State Street has approached the semantic data model by building a set of tools to help end users -- generally a business person rather than a programmer or DBA -- do the description.
"The tools are much more designed for the actual owner of the data," Saul said. "In most cases that's not a programmer or DBA, that's a business person. The business person, in describing the data, knows what that data is. They know what this reference information is supposed to connote. Using the tool, they can translate that into a semantic definition and in turn use that and combine it with some other definitions to produce, say, a risk report or the on-boarding of a new customer. For years we've talked about being able to blur the line that exists between IT and the business and having business be able to have tools where they can more clearly express requirements. This is a step in that direction. It's not full business process management, but it's certainly a step in getting there."
Securing Big Data
But collecting all this data and making it more accessible also means organisations need to be serious about securing it. And that requires thinking about security architecture from the beginning, Saul said.
"I believe the biggest mistake that most people make with security is they leave thinking about it until the very end, until they've done everything else: architecture, design and, in some cases, development," Saul said. "That is always a mistake."
Saul said that State Street has implemented an enterprise security framework in which every piece of data in its stores includes with it the kind of credentials required to access that data.
"By doing that, we get better security," he said. "We get much finer control. We have the ability to do reporting to satisfy audit requirements. Every piece of data is considered an asset. Part of that asset is who's entitled to look at it, who is entitled to change it, who is entitled to delete it, etc. Combine that with encryption, and if someone does break in and has free reign throughout the organisation, once they get to the data, there's still another protection that keeps them from getting access to the data and the context."
Gazzang's Warnock agreed, noting that companies that collect and leverage Big Data very quickly find that they have what Forrester calls 'toxic data' on their hands. For instance, imagine a wireless company that is collecting machine data -- who is logged onto which towers, how long they are online, how much data they are using, whether they are moving or staying still -- that can be used to provide insight to user behaviour. That same wireless company may have lots of user-generated data as well -- credit card numbers, social security numbers, data on buying habits and patterns of usage -- any information that a human has volunteered about their experience.
Sign up for CIO Asia eNewsletters.