Chapter
6

Using the Real-Time Data
Lever to Transform to a More
Real-Time Organization

Real-time data is an essential component throughout the real-time company’s processes. For example, completion of an online order process requires data about the product ordered, the customer, and the method of payment. Google and other search engines use data derived from customer searches to support the process of displaying ads that are related to those searches and, thus, are likely to be of interest to customers. Once the customer has used the search engine to find a store that carries a product of interest, the customer can link directly to the online retailer of interest. Amazon and other online retailers use the data they collect while the customer is browsing their stores to highlight best sellers and products likely to be of personal interest to the customer.

As these real-time companies collect data about customer behaviors, that data is saved in their version of an RTMR system. Depending on the company, the data can include start and stop times of customer-centric processes, resources consumed, and customer satisfaction. After collecting data, organizations must then employ it to drive business value for the company; whereas data that drives business advantage is extremely valuable, data that does not drive incremental value for the company has little value. Real-time companies, companies that understand the value their customers place on their time, will treat the data in their RTMR systems as an asset, information that has the potential to further improve their ability to serve their customers. The value of these data assets is realized when the company uses the data to surpass competitors’ ability to demonstrate respect for the customer’s use of time.

Real-time data often supports agility in the quest to value customer time. It supports faster customization or completion of operational processes. Analysis of real-time data also provides the basis for a company to rapidly identify priorities for improving customer real-time experiences and to rapidly innovate to solve lingering customer issues or emerging opportunities. Although the establishment of an RTMR system will take time, the investment will increase the company’s agility, thereby making it possible to be more efficient as it progresses along the real-time continuum. The RTMR system becomes a platform that, once established, allows the company to focus on customer needs in a way that customers recognize as faster or more satisfying. Adopting a real-time philosophy, where a company values the customer’s time better than competitors do, requires an investment of company time to develop the requisite understanding of the customer’s time experiences throughout the life of the company’s products and services. Once the RTMR system is established, it is an investment that pays large dividends. Organizational leaders should ask this important question: “Have we invested in an RTMR system that collects data reflecting a real-time philosophy?”

Enabling the Use of the Real-Time Data Lever— Addressing Security and Privacy Concerns

The internet, and technology in general, has made it easier to amass a wealth of data about customers. This wealth of information can be extremely valuable when trying to understand customers, including the way they buy, use, and maintain products or services. Assembling such a large store of data, although a valuable asset for the company, creates new risks. Recent events in the news demonstrate the risks that occur when a company fails to protect these assets. To deal with these risks, companies have developed robust policies and practices that address data security and privacy concerns.

Organizations collect a lot of data directly from customers, much of it in exchange for some incentive or benefit, such as a coupon, warranty, loyalty rewards, announcements about new products, and sales events. Customers expect companies to adequately protect their data with security procedures. In general, customers often consider their use of a product or service a private matter; however, they are willing to share their data with companies they trust in the belief that the company will use the information to improve current and future products and services. The willingness of customers to share data with a company is based on the level of trust and respect that has been earned between the customer and the company. The greater the level of trust, the more a customer is willing to share. Should something happen to negatively impact the level of trust between a company and a customer, the customer will likely cease sharing data with that company. Moreover, simply because a customer shares data with one company does not mean that the customer will be willing to share the same data with another company. In many cases, when it has been discovered that a company has shared its customer data with a partner that is untrusted by the customer, the customer recourse is to punish the parent company by terminating their business relationship.

Addressing Security and Privacy of Customer Data—A USC Marshall Research Project⁴⁶

A general customer data problem that organizations face as they engage in transformations using the real-time data lever is what to do with regard to security and privacy of customer data. This includes policies that call for sharing customer data with partners. Many customers will share what they consider to be private personal data with a trusted company that they have engaged with. If the customers consider their data private, they do not want the trusted collecting company to share the data with others unless they are asked to consider whether that partner company is also trusted. Before sharing the data with its partners, a real-time company will seek the permission of its customers and explain the need, or they will implicitly take on the responsibility to ensure the partner companies have established protocols to protect the data. In the end, trust is a corporate characteristic, and when it is extended to a network of partners, the level of trust is determined by the weakest link in the system of partners. A real-time company understands that although data is an enabler that allows the company to act in real time, the tools needed to face the heightened security and privacy risks associated with the data are a prerequisite. This USC Marshall research has found that companies that are leaders in securing their customer data and properly balancing customer privacy concerns with data sharing grow revenues and profits faster than companies that are average or below.

Government and regulatory institutions typically focus on issues that have created wide-scale community concern. Efforts from these sectors generally seek to establish rules and procedures that prevent the reoccurrence of legacy faults. In contrast, real-time companies seeking to be leaders strive to go beyond minimal legal requirements in an effort to provide their customers with better experiences. For example, the legal community has defined personally identifiable information (PII) to include telephone number, home address, birthdate, Social Security number, credit card number, birthplace, and driver’s license number. Many legal authorities press to ensure that all companies take steps to protect PII data. In contrast, a real-time company will establish protections beyond the minimum and provide enhanced levels of security and privacy related to not only PII data but also other data that the customer considers sensitive.

For example, a health-care company might treat biometric data collected via the Internet of Things (IoT) as sensitive data even if it is not linked to an individual’s PII. In this case, the company recognizes that the biometric data in itself is anonymous, but once it is linked to a set of records that detail device ownership, the sensitivity of the data is significantly increased. If the data is hacked or inadvertently placed on a jump drive that is later misplaced, the repercussions could be enormous. In an effort to minimize risks, this example health-care company can encrypt the health-care data so that if it were linked to PII data and then lost, impacts would be reduced.

Real-time companies that outperform others manage security and privacy by paying attention to technology, design, and people. From the technology perspective, technology in the area of security is making constant gains, so companies must actively manage upgrades. From the design perspective, security and privacy cannot be treated as an afterthought. Preventive measures must be designed into the system at the onset. From the human perspective, regardless of how good the design and technology are, if personnel are not trained to prevent threats, identify threats, and act on threats, systems will be compromised. Real-time companies display heightened awareness of technology (encryption, authentication, data segmentation, firewalls, etc.); design of controls for data confidentiality, integrity, and availability; and the need for human preparedness (such as training, preparedness drills, and escalation procedures).

Many companies ask external experts to assess whether their level of protection is sufficient and conduct internal risk analysis to determine if the risk justifies incremental investments. As a part of these audits, some companies use penetration testing to evaluate their security efforts to protect the privacy of customer data. Given that new threats are constantly emerging, it is impossible to avoid all potential breaches; therefore, real-time companies utilize these regular audit programs to test and evaluate threat response procedures. The response procedures can be much more involved than the detection/protection procedures because they can involve personnel from IT, legal, marketing, strategy, management, and others. For some companies these procedures can include notifying impacted customers as soon as possible after a breach is detected, whereas other companies might wait until the threat is understood and contained. Though some argue in favor of a simplistic threat response protocol, it is clear that the response must reflect the nature of the data in jeopardy and the nature of the attack. More research in the area of customer-experience response protocols is clearly needed.

Interestingly, this USC Marshall research has demonstrated that successful companies often intentionally “advertise” their data protection policies to their customers. The positive impact of such programs is to educate customers about the nature of the collected data and the efforts to secure the data. These efforts, which may be part of a company’s real-time philosophy, are intended not only to create trust but also to minimize the loss of trust when adverse situations occur. Apple is an example of a company that has touted its commitment to the protection of individual data.

Many companies have taken the path of aggregating data before sharing it with partners. This further obscures PII specifics from the partners; effectively, the companies are creating a new, non-customer-specific data set from customer data. Given that this new data set is not customer- specific, the data can be shared without customer approval; however, some companies ask their customers to approve such sharing, whereas others post descriptive information about their data sharing policies in an effort to be transparent. In contrast, the less successful companies share data without any acknowledgment of their data sharing practices. To be clear, data sharing is not a bad thing; in fact, companies that share data with their partners tend to outperform companies that prevent data sharing. The point, however, is that the real-time company is ideally transparent about its data sharing policies, whereas the required level of transparency is driven by the competitive market and the customer.

Data security can be defined as the effort employed by a company to ensure the data is used only for the company’s intended purposes. In contrast, data privacy means a company will only use customer data as the customer intended. Data can be secure but not private, or it can be private but not secure. Research in this project indicates that the most successful companies allow customers to establish personal data sharing profiles with defaults that reflect their desires. When customers are allowed to increase or relax privacy settings to reflect their personal preferences, they feel they are a respected part of the conversation and are encouraged to share more.

Addressing Employee Concerns Regarding Knowledge Sharing—A USC Marshall Research Project⁴⁸

In addition to collecting customer data, companies collect considerable data about their employees to support basic business functions, such as payroll, evaluations, and more. Many companies go beyond the collection of basic operational data to include employee input on improving task performance or process efficiencies. Employees who provide such input contribute to understanding best practices, methodologies, and on-the- job experiences. Knowledge sharing is a term used to describe voluntary employee participation in this data collection and interpretation process. Although knowledge sharing is often associated with positive outcomes (e.g., better learning, coordination, efficiency, and work quality), it can cause angst among the employees as well.

If employees do not trust the employer or coworkers, they will be more reluctant to participate in voluntary programs, and they will resent technology-enabled monitoring programs. Lack of participation not only impedes a company’s ability to gather the data to improve operations, it can also trigger an avoidance mechanism on the part of the employees, which weakens the processes the company was hoping to improve. Thus, unless the efforts at knowledge sharing are supported by the employee base, those efforts are doomed. Therefore, knowledge sharing and, more generally, collaborating require the employees to understand and appreciate the necessity and value of the collected data; employees must buy into the position that the value of the benefits outweigh the risks associated with the data collection process.

One employee concern is that when employees are competing for raises and promotions, some employees will attempt to game the system and, in so doing, undermine others. If a company creates an environment of fear, where the perceived cost of sharing an idea is more significant than the benefit from sharing, it encourages counterproductive behavior, such as withholding knowledge. In contrast, an environment of trust encourages increased knowledge sharing.

In the internet age, many employees are concerned about the privacy of their personal information that is disseminated out on the internet. Similarly, they are also concerned about the privacy of personal data, including knowledge, that they share with their companies. When employees are concerned about their employer’s use of their private data, it implies the employees do not trust their employers to keep their data secure. It could also imply the employees do not understand how a company uses its employee data. When a real-time company is dealing with customer data, it must demonstrate a respect for the customer’s time and an ability to protect the data. Likewise, the company must accept that there is an equally valuable relationship between the employee and the company. If the company fails to demonstrate respect for the employee’s use of time or if it fails to protect the employee’s data, efforts to improve corporate operations may be stymied.

Companies demonstrating greater care in safeguarding company data, which includes both employee and customer data, are more likely to have established greater trust with employees and customers. At the same time, greater security measures suggest that it is important to be wary of others seeking to obtain and use the data illicitly for their advantage. The research results suggest that greater wariness in conjunction with greater security contribute to success.

When addressing privacy and knowledge sharing concerns, organizational leaders should strive for both trust and wariness in their employees. Employee trust is necessary to encourage knowledge sharing. Wariness is necessary for employees to take security measures seriously and safeguard data. Finding the balance that encourages sharing and safeguarding data at the same time is the challenge.

Enabling the Use of the Real-Time Data Lever—What Is Required to Convert Data to Business Value

Today’s business leaders live in a data-rich era. Business leaders have access to large amounts of data (structured and unstructured), including data about corporate operations, individual customers, and competitors. The volume of data being collected is expanding at an unprecedented rate. Real-Time organizations are constantly facing the issue of how to turn this large volume of data into incremental business value. What are successful companies doing to convert data to business value?

Converting Data to Business Value—A USC Marshall Research Project⁵²

At this point, an organizational leader should be asking, “What steps should I be encouraging within our organization to make it possible for us to convert data to business value?” This USC Marshall research provides important insights. It shows that real-time companies are expanding their data analytics teams and providing these teams with even more data. Data analytic teams possess data that describe competitive products and services, market environments, customer comments on social networks, customer data, data about competitors’ customers, and revenue and business model data. These data analytic teams split their time between efforts to increase situational awareness, predictive analysis, and market response. Situational awareness seeks to understand what happened and why (e.g., descriptive and diagnostic analytics). Predictive analysis seeks to understand how historic trends serve to forecast future conditions. Market response analysis assumes some action will be taken to continue or change the current trajectory. Prescriptive analytics recommend actions to take. Each of these different types of analytics has the common goal of uncovering some new business insight that can be acted upon in order to improve business performance. It is clear that companies that make significant use of data analytics have a demonstrable competitive advantage.

The highest-performing companies make it clear that it is the talented people and supportive processes that generate business insights from data and drive their business success. A key enabler of success is related to these companies’ efforts to include a diversity of perspectives when assembling their analytics teams; different types of people are required to maximize data-driven benefits. One perspective included in these teams represents that of the data scientists, people who have analytical talent and domain expertise. Another perspective included in these teams represents the technologists, who understand how technology generates the data that feeds the analytic systems (and the strengths and weaknesses of such data). There are also business domain specialists, including data-sophisticated managers and analysts, who understand the relationship between data and business processes and how data can create business value. Teams may also involve business domain specialists whose role is to represent the customer, pose the right questions for analysis, and interpret and challenge the results. A data analytics function is important for real-time companies, but such a function would not be complete without supportive processes and people willing to act decisively based upon interpreting the results of analysis. It is what people do with the results from all that data that creates the true value for the business.

As a real-time company assembles its data analytics plan needed to convert the RTMR system data into business insights, it must, at a minimum, include the following:⁵³

  Acquire any needed technology

  Establish procedures to collect and store needed data

  Address security and privacy concerns; manage risks while finding the balance between trust and wariness

  Periodically realign organizational strategy and culture to reflect data-driven insights

  Hire or develop data-sophisticated action-driven people with the skills to discover data-driven insights

Key Takeaways

  The technology, data collection procedures, and security and privacy practices that are part of the real-time data lever make it possible to collect data for the RTMR system. The data collected includes not only the data to monitor customer interactions but also all kinds of other data, including typical business performance data, employee data that includes knowledge the employees share, and data on competitors and economic conditions.

  The volume of data available to the real-time organization is rapidly growing and will only accelerate with the advent of the Internet of Things (IoT). Real-time companies must stay on top of managing their data, including their privacy, security, and sharing policies. They will want to avoid being overwhelmed with addressing data issues while also under pressure to compete effectively.

  The data lever includes investments in not only data and technology supporting data collection, analysis, and use but also the supporting personnel and processes. Data analysts, data-sophisticated managers, and others who are part of the real-time data lever make it possible to convert data to business value. They analyze the RTMR data, interpret the results, set priorities for improvement, and respond to the competition by identifying, evaluating, and implementing innovations.

  Organizations that have joined the real-time revolution use their investments in the data lever to transform steps in the life of a product or service to provide customers with real-time experiences that are better than experiences provided by their competitors. Leaders and members in organizations aspiring to be real-time leaders will want to ask, “Have we made investments in collecting, managing, and using data that allow us to become a real-time leader?”