionally, regulatory and legal
frameworks surrounding big data privacy need to be
strengthened [12].
PROPOSED SOLUTIONS
Metadata based storage
The security of data is not just important during transfer
of the data but also during its storage. One proposed solu-
tion to ensure the security of data at this point is to en-
force a metadata based segregation approach and solu-
tions to access the segregated data. This concept is based
28
odology, reinforcing its effectiveness as a solution to se-
curing data in a cloud environment. Figure 2, explains
this fragmentation.
on the fact that any data is valuable as long as the frag-
ments of the information are related to each other. There-
fore, data should be segregated into public and sensitive
data segments (SDS). The SDS should be further fragment-
ed into smaller units until each fragment does not have
any value individually. When the fragmentation is done
then the mapping data needed to re-assemble the infor-
mation should be generated in parallel.
This solution is very useful to enforce the security of
information as it deviates from the traditional concept of
storing all related information at the same location. For
example, a membership table in a database does not have
any significance without the customer table relation and
therefore would be stored in different locations. However,
the credit card table on its own could be useful infor-
mation for an intruder so its security level would be desig-
nated as critical and so it would be greatly fragmented. The
fragmented data would then be segregated and stored in
different locations. The data would be re-assembled during
execution and transmission through the mapping data but
still remained stored fragmented and segregated. [15] pro-
vides a good description and documentation of this meth-
Figure 2. From: Subashini and Kavitha (2011)
Fully Homomorphic Encryption
Traditional encryption solutions can
protect data from being divulged,
but cannot be used to conduct com-
putations on encrypted data. There-
fore, if we use the MapReduce model
to count the number of times a word
appears in multiple documents, be-
fore inputing the Map function we
must do some operations on the
source data to get some valuable in-
formation. If the data is encrypted
then we must decrypt it before we
can do any computations on it. This
creates privacy concerns for inter-
mediate files as this is equivalent to
doing computations on plaintext.
Homomorphic encryption (HE) is
one solution to privacy and security
concerns raised when using big data
processing technologies. This type of
encryption allows us to perform op-
erations on encrypted data without
knowing the private key or decrypt-
ing the data [17]. There are two types
of homomorphic encryption solu-
tions available namely, partially and
fully homomorphic encryption
(FHE). Partially homomorphic en-
cryption (PHE) systems are defined
over a group and therefore support
just a single operation on the en-
crypted data [17]. These types of sys-
tems are usually divided based on
the operations they support on addi-
tive or multiplicative HE systems.
Therefore, the limitation of PHE sys-
tems is that it only allows homomor-
phic computation of only one opera-
tion (either addition or multiplica-
tion) on plaintexts. A major step to-
wards FHE was seen with the Boneh-
Goh-Nissim cryptosystem [21]. This
system was considered as somewhat
homomorphic but still not fully ho-
momorphic because it supports eval-
uation of unlimited amounts of addi-
tion but at most one multiplication. I
propose using a FHE system since it
is defined over a ring and therefore
supports various operations. The
main process of FHE systems sche-
mas are like Figure 1.
29
In 2009, the first fully homomorphic encryption system
was proposed by Craig Gentry in his PhD thesis [18]. The
challenge with the FHE system introduced by Gentry was
that the ciphertexts contain random noise with addition
operations doubling the noise and multiplication squares it
off. The noise becomes greater with successive homomor-
pfic operations resulting in only ciphertexts that remain
below a certain threshold being able to be decrypted. This
problem was tackled by Gentry using a bootstrapping
method. This method allows a decrypt function to reduce
the noise without decrypting data to plain text. This re-
freshed ciphertext can be used for subsequent homomor-
phic operations. In order for this system to work then the
decrypt function must remain below the threshold. This
limitation was later addressed by [19] using a framework
where noise only grows linearly with the multiplicative lev-
el instead of exponentially, therefore eliminating the need
for the bootstraping technique. Figure 1. From: Chen and Huang (2013)
from the environment protected by DLP technology. The
effect of this however is mitigated by the fact that physi-
cal security of the equipment is much easier to enforce.
International Data Privacy Laws
Proper laws must play an integral role in addressing
many of the privacy and security concerns that have aris-
en since the emergence of big data. Many laws exist cur-
rently, some of which were passed prior the big data era
and therefore need to be revisited and revised. Such revi-
sions will help in governing data collection points that
have recently come to the forefront such as social media.
In 2013 Australia announced that the Privacy and SPAM
Act will be revised in order to properly address contem-
porary concerns of individuals or provide clarification to
businesses regarding the steps that should be followed to
manage competing interests [20]. While I believe that
this example should be followed by countries worldwide,
this in itself will not resolve the issue without the devel-
opment and strengthening as well as the full support of
international data privacy laws. This is necessary as mul-
FHE has evolved significantly since the introduction of the
first design with many of its limitations being addressed,
however there is still room for more efficient homomor-
phic encryption systems in the future. This is so as the FHE
systems present today generate public keys that are too
large for efficient computations and are still too slow to be
considered practical in many big data real-world applica-
tions. Nevertheless, FHE is possibly one of the most prom-
ising solutions for addressing many of the privacy and se-
curity concerns related to big data technologies, especially
when performing computations on data in the cloud.
Data Leakage Prevention Technologies
A new approach to the prevention of data leakage has been
taken on since the mid-2000s which is effective in prevent-
ing leakage of sensitive data by insiders with malicious
intent. Data Leakage Prevention (DLP) technology involves
the inspection of packets, restricting the transmissions
within and leaving the network by using policies based on
classification and file location. Importantly, even individu-
als who are authorized to access the network will have
their attempts failed when trying to export from the net-
work or copy information to external storage devices [22].
The limitation to this technology however is that it does
not provide security against the removal of computers
30
violated, is to help them realize that they can play one of
the most important roles in safeguarding their privacy.
FUTURE WORK
Future efforts will be focused on finding a FHE system
that can overcome its current limitations and is more
efficient in addressing big data privacy and security con-
cerns. This is because I believe that FHE is both one of
the most promising and exciting security systems that
can be developed to prevent the big data movement from
being slowed by concerns surrounding security and pri-
vacy.
CONCLUSION
Big data is seen as one of the most important concepts in
information technology to emerge in the past few years.
It has many positive implications for a wide cross-section
of areas to include business intelligence and crime
fighting. Unfortunately, there are also strong concerns
regarding privacy and limitations in security. Neverthe-
less, based on current trends it is obvious that big data
will continue play a vital role in the development of the
technological landscape. Consequently, there must be
sustained efforts to address the concerns outlined in this
paper, using the proposed solutions as the main strate-
gies, in order to ensure that the rate of diffusion of big
data concepts continues to move and evolve at an expo-
nential rate.
tinational companies will often will abide by domestic laws
but are not compelled to recognize data privacy laws in
foreign countries.
Public Awareness
The fact that a large portion of the data which individuals
are concerned about being exposed or misused is generat-
ed by the users themselves, then it is reasonable to share
the view that they can play a vital role in limiting the
amount of data that can be exploited. This means that us-
ers must resist the urge to share more information across
these networks that collect or store information, especially
where it is considered confidential, than is absolutely nec-
essary. If one takes a look at criminal activity in all aspects
it can be noticed that as security mechanisms improve to
prevent unauthorized access, predators also evolve in their
efforts to find more sophisticated ways of gaining unau-
thorized access. Therefore, the surest way to assist individ-
uals in maintaining privacy of personal information is to
educate them about the types of companies that collect
and share information with third parties, devices that are
intentionally or unintentionally designed to share person-
al information with these companies, the possibility of in-
formation stored in cloud systems being accessed by un-
authorized persons or any other system using big data con-
cepts that can cause vulnerabilities in relation to security
and privacy. This strategy of making the public aware as
best as possibly of how and when their data privacy can be
References
1. S. Sagiroglu, “Big Data: A Review,” IEEE Collaboration technologies and systems (CTS) international conference, 2013,
pp.42 – 47
2. T. Craig and M. Ludloff, Privacy and Big Data, 2011, pp.2–4.
3. (2013) The Teleread Website. Available:
4. http://www.teleread.com/ebooks/amazon-mines-data-to-find-customer-tastes/
5. (2013) Alleanzaerinternet Website. Availabe:
6. http://www.alleanzaperinternet.it/wpcontent/uploads/2013/06/guardian.pdf
7. E. Schadt, The Changing Privacy Landscape in the Era of Big Data, 2012
8. R. Lu, H. Zhu, X. Liu, J. Liu and J. Shao, “Toward efficient and privacy preserving computing in big data era,” IEEE Network.
July/August 2014, pp.46-50 .
9. M. Smith, C.Szongott, B. Henne and G. von Voigt, “Big data privacy issues in public social media,” 6th IEEE International
Conference on Digital Ecosystems Technologies (DEST), 2012.
31
10. B&C, “What’s this stuff called “social media,” Benefits & Compensation Digest, Vol. 47, no. 3, p.10, March 2010.
11. N. Almadhoun, P. Dominic and L. Woon, “Percieved security, privacy and trust concerns within social networking sites,” IEEE
International Conference on Control System, computing and Engineering, 2011.
12. F. Ansari, M. Akhlaq and A. Rauf, “Social networks and web security: implications on open source intelligence,” 2nd IEEE
National Conference on Information Assurance, 2013.
13. (2012) Gartner.com. Available:
14. http://www.gartner.com/newsroom/id/2124315
15. C. Ji, Y. Li, W. Qui, U. Awada and K. Li, “Big data processing in cloud computing environments,” IEEE international Sympo-
sium on Pervasive
16. X Huang and X. Du, “Achieving big data privacy via hybrid cloud”, IEEE INFOCOM Workshop on Security and Privacy in
Big Data, 2014
17. Electronic Publication: “Top Ten Big Data Security and Privacy Challenges,” Cloud Security Alliance, 2012
18. Subashini and Kavitha, “A metadata based storage model for securing data in cloud environment,” International Conference
on Cyber-Enabled Distributed Computing and Knowledge Discovery, 2011
19. X. Chen and Q. Huang, “The data protection of MapReduce using homomorphic encryption,” IEEE, 2103
20. D. Hrekstak and S. Picek, “Homomorphic encryption in the cloud,” MIPRO, Opatija, Croatia, 2014
21. C. Gentry, “A fully homomorphic encryption scheme,” Ph.D. dissertation , Stanford, CA, USA, 2009
22. Z. Brakerski, and V. Vaikuntanathan, “Efficient fully homomorphic encryption from (standard) 1we,” in FOCS, 2011, pp. 97 –
106.
23. R. Saadati and A. Christie, “ Big data big issues? Is Australian law keeping up,” DLA PIPER, 2014
24. D. Boneh, E-J. Goh and K. Nissim, “Evaluating 2-dnf formulas on cipherexts,” In Proceedings of Second International Confer-
ence on Theory of Cryptography, ser. TCC’05. Berlin, Heidelberg: Springer-Verlag, 2005, pp.325-341.
25. N. Weinberg, “Data leakage prevention technologies,” Hot Technology for 2008. NETWORKWORLD. Available:
26. http://www.net-workworld.com/research/2008/011408-8-techs-data-leakage.html.
32
33
F orms of Government have
been around for as long as
mankind has recorded its his-
tory. The issue of determining
the core principles and proper func-
tions of government has been actively
debated all over the world for many
years. In our local context government
has been engaged in managing, among
other areas, Crime, Healthcare, Educa-
tion and the Economy. Many citizens
will agree that these areas are of the
utmost with regard to their importance.
Government’s even though not profit
centric can learn valuable lesson from
the successfully businesses of the
world. Successful businesses have lev-
eraged technology to increase profit
and competiveness. In like manner
Government can leverage technology
to increase efficiency and provide valu-
Processing & Leveraging Big Data in Government
able service to its citizens. Govern-
ment has over time amassed large
volumes of information that serve as
unused and unmanaged reposito-
ries of data. The advance of technol-
ogy over recent years has seen in-
formation technology becoming
increasingly pervasive. Government
will need to be proactive in how it
responds to technology and will also
have to find ways of ensuring that it
fully leverages technology to meet
the needs of its citizens and the
country as a whole. The storehouse
of information that the government
has at its disposal, with the aid of
technology, should be thoroughly
exploited, taking into consideration
the rights and privacy of its citizens.
In the past government data would
be limited to a relational database or
Abstract—Government is constantly using data to improve governance and the life of its citizens. Technological ad-vances have allowed under-resourced countries to access improvement to help to manage and deliver government
services. A technology that has rightly received much attention is Big Data. The term big data has become so common, it challenges clear definition. A standard view is that big data is difficult data: difficult to store in traditional data-
bases, difficult to process on standard servers, and difficult to analyze with typical applications. Even "smaller" data can manifest a complexity that requires a new approach. There is a real need to identify tools and techniques to man-age Big data efficiently and extract from it real value. The government houses large volumes of data and is poised to harness it for the benefit of the country. In order to leverage the benefits of this data, governments must overcome the hurdles associated with Big Data. These hurdles in the form of Volume, Variety, Velocity and Veracity are not insur-
mountable, but will require purposeful attention if we are to succeed.
Keywords-Government, Privacy, Big Data
a spreadsheet. In this form the type
data that can be stored is limited and
the structure of the data is rigid, not
allowing for unstructured data. The
proliferation social media and other
forms of digital data has brought
into focus the need capture, analyse
and interpret these types of data.
The Term Big Data was born out of
this need. Big Data speaks to data
that is voluminous, varies in type
and retrieved at a fast rate. All of
these characteristics match the data
that government now possesses.
MOTIVATION
Jamaica is a country that has many
resource constraints. This is espe-
34
rather becoming multi-form, multi-source, and multi-
scale [3]. The sheer number of bytes that is generated
daily is mind-boggling! According to an article published
by IBM, every day, we create 2.5 quintillion bytes of data.
It is interesting to note that 90% of the data in the world
today has been created in the last two years alone. This
data comes from everywhere e.g. sensors used to gather
climate information, posts to social media sites, digital
cially true as it relates to our finances. The cost of technol-
ogy in the past could easily justify the lack of its utilization
in our country. Today, we are bombarded with technology
that is not only comparatively cheaper but in many cases
more efficient. We have the opportunity, as a country and
by extension the Government, to grasp the benefits that
these new technologies provide. That being said, this paper
seeks to answer the questions of how the government can,
effectively collect and manage Big Data and use Big Data to
operate more effectively whilst ensuring that the privacy
and rights of its citizens are adequately protected.
THE WORLD OF BIG DATA
It is useful when looking Big Data to truly understand what
it is and how it is characterized. This section seeks to more
intimately expose Big Data to help us to understand its
many nuances. Technology is all around us and is being
used even by babies. Smart devices coupled with the popu-
larity of social networking continue to generate colossal
amounts of data, both in its structured and unstructured
forms. The figure above gives a simplified view of the dif-
ferent types of data that is available today, whether it is
text, audio, video, or other data forms [2]. We hear the
term Data that sometimes may seem abstract, but we inter-
act with it without even considering. It is said that data is
pictures and videos, purchase transaction records, smart
devices and cell phone GPS signals to name a few. [5].
Experts agree that the world is in a digital explosion era
[4,6]. This explosion is referred to as big data. “Big data”
refers to an aggregation of datasets whose volume is be-
yond typical database software’s ability to capture, store,
manage, and analyze [7].
BIG CHARACTERISTICS
Big Data has been, over previous years, characterized by
the three ‘V’s of big data, Volume, Velocity and Variety.
Owing to its proliferation, a fourth ‘V’ has been added, Ve-
racity. The section explains these four characteristics.
Volume
Volume refers to the enormous amount of data and the
form of data. It used to be mainly employees created data.
Now that data is generated by machines, networks and
human interaction on systems like social media the vol-
ume of data to be analyzed is massive and continues to
grow [8].
Velocity
Velocity refers to the rate at which the data are collected
and analyzed. Big Data Velocity deals with the pace at
which data flows in from sources like business processes,
machines, networks and human interaction with things
like social media sites, mobile devices, etc. The flow of
data is massive and continuous. This real-time data can
help researchers and businesses and Governments make
valuable decisions relating to their particular strategic
objectives. Inderpal Bhandari, a well-respected mind the
field of Big Data, suggests that sampling data can help
deal with issues like volume and velocity [8].
Figure 1. Sources of Big Data
35
Data Integration
Data integration seeks to answer mainly two questions.
Firstly, how will data be collected and organised? Second-
ly, how will Privacy, Confidentiality, and Ethical concerns
be addressed?
The integration of data will require an integration frame-
work agile enough to handle big data regardless of wheth-
er it originates in the enterprise or across the Internet.
This big data integration framework must be able to work
across different architectures and data technologies,
while at the same time move data seamlessly between
relational and non-relational structures. Data integration
must be adaptable allowing for multiple streams of data,
and it must be able to harvest data from transactional sys-
tems and business applications in enterprise data ware-
houses.
The privacy and confidentiality of data has become in-
creasing important as individuals interact with a growing
number of systems. The data that is being collected from
these individuals continues to grow. Government often
seen as the largest repository of citizen data is forced,
especially with the advent of Big Data, to address the is-
sue relating to privacy of citizen information. In the con-
text of Big Data, the Government would have an interest
in knowing citizen who live a particular lifestyle are like-
ly to have a particular disease. The government also has
Variety
Variety refers to the increasing types of data that can be
collected. Variety speaks to the many sources and types of
data both structured and unstructured. Traditionally we
stored data from sources like spreadsheets and databases.
Now data is manifested in the form of emails, photos, vide-
os, monitoring devices, PDFs, audio, etc. This variety of
unstructured data creates problems for storage, mining
and analyzing data [8]. These problems, though outside the
scope of this paper, are addressed by the now very popular
NoSQL database.
Veracity
Data veracity speaks to how validity of Data. It ask the ques-
tion, is the data correct and accurate for the intended use?
In the context of making correct decision valid Data is
most important [8]. Government’s use of Big Data is ex-
pected to lean heavily on this characteristic as it will use
data to inform policy; therefore affecting all citizens.
There is no doubt that our world today is driven by many
processes. Whether preparing for an exam or moving from
point A to Point B, we consciously or unconsciously plan
how we will succeed at a particular task. When we consid-
er leveraging the power of Big Data, a feasible process is
integral to our success. Outlined in this section are the
steps that should be taken by Government to capitalize on
this powerful phenomenon called Big Data.
the responsibility, based on the discovery above, to protect the privacy of the individuals, ensuring that John Doe’s data
when linked does implicate John Doe.
Similar to our physical lives, we leave behind trails of information about ourselves in our digital communications and inter-
actions. In Figure 2 above it is easy to see that the data collected can be used to sketch a good profile of an individual. It is
said that in every interaction, we leave behind a huge trail of data that includes bits and pieces and pointers to our real be-
haviors [15]. It is accurately recognized that the collection of information from digital transactions and interactions is some-
thing that cannot be stopped. We inadvertently leave a digital trail behind in the digital world and this trail is many time
substantial. An issue arises when these digital trail are analyzed and compromises an individual’s anonymity of the World
Wide Web (WEB).
It is has been said that the conveniences of access to information and services through the varied devices, also creates new
ways of watching us more closely than ever before. It is also pointed out that as companies customarily collect billions of
details about nearly every connected individual, the world will reach a state where people will lose control of their privacy
and identities momentarily [16].
36
Government is always a step behind and like many other
entities working with Big Data they may not even be sure
of what you are looking for. The Government has vol-
umes of data that they, in context, will want to get valua-
ble insight from. In Big Data analysis it common for pat-
terns to emerge from that data before there is an under-
standing of why the said patterns are there.
If we look loosely at the functions of Government, pro-
tecting, empowering and serving its citizens, we should
have a clear idea of what they should be interested in. For
instance, are you interested in predicting penetration of
none communicable diseases to improve wellness? Do
you want to analyze the driving patterns of Drivers to re-
duce road casualties? The nature of the high-level prob-
lem will dictate the analytics will employed. In analytics,
an entity may consider a range of possible kinds, which
are briefly outlined in the table 1 .
In order to ensure that privacy is protected when data is
linked a system has to be put in place. One such system is
the Secure Decoupled Linkage (SDLink). This system allow
analyst to link and analyse data without seeing the identifi-
cation details. SDLink is a computerized third-party linkage
system that offers safe and high-quality data integration by
using a hybrid human-machine system based on three fun-
damental privacy principles [17]. The first principle decou-
ples the identifying data from the sensitive data via encryp-
tion. The second principle adds fake data to the dataset, this
process is called chaffing. The third principle changes the
dataset label this process is called universe manipulation.
In universe manipulation SDLink prevents the attribute
inference that can occur in group disclosure. In explaining
the process, if an analyst knows someone on the HIV regis-
try at the Ministry of Health (group disclosure), that indi-
vidual must have HIV (attribute disclosure), but this disclo-
sure can be prevented it is established that the list has fake
data i.e. people who do not have HIV are also on the list or
the analyst may not know if the list is a HIV registry. It is
important to note that only the information that is essential
for record linkage is revealed during the linkage process.
This paper concedes that more in-depth research is needed
to fully explore this relatively new area, and this will in turn
produce improved protocol to allow for identity protection.
DATA ANALYSIS
The first question that one needs to ask oneself before em-
barking on big data analysis is, what problem are you try-
ing to solve? It is well documented that many times the
Figure 2. Digital Behaviour & Privacy
Table 1: Type of Analysis
37
been forced to unfairly choose be-
tween data size and latency (time
taken to process) and Hadoop and
other MapReduce tools offer not
enough comfort [20]. There are,
however, new tools are being devel-
oped that will eliminate the need to
choose between size and speed of
queries. Google has published sever-
al papers on new big data technolo-
gies it is in the process of imple-
menting. One of th ese, called
“Dremel,” can analyze trillions of
lines of data in a matter of seconds.
Wh ile MapRe duce es s entially
breaks a problem apart, distribute it
and combine the results, Dremel
enables data scientists and analyst
There is a real challenge with re-
gards to analysis as many of the
technologies that now exist are not
fully capable of meeting the require-
ments many analysts. There is the
reasonable expectation that business
intelligence (BI) programs will fill
the data gap, but this has not been
realized. Tools that were introduced
early in the Big Data revolution like,
Hadoop and other MapReduce based
tools have also not lived up to the
kind of functionality that analysts
need. MapReduce, fundamentally, is
designed for organized data pro-
cessing, or workflows. This becomes
a challenge for analysts looking for a
quick response. These analysts have
alike to query and analyze datasets in
near real time. It is stated that
Dremel can “run a query on a
petabyte of data in about three sec-
onds” [20]. This will allow analysts to
conduct ad hoc, slice and dice in-
quiry more common to business in-
telligence in just a matter seconds.
Big data expert Tim Gasper has noted
“Drill, Dremel’s open source coun-
terpart, and Dremel put power in the
hands of business analysts, and not
just data engineers” [20]. These tools
will enable government analyst to
truly make practical sense of the data
available.
LEVERAGING BIG DATA IN THE
ROLE OF GOVERNMENT
How can Government use Big data
to be more effective
The areas of Crime, Healthcare, Ed-
ucation and the Economy have been
on the mind of many Jamaicans over
the years. Technolgy has enabled
many countries including Jamaica
to access the same resources availa-
ble to developed counties of this
world. Big data is one such technolo-
gy that we should exploit as a nation.
Accoring to Jamaica’s Vision 2030,
technolgy is strategically placed as
an enabler to all industries. It is
therefore befitting that this section
outlines the afore meantioned areas
of concern and how Big Data can be
used to help us to reach our goal
according to our vision.
Crime
In Jamaica one does not have to go
very far to see the effects of crime
and criminality. The categorization,
treatment and perception of crime
is many time blurred and highly
subjective. The average citizen of-
ten does not see criminal acts like
tax evasion and “white-collar crime”
as serious, and it can be debated
whether or not the Government has
the same view.
Crime prediction and prevention
challenges today are becoming in-
creasingly complex and require a
new approach to the management of
information. The growing variety,
velocity and volumes of data will
increasingly require agencies to
anticipate and pre-empt emerging
trends in criminal activity if they are
to maintain, let alone increase ac-
ceptable levels of response. To more
effectively predict and prevent
crime, government organizations
must be capable of managing nu-
merous data types and use ad-
vanced, real-time analytics designed
to transform data into insights.
Crime solving challenges today are
also becoming increasingly complex
and require a new approach to the
management of information. It is
well known that security forces and
their supporting agencies have
amassed large volumes of data over
the years. This volume of data fits
well into the blueprint of Big Data.
38
The problem, however, is that data is disaggregated and unlinked for the most part. The crime fighting effort would be
greatly aided by safely consolidation this data to allow for pre-empting and quick resolution of criminal activity.
In taking a closer look at actual developments relating to big data and Crime, I invite you to look at the real life cases be-
low:
Case Question 1: How can I predict where crime is going to happen?
Target Result: Recognize crime trends as they are happen-ing
Entity: Memphis Police Department
Implementation: Predictive model uses numerous variables to predict locations of criminal activity
Effect:
30% reduction in serious crime overall
15% reduction in violent crime
Gives precinct commanders ability to change tactics and redirect patrol resources to catch more criminals in the act
Case Question 2: How do I connect data about related crimes and criminals across jurisdictions?
Target Result: Share local, state, and national law enforce-ment information
Entity: US Federal Bureau of Investigation
Implementation: Federally-hosted N-DEx national repository of criminal justice records
Effect:
18,000 law enforcement agency participants
Each agency controls sharing based on legal, jurisdictional, & privacy requirements
N-DEx proactively notifies specific users if certain relation-ships are discovered
Healthcare
As the saying goes, “health is wealth”. Countries are in-
creasingly realizing that a healthy nation is a prosperous
and productive nation. These countries are therefore in-
vesting in their healthcare systems []. Many countries
have adopted the mandated adoption of electronic health
records (EHRs) that allows healthcare professionals to get
centralized access to patient records. Generally, in the
past, the healthcare industry has been cautious to about
big data, but is rapidly changing. The Government stands
to gain not only money saved from more efficient use of
information, but also new research and treatments. The
possibilities show huge potential for Jamaica considering
our always improving research relating to medicines de-
rived from our vast portfolio of medicinal herds.
The advent of data from wireless, wearable devices is a
perfect example of how Big Data will change healthcare.
These devices allow medical practitioners collect vast
amounts of data, such as Blood pressure and heart rate,
which can be further analysed in full to pick up trends and
areas of for improvement. Social media data is an un-
tapped source of health data. This data can be analysed to
see what people post which in turn can help to fight insur-
ance fraud and improve customer service. Having ob-
served the impact of big data and analytics on other mar-
kets the government should be encouraged to know that
healthcare analytics in other countries are already show-
ing impressive results [11].
When harnessing data resources in healthcare it is im-
portant to note that data is growing and moving faster
than healthcare organizations can consume it; 80% of
medical data is unstructured and is clinically relevant.
This data resides in multiple places like individual elec-
tronic medical records, lab and imaging systems, physi-
cian notes, medical correspondence, claims, Customer
Relationship Management (CRM) systems and finance.
Getting access to this valuable data and factoring it into
clinical and advanced analytics is critical to improving
care and outcomes, incentivizing the right behavior and
driving efficiencies.
Healthcare organizations are leveraging big data technol-
ogy to capture all of the information about a patient to get
a more complete view for insight into care coordination
39
The 2013 World Innovation Summit for Education
(WISE) held in Qatar with representatives from over 100
countries, including Jamaica, started with a unanimous
resolve, a plea for radical educational change. Most of the
leading educators, policy makers, and governments
claimed that the way learning happens today will not ade-
quately prepare young people for the world of tomorrow.
At this conference Big Data was explored as a possible
light in the darken world of education. Mr. John Fallon
the CEO of Pearson PLC presented at the conference the
idea that “big data, and the disruptions it can lead to,
have led to one of the most creative periods in history in
terms of innovation.” He further went on to say that it
was “Time to harness that in education” [10].
The questions at the beginning of this section are an-
swerable if Government puts in place the necessary ar-
chitecture to harness the existing data and capitalize on
the now cheaper technological solutions that are readily,
sometimes freely, available.
Economy
It is public information that our Economy has been ailing
for some time. The variables involved in determining the
state of an economy are as varied as the variety charac-
teristic of Big Data. The before mentioned, Crime,
Healthcare and Education have a direct impact on any
economy. There are, however, some key areas that our
country must pay attention to. These areas are outlined
below.
Jamaica loses a great deal of money through fraud, waste
and abuse of unpaid taxes. There is constant pressure to
collect more revenue, reduce operational costs and im-
prove collections. The goal is to detect and prevent fraud
and abuse. An implemented Big Data platform will help to
more accurately determine fraudulent and suspicious
activity, for example denied refunds by detecting new
deception tactics, uncovering multiple identities and
identifying suspicious behavior. The government will
benefit by minimizing the tax gap, proactively detecting
and deterring fraud and abuse, reducing analysis time,
improving efficiency and saving taxpayer dollars.
In considering social programme fraud, waste and errors
government human services bodies face constant pres-
sure to increase efficiency, reduce operational costs per
and outcomes-based reimbursement models, population
health management, and patient engagement and out-
reach. Successfully harnessing big data unleashes the po-
tential to achieve the three critical objectives for
healthcare transformation, i.e. build sustainable
healthcare systems, and collaborate to improve care and
outcomes, Increase access to healthcare [12]. In taking a
closer look at actual developments relating to Big data and
Health, I invite you to look at the real life case below:
Education
This section is started by asking the following questions:
What sequence of topics is most effective for a specific
student?
Which student actions are associated with better
learning and higher grades?
Which action indicates satisfaction and engagement?
What features of an online learning environment lead
to better learning?
When are students ready to move on the next topic?
When is student at risk for not completing a course?
What grade is student likely to receive without inter-
vention?
Should student be referred to counselor for help?
What are the Benefits of Big Data to the E-Learning
Industry?
Case Question 2: How do I Reduce Fraudulent Claims?
Target Result: Reduce Fraudulent Claims
Entity: U.S. State Health
Effect:
Identified fraud among millions of claims, by finding ob-scure connections among doctors, pharmacists, lab and medical supply companies
Identified more than US $200m in questionable claims resulting in 22 criminal convictions and US $49m in recov-ered funds
40
CONCLUSION
Big data in the government of Jamaica is like a volcano on
the verge of erupting. It has the potential to inform data
driven decision making at many levels of government. To
realize this potential, the necessary infrastructure is re-
quired to give data practitioners the ability to develop the
necessary tools for integrating, analyzing and interpret-
ing data. The fears associated with big data, owing mainly
to the fact that it is relative new, should be as an oppor-
tunity to improve an already beneficial technology. Suc-
cessfully exploiting the value in big data will require ex-
perimentation and exploration. Government will need to
take big data more seriously and put in place data strate-
gies to create new waves of productivity growth. The is-
sue of trust in how information is used, shared, archived,
and managed is critical in this complex and highly fluid
environment [18].
Our Government will need to pay more attention to
addressing policies that are related to privacy and securi-
ty needs in today’s digital world. Big Data is here to stay;
the real question is what will we do with it?
ACKNOWLEDGEMENT
Thanks are due to our lecturer Mr. Kedrian James and by
extension the University of Technology, Jamaica, for
providing an incubator and platform ideas. I have been
challenged and motivated by this topic and now see more
clearly that we have a contribution to make in helping
this country to improve through technology.
case, ensure eligible citizens receive benefits and maintain
program integrity. In Jamaica the Programme of Advance-
ment Through Health and Education (PATH) is one such
programme that can benefit from a Big Data revamp. The
goal of this approach is to detect and prevent fraud and
abuse before payments are made the beneficiaries. Big
data analytics can help present, a much clearer citizen-
centric picture, uncover invisible connections and provide
real-time information-sharing for the analyst, social work-
er or government executive. The benefits to the govern-
ment are, reduced social benefit overpayments, proactive-
ly detected & deterred fraud and abuse, reduced analysis
time and improved efficiency, improved program integrity
and preservation of limited budgets for eligible citizens [9].
In taking a closer look at actual developments relating to
Big data and the Economy, I invite you to look at this real
life case :
Case Question 2: How do I predict who is likely to pay their taxes?
Target Result: Increase revenue with Effective cross-sell & up-sell
Implementation: Uses predictive modeling that gathers information from tax assessments, train ticketing systems, TV licenses, police records and more to predict whether a per-son will reliably pay taxes
Entity: European Tax Collection Agency
Effect:
18% reduction in collections workload
70% risk prediction accuracy
References
1. V. Mayer-Schonberger and K. Cukier (2013). “Big Data: A Revolution That Will Transform How We Live, Work,
and Think”. Boston, MA: Eamon Dolan/Houghton Mifflin Harcourt.
2. A. Sathi (2013). “Big Data Analytics: Disruptive Technologies for Changing the Game”. USA: Mc Press.
3. J. Liebowitz. (2013). “Big Data and Business Analytics”. Verlag: Auerbach Publications. http://dx.doi.org/10.1201/
b14700
4. IBM. (2010). What is big data? Retrieved from http://www-01.ibm.com/software/data/bigdata/what-is-big-
data.html
5. R. Smolan and J. Erwitt (2012). “The Human Face of Big Data”. Sausalito, Calif.
41
6. J. Manyika, M. Chui, B. Brown, J, Bughin,, R. Dobbs, C.Roxburgh, & A. Byers. (2011). Big data: The next frontier for
innovation, competition, and productivity. McKinsey Global Institute. Retrieved from http://www.mckinsey.com/~/
media/McKinsey/dotcom/Insights and pubs/MGI/Research/Technology and Innovation/Big Data/
MGI_big_data_full_report.ashx
7. K. Normandeau. (2013) “Beyond Volume, Variety and Velocity is the Issue of Big Data Veracity” Retrieved from:
http://inside-bigdata.com/2013/09/12/beyond-volume-variety-velocity-issue-big-data-veracity/
8. IBM Big Data in Action “Produce Actionable Information with Big Data Analytics for Government” Retrieved from:
http://www-01.ibm.com/software/data/bigdata/industry-government.html
9. A. Doyle “It is a Capital mistake to theorize before one has data”. Retrieved from: http://www.opencolleges.edu.au/
informed/features/big-data-big-potential-or-big-mistake/#ixzz39YtK1Xlj
10. A. Diana. “Healthcare Dives into Big Data” http://www.informationweek.com/healthcare/analytics/healthcare-dives-
into-big-data/d/d-id/1251138
11. IBM “Harness your data resources in healthcare”. http://www-01.ibm.com/software/data/bigdata/industry-
healthcare.html
12. Oracle Corp. “Integrate for insight”. http://www.oracle.com/us/technologies/big-data/big-data-strategy-guide-
1536569.pdf
13. M. Smith. “Big Data Broken without integration”. http://marksmith.ventanaresearch.com/2013/02/22/big-data-is-
broken-without-integration/
14. A. Al-Khouri1. “Privacy in the Age of Big Data: Exploring the Role of Modern Identity Management Systems” World
Journal of Social Science Vol. 1, No. 1; 2014
15. R. O'Harrow. (2006). “No Place to Hide”. New York: Free Press.
16. H.-C. Kum et al., “Privacy Preserving Interactive Record Linkage,” to appear in J. Am. Informatics Assoc., 2014, doi:
10.1136/amiajn/-2013-00216/
17. J. Gantz, and D. Reinsel. (2011). “Extracting Value from Chaos. IDC”. Retrieved from http://www.emc.com/collateral/
analyst-reports/idc-extracting-value-from-chaos-ar.pdf
18. D. Mohapatra, (2014). “ Big Data and Analytics in Government” IBM Smarter Government Summi 2014
19. T. Gasper, “Big Data Big Data Right Now: Five Trendy Open Source Technologies,” Tech Crunch, October 27, 2012,
20. http://techcrunch.com/2012/10/27/big-data-right-now-five-trendy-open-source-technologies/
42
43
T he successes of business-
es of late are arguably
been driven ‘data’ a term
that is considered by
some parties to be meaningless or
of little value. However it must be
noted that data is critical to the suc-
cess of business operations or for
any organization or institution that
relies on it to carry out its opera-
tions. How data is collected, manip-
ulated and monitored should be
held in high esteem by businesses,
since they are heavily reliant on
these data to make decisions which
are critical to the success of their
operations. In the past, when the
term data is mentioned within an
organization the structured data
stored in relational databases will
definitely come to mind. As this was
Maintaining the privacy of customers’ data within
the field of business
the established norm then to store
and manipulate data. However in
recent years the need to store and
u s e u n s t r u c t u r e d a n d s e m i -
structured data along with struc-
tured data stored in these relational
databases has increased. This has
led to the rise of the current buzz
term ‘big data’. Big data has un-
doubtedly brought many advantages
to the operations and success of
businesses; however it has it fair set
of challenges. It must be noted that
once proper mechanisms are put in
place this feat can be achieved.
Description of big data
Big data is defined as a huge amount
of data that is considered to have
high velocity, complex and variable
data which utilizes advanced tech-
Abstract – Big data is interestingly a growing phenomenon. Many businesses of late have gravitated to this buzz term; however there are some who are still apprehensive about such a move. There is no doubt that big data changes the way how business is conducted. To some it brings joy but equally it has brought peril to others. The privacy of cus-tomers’ data in the field of business is an area of grave concern where big data is concerned. Customers are now
forced to grapple with the effects of being judged by what data is obtained about them not only from one source, but from multiple sources. Information from the web, social media, text messages, emails, to name a few are now been
used by businesses to make choices about their customers. It must be noted though that even though privacy is a con-cern it must not be used as the reason not to use big data. An appropriate governance program can be used to effec-tively curtail the privacy issues zooming around big data at the moment. This study assessed generally how big data
invades the privacy of customers and a data governance framework was recommended to deal with the issue.
niques and technologies to capture,
store, distribute, manage and ana-
lyze information [19]. Evidently
when the term big data is men-
tioned the following words come
into play: volume, velocity and vari-
ety [3]. Volume refers to the huge
amounts of data been stored, veloci-
ty the speed at which data is created
and variety the various sources from
which the data is gleaned or ac-
quired. These sources include mes-
sage updates and images on social
networks, readings from sensors,
GPS signals from cell phones to
name a few [3]. The requirements of
big data have exceeded the capabili-
ties of structured databases. Busi-
44
ganizations are more inclined to keep data for longer pe-
riod because of what can be extracted from it [11]. Finally,
there are regulations in place which stipulate that data
should be kept for an extended period. There are cases
where data can be kept indefinitely [11]. Big data is used
by many social media sites such as Linkedin, facebook
and twitter. Big data accounts for a lot of storage space in
various organizations. Actually when unstructured data
is retained in user generated images, video or music files
and word processing, spreadsheet and presentation for-
mats it results in a data glut in the organization. This ac-
counts for approximately 60% of the organization’s big
data [10]. Big data actually grows at a fast pace [6].
McAfee and Bryonjolfsson (2012) mentioned in their
study that approximately 2.5 exabytes of data are created
since 2012 [3]. To date many companies struggle with
why big data exists what its true value is [9]. One has to
evaluate the value of their data and derive how much to
invest in storage technologies to avoid overspending [9].
nesses of late have gravitated to sources of data other than
relational databases in order to achieve faster business
processes and ascertain answers to questions which were
once beyond their reach to answer [18]. According to
McAfee and Bryonjolfsson (2012) structured databases are
not capable of storing and processing big data [3]. Big data
is growing phenomenon in recent years. A lot of scholarly
work has been done on this area and it accounts for almost
12,000 hits on Google scholar [2]. Big data is used in a vari-
ety of fields such as telecommunications, health care, en-
gineering, and finance. It is by and large used where the
need arises to store, process and analyze large volumes of
data using new technologies [2]. The recent growth in big
data can be attributed to three main factors. First and fore-
most organizations are now better able to keep data in
large volumes for an extended time due the availability of
better, faster and more cost effective storage [11]. Also, in
recent times there has been an increase in interest in the
area of data analytics and the benefits of data mining. Or-
Data quality and Privacy challenges with big data
The question is often asked if more data means better data
[2]. Of a fact more data does not automatically result in
better decisions products and services [2]. It must be not-
ed that more data can result in an increase in data gar-
bage. Maintaining acceptable data quality has proven to
be a challenge [12]. However it can also prove to be a cost-
ly venture as users will most likely lose trust in the data
even if a small fraction of it is found to be faulty [12]. Or-
ganizations are aware that once data quality is accurate
the return on investments will be worthwhile [11]. The
task to manage data which come from social networks,
mobile apps and CRM systems can be a complex one. An
increase in the volume of data poses challenges for archiv-
ing, retrieving and analyzing. Abed (2011) mentioned that
when low quality data is used in ERP systems it has ad-
verse effects on the operations. It results in failure of
transactions, processes and projects [4]. Abed (2011) also
indicated that data governance or data management are
normally given the task to maintain good data quality.
Hence it is critical that these be instituted in the relevant
businesses or organizations to ensure effective running of
operations. Another major challenge with big data is how
to find out if the data obtained is an outlier [5]. As the vol-
ume of data increases so does the ambiguity of outliers
[5]. Dinu and Iovan (2014) also mentioned that an organi-
zation is exposed to greater risks when more data is con-
sumed [18]. When automated and semi-automated deci-
sion making is required to take place in a highly integrat-
ed data supply chain, the process is heavily reliant on
high quality data [10]. It must be noted that liabilities can
be incurred for damages caused by inaccurate data [10].
Provision should be made for such occurrences if the
consequences are deemed catastrophic [10]. Issues with
data quality usually come into play when businesses lo-
cated worldwide are required to collaborate with each
other and there is some form of deviation in data stand-
ards [12]. Usually these parties will be required to estab-
lish similar standards to maintain data quality [12]. Some-
times maintaining the quality of data is ignored to get
data quicker, however this practice is not encouraged [12].
In a survey conducted recently, data obtained from cus-
45
setting of premiums, rates, etc.. There are even cases
where big data is used by brokers to obtain employment
information about 190 million individuals inclusive of
salary information. The information obtained was then
sold to debt collectors, financial institutions and other
establishments [19]. Also, big data makes it possible for
marketers to effectively advertise the right product to the
right customer at the right time [19]. However this poses
a challenge where the privacy of these customers is con-
cerned [19]. Target also used big data to ascertain if cus-
tomers are pregnant and send offers to them about ma-
ternity products [19]. Whilst this might be perceived by
some individuals to be ingenious it is actually violation of
the privacy of the parties involved, considering that the
information was not directly given but derived from per-
sonal data accumulated. Of fact customers at times are
not aware where their information will end up when they
consent to stipulated privacy agreements [19]. Also when
data is combined from several sources additional inter-
pretations can be arrived at about the individual [19]. At
times data collected about the individual deemed as
harmless might reveal sensitive information such as
health, financial, status, sexual orientation, etc. when
these pieces of data are combined [19]. The extent to
which these data can be used, disseminated and retained
is pretty much not standardized, hence there is some
level of ambiguity if lawsuits can come into play about
tomers was the area that gave the most problems, primari-
ly because customer data usually involves infrequent up-
dating and updating of incorrect information [2]. Data ob-
tained from a controlled setting are normally of a better
quality [12]
Privacy is an area of grave concern where big data con-
cerned [2]. Mobile devices and cloud computing platforms
have contributed significantly to security issues with big
data [19]. The use of data from social media and sensors to
arrive at business decisions is an issue that is echoed by
many of late [5]. Personal data such as: name, address, age,
email address and telephone numbers are gleaned from a
wide variety of sources [2], [5]. Often times decisions are
not made in favour of the parties from which they are ac-
quired [5]. In addition location based data amongst other
things are used to identify and track individuals easily [2].
Regulations have been put in place to some extent to cur-
tail these issues, however these regulations vary according
to the site on which they are posted or the area in which
the parties involved resides in [5]. Big data companies
gather data on you , put them together and use it to get an
understanding of who you are, where you live, friends you
associate with, products you may be inclined to purchase,
etc. [16]. For example insurance companies can obtain da-
ta about a client driving habits and location [5]. It can be
inferred that these pieces of data can be used by the com-
pany in their decision making process as it relates to the
how these pieces of data are been utilized. Few individuals are aware of and comprehend what organizations are using big
data to do. However this figure is quickly increasing [16]. Big data analytics has to be closely monitored to prevent any
violation of customer privacy. Companies have resorted anonymize data instead of using personally identifiable infor-
mation (PII). When this is done the data is looked at in the mass and then assessed to see what they can learn about the
individual. Refusing to use PII does not guarantee the anonymity of the persons whose data are been analyzed [16]. AOL
anonymized 20 million search queries and made them available to be used by researchers. However the New York Times
was able to uncover the identities of the users by merely using other data that was publicly available [17]. The recent secu-
rity breach at Target and Neiman Marcus is still etched in the memory of individuals [16]. The security of data varies
across industries; however it is a high point in the financial services, insurance and health care [16]. The bid data tools
that are available today, coupled with availability of large public data sets make it a challenge to anonymize data [17]. An-
other challenge posed in the big data era is the de-identification of personal health information [17]. The HIPAA Privacy
Rule stipulates how data should be de-indentified and re-identified [17]. The use of statistical tools and practices, or the
removing of fields to enable revelation of an individual identity is strictly prohibited [17]. Data can be de-identified by
simply taking away key information from the data set, thus preventing individuals from identifying who the data subjects
46
to implement one [8]. This practice
is fairly new in some organizations;
hence its official definition is still
evolving at this point [10]. Data gov-
ernance is defined as the merging of
data quality management, data man-
agement systems, data security, and
data administration to control and
manage data within an organization
[10]. In a nutshell data governance
takes into consideration proper ac-
quisition and monitoring of data in
an organization. In addition data
governance practices are defined as
those policies in the organization
which provide a description of how
data ought to be managed for the
duration of its economic life cycle
a r e [ 1 9 ] . T h e p r o c e s s o f d e -
identification must be done proper-
ly. Failure to do so will facilitate easy
re-identification of data subjects [19].
If data gets into the hands of third
parties who are able to re-identify
the data subjects, which can result in
the dissemination of sensitive infor-
mation [19].
Description of data governance
Rand Secure Data, a division of Rand
Worldwide conducted a survey re-
cently which uncovered the fact that
44 percent of the companies sur-
veyed are without a formal data gov-
ernance policy, whilst another 22
percent did not express an interest
[9]. Data governance practices are
broken down into three components,
namely: structural, operational and
relational [9]. Big data grows at a fast
pace [6]. The company is able to
make better decisions whilst its data
is deemed consistent, accurate and
available [6]. Intel, Google and
Walmart presently manage several
petabytes of data [9]. For the most
part organizations tend to struggle
with the implementation of appropri-
ate governance mechanisms that will
effectively strike a balance between
the risk and the reward of big data
[9]. The value of data should be es-
tablished and used to determine how
much investment is required to be
made with a particular set of data
[9]. For example if profits to be de-
rived from a set of data are one mil-
lion dollars, it would not be worth
investing 5 million dollars in storage
technologies for that data [9]. It
should be noted that it is going to
cost organizations more money to
manage their big data [9]. This will
pose a problem if the organization
does not foresee significant increas-
es in profit margins [9]. Despite the
cost involved to have proper data
governance in place it is imperative
that organization make the neces-
sary investments required in this
area. The benefits to be derived
from good data governance in-
cludes: better quantity and quicker
decision making, quick response to
business change, improvement in
business intelligence reporting, re-
duction in costs, compliance with
established government regula-
tions, improvement in customer
satisfaction, improvement in posi-
tion on the market, to name a few
[13]. The value of a company’s infor-
mation will increase once a decent
data governance policy is put in
place [6]. In addition the company is
able to make better decisions as
long as its data is deemed con-
sistent, accurate and available [6].
MOTIVATION
Big data has sparked the interest of
many individuals particularly in the
field of business. The technologies
used in this era to manipulate data
have changed the way how business
is conducted, particularly in the
field of marketing. The ingenuity of
big data analytics have transformed
the way how meaning can be de-
rived from data. However this trans-
formation have somewhat contrib-
uted to the hunger and desire for
data scientist wanting to do more
with data that they have. Data does
not exist supernaturally, it belongs
to someone. Looking at it holistical-
ly, it would appear as if only data is
been touched. However the person
who the data belongs to is ultimately
affected by the hands of these data
analysts or even the computer algo-
rithms put in place. We are now
living in an era where what you put
in social media, text messages,
email, etc can be used to dictate the
kind of person who you are. Is this
analysis true? How much control do
you have as an individual over inter-
pretations made about you? Are you
capable of maintaining privacy in
the big data era? The results gained
might or might not be beneficial to
the person to whom it belongs. The
more power a data analyst gets the
47
O. Hamami spoke to the limitations of data analytics [17].
O. Hamami also mentioned in the study that big data
analytics has to be closely monitored to prevent violation
of customer privacy. The study also outlined how chal-
lenging the task is to maintain anonymity of the custom-
ers to whom a particular data set belongs in the big data
era [17].
D. Navetta looked at how marketers now rely on big data
to determine the correct product to market to the cus-
tomer and the time frame in which this should be done.
Evidently the customers are no longer required to speak,
the data obtained from them will be used to do this in-
stead [19]. D. Navetta also alluded to the fact that anonym-
ity of data subjects is difficult to maintain where big data
is concerned [19].
weaker the privacy of the customer gets.
RELATED WORK
J. Harper looked at how data obtained from social media;
sensors, etc are used to make decisions about individuals,
sometimes not in their favour [5]. H. Buhl, M. Roglinger, F.
Moser, and J. Heidemann, and J. Harper studies also
looked at how location based data was used by businesses
to make decisions about their clients [2], [5].
H. J. Watson looked at how data is combined from several
sources to arrive at what decisions to be made about cus-
tomers. Pieces of data such as who you are, where you live
and the friends were used to determine the products you
are more inclined to purchase [16].
PROPOSED SOLUTION
Data privacy remains a critical issue when it comes to big
data. The ability for the organization to effectively deal
with this issue lies in an effective data governance pro-
gram. When organizations choose a data governance pro-
gram it is critical that the same be aligned with the needs
of that specific organization. Notably, a governance pro-
gram might work excellent in one organization and pro-
duce minimal benefits to another simply because their
requirements differ. The same principle also applies to
the type of organization in which the data governance pro-
gram is to be implemented. This paper is focusing on rec-
ommending an appropriate data governance program
within the field of business to effectively manage privacy
issues with big data.
Before a governance framework is established it is imper-
ative that the affected organization familiarize itself with
the different types of big data [20]. Each big data type has
to be treated differently to get the desired results where
data governance is concerned.
Big data falls into five main categories, namely: social me-
dia, web, machine to machine (M2M), big transaction da-
ta, biometrics and human-generated. It must be noted
that ‘big data’ is ‘data’, hence the ‘traditional disciplines’
of information governance still applies to it [20]. The
tricky thing about big data thought is that its use cases are
used to drive its analytics and these use cases normally
relates to a specific industry or function [20]. Therefore a
data governance program will have to be tailor made
around a particular use case.
The DGPC (Data Governance for Privacy, Confidentiality
and Compliance) framework is recommended to address
the privacy issue currently experienced with big data.
The framework is comprised of three core elements,
namely: people, process and technology [21].
Figure 1. The three dimensional framework for gov-
ernance of big data (20)
48
The process element of the DGPC involves going through
authority documents such as: statutes, regulations, stand-
ards and company policies. These documents will outline
clearly what requirements are to be met [22]. It must also
be noted that organization are required to identify a set of
rules that is applicable to all of the core processes. These
principles identified include data privacy and confidenti-
ality principles [21].
The technology component involves checking selected
data flows and ensure that flows-specific risks that were
previously unaddressed by the information security man-
agement systems and or the control framework broader
protective measures will be identified [22]. The organiza-
tion is required to fill out what is called a risk/gap analysis
matrix when this approach is used. This matrix is built is
around the information life cycle, four technology do-
mains and the data privacy and confidentiality principles
for the organization [22].
An organization must be fully aware of how data flows
through its systems, is accessed and processed at differ-
ent stages by several applications and people for a wide
variety of purposes [22]. Figure 4 outlines the concept
behind the information processing life cycle. An organi-
zation must be fully aware of risks that can occur at each
stage to effectively combat them if they should arise in
the future [22].
Every time data is required to be transferred using what-
ever means necessary within the organization a new in-
formation life cycle will begin. It is critical that the organ-
ization applies the same restrictions for security and pri-
vacy to the transfer of data as what was previously as-
signed to the original data set [22]. The organization
Figure 2. Core elements of the DGPC Framework (21)
People are needed to use and manage the various data
governance processes and tools [22]. They are consid-
ered to be the most significant of the three cores [21]. It is
recommended that a DGPC team be set up in the initial
stages. The members of the team should come from in-
side the organization and each member should be as-
signed clearly defined roles and responsibilities along
with the prerequisite resources required to effectively
perform their duties [22]. These team members are
called data stewards [22]. The team is formed with repre-
sentatives from all levels in the organization [21]. These
include: executive management, data governance organ-
ization and workforce and trusted business partners [21].
Figure 3. The People Pyramid for DGPC (21)
Figure 4. Information Life Cycle (22)
49
email accounts via attachments, to
name a few. These devices can be
easily lost or stolen; hence it is im-
perative that the organization put
measures in place to effectively
monitor and protect these types of
transfers when they are required to
be performed [22]. Organizations are
encouraged to thoroughly evaluate if
the effectiveness of the various tech-
nologies used to protect data confi-
dentiality, integrity and availability
[22]. The organization should ensure
that there is a secure infrastructure
in place. Such an infrastructure
should be developed such that it will
not be vulnerable to malicious at-
tacks. Identity and access control
needs to be aware of the rules and
regulations that are related to data
privacy at the recipient’s location
[22]. These include but are not lim-
ited to the policies, systems and
practices [22]. These details are re-
quired to be identified prior to the
transfer of data as if additional secu-
rity measures will have to put in
place to deal with any underlying
issue the necessary changes can be
made. The organization also needs
to track situations where reports are
run and subsets of data are extracted
from databases. It is evident that
these pieces of data can be easily
transferred to removable storage
media, handheld devices, laptops,
should also be held in high esteem.
Only authorized access should be
granted and user privileges should
be effectively monitored across the
organization. The organization
should ensure that measures be put
in place protect its information and
relevant technologies should be in-
stituted to carry out auditing and re-
porting activities [22].
The organization should put in place
data privacy and confidentiality prin-
ciples to ensure the privacy of its cus-
tomer data is maintained. There a
four principles which are used to
govern such activities. They are: ad-
here to the policies outline for the
confidential life span, reduce the
risk associated with unauthorized
access or misuse of confidential da-
ta, reduce the impact due to loss of
confidential data and document rel-
evant controls and demonstrate
their effectiveness [22]. During the
confidential life span of data it is
critical that the organization pro-
cesses the data as stipulated by the
regulations. The preservation of the
customers privacy is critical during
this period of time as any breach of
this can prove to be catastrophic for
the both the customer and the or-
ganization. Therefore the organiza-
tion needs to enforce anonymity at
all costs wherever it is possible to do
so and ensure that the data is de-
identified in a manner that makes it
difficult to be re-identified and used
for other purposes. The organiza-
tion also needs to ensure that the
relevant administrative, technical
and physical mechanisms are put in
place to reduce the unauthorized
access and use of data that is
deemed confidential [22]. It was
mentioned earlier that individuals
can easily re-identify data using var-
ious technologies. The organization
needs put in as many redundancy
measures as possible to maintain
confidentiality as exposure of such
data can prove to be costly. The or-
ganization needs to be aware that no
system is free from penetration.
Therefore measures should be put
in place to ensure that confidential
data is lost or stolen the impact on
the customer and the organization
will not be too severe. It is encour-
aged that data be encrypted that if it
gets into the hands of the unscrupu-
lous individuals then the data would
be meaningless to them. In addition
breach response plans should be put
in place to deal with any such occur-
rences. Members of staff should
also be a part of this plan and should
receive training on this matter [22].
It is critical that all members of staff
be trained because swift actions are
required to taken in eventuality of
any security breach. Transparency
of activities is critical in the whole
process of maintain data privacy.
The organization needs have in
place appropriate monitoring and
auditing tools in place to ensure that
the data privacy and confidentiality
issues outlined by the organization
are been followed. If there are any
cases of non-compliance in this re-
gard the organization needs to
should put measures in place that
will mandate the submission of an
official report about such occur-
rences [22].
50
CONCLUSION
Maintaining the privacy of customer data will never be
an old issue. It is evident that as technology advances the
more measures will have to be put in place to combat
issues in this area. It must be noted that even though
maintaining the privacy of customers’ data is a daunting
task proper data governance can be used by organiza-
tions to effectively minimize the occurrences and effects
of data privacy. Data governance cannot be implement-
ed and effectively monitored by an individual; it has to be
a team effort. It is imperative that all organizations put
data governance frameworks in place to combat the data
privacy, particularly in the area of big data.
FUTURE WORK
Further research can be conducted on ethical issues con-
cerning big data analytics. Big data analytics has undoubt-
edly introduced some interested perspectives on how data
can be effectively manipulated to arrive at interesting re-
sults. Companies are no longer required for the most part
to personally ask customers what they want as they can
use data aggregation, location base data, to name a few to
get their desired results. Companies are now at a point
where they are no longer obligated to ask, they can just
take what they want. Are such actions ethical? Can a data
governance framework be put in place to address ethical
issues surrounding big data analytics?
References 1. A. J. Zwitter, and A. Hadfield. (2014). “Governing Big Data,” Politics and Governance [Online], Vol 2 No. 1, (pp 01-
03). Available: http://library.utech.edu.jm/ [August 6, 2014].
2. H. Buhl, M. Roglinger, F. Moser, and J. Heidemann. (2013). “Big Data: A Fasionable Topic with(out) Sustainable Relevance for Research and Practice,” BISE-Editorial [Online]. Available: http://library.utech.edu.jm/ [August 6, 2014].
3. A. McAfee, and E. Brynjolfsson. (2012). “Big Data: The Management Revolution,” Harvard Business Review [Online]. Available: http://library.utech.edu.jm/ [August 6, 2014].
4. W. Abed. (2011). “Data Governance: A Business Value-Driven Approach,” Global Data Excellence [Online]. Availa-ble: http://library.utech.edu.jm/ [August 6, 2014].
5. J. Harper, “Implications for Big Data Governance,” in dataversity.net [Online], n.d. Available: http://www.dataversity.net/implications-for-big-data-governance/ [August 5, 2014].
6. W. Applebaum, “Data Governance in the World of Big Data,” in blogs.avalonconsult.com [Online], June 13, 2014. Available: http://blogs.avalonconsult.com/blog/generic/data-governance-in-the-world-of-big-data-3/ [August 5, 2014].
7. C. Gross, “How to manage big data with a Data Governance Policy,” in kmworld.com/articles [Online], September 11, 2013. Available: http://www.kmworld.com/Articles/Editorial/ViewPoints/How-to-Manage-Big-Data-with-a-Data-Governance-Policy-91868.aspx [August 5, 2014].
8. J. Bertolucci,“Data Governance Plans: Many Companies Don’t Have One,” in informationweek.com [Online], March 2, 2014. Available: http://www.informationweek.com/big-data/big-data-analytics/data-governance-plans-many-companies-dont-have-one/d/d-id/1113678 [August 5, 2014].
9. P. P. Tallon, “Corporate Governance of Big Data: Perspectives on Value, Risk and Cost,” IEEE Computer Society [Online], 2013. Available: http://library.utech.edu.jm/ [August 6, 2014].
10. C. Begg, and T. Caira, “Exploring the SME Quandary: Data Governance in Practise in the Small to Medium-Sized Enterprise Sector “The Electronic Journal Information Systems Evaluation [Online], Vol 15 No. 1, (pp 03 -13), 2012. Available: http://library.utech.edu.jm/ [August 6, 2014].
11. P. P. Tallon, J.E. Short, and M.W. Harkins (2013). “The Evolution of Information Governance at Intel,” MIS Quarterly Executive [Online], Vol 12 No.4. Available: http://library.utech.edu.jm/ [August 6, 2014].
12. R. C. Rickards, R. Ritsert (2012). “Data Governance Challenges Facing Controllers”, International Journal of Busi-ness, Accounting, and Finance [Online], Vol 6 No. 1. Available: http://library.utech.edu.jm/ [August 6, 2014].
51
13. D. Navetta. “Legal Implications of Big Data,” The D. Waddington (2010). “Data Governance MDM and Data Quali-ty,” Information Management [Online]. Available: http://library.utech.edu.jm/ [August 6, 2014].
14. T. Neff. “Big Data: Unlocking the potential of information,” in Compliance Week [Online], September 2012. Available: http://www.compliance.com
15. B. Badrakhan (2010). “Drive Toward Data Governance,” Data Management [Online]. Available: http://library.utech.edu.jm/ [August 6, 2014].
16. H. J. Watson. “Addressing the Privacy Issues of Big Data,” Intelligence Journal [Online], Vol 19 No. 2. Available: http://library.utech.edu.jm/ [August 6, 2014].
17. O. Hamami. “ Big Data Security: Understanding the risks,”
18. Intelligence Journal [Online], Vol 19 No. 2. Available: http://library.utech.edu.jm/ [August 6, 2014].
19. B. Dinu and S. Iovan (2014). “Harnessing Big Data Volumes,” Oracle SA, Bucharest, West University of Timisora, Computer Science Department. Available: http://library.utech.edu.jm/ [August 6, 2014].
20. Computer & Internet Lawyer [Online], Vol 31 No. 1. Available: http://library.utech.edu.jm/ [August 6, 2014].
21. S. Soare. “A Framework that Focuses on the “Data” in Big Data Governance: Big data types, information governance disciplines, industries, and functions,” in ibmdatamag.com [Online]. Available: http://ibmdatamag.com/2012/06/a-framework-that-focuses-on-the-data-in-big-data-governance/ [August 8, 2014].
22. A Guide to Data Governance for Privacy, Confidentiality, and Compliance Part 2: People and Process, white paper, Microsoft, Jan. 2010.
23. J. Salido . “Data Governance for Privacy, Confidentiality and Compliance: A Holistic Approach ,” in isaca.org [Online]. Available: http://www.isaca.org/Journal/Past-Issues/2010/Volume-6/Pages/Data-Governance-for-Privacy-Confidentiality-and-Compliance.aspx [August 7, 2014]
52