By: Christina Pomianek-Smith, Information Security Analyst
The refrain “knowledge is power” has been repeated around the world for centuries, from ancient Sanskrit proverbs to the theme song of the animated American educational series, School House Rock. The pursuit of knowledge is central to our university mission. The objective—use knowledge to empower individuals and communities for the betterment of society. Knowledge can change the world. Those who discover, produce, and wield it hold many futures in their hands.
Knowledge is usually not developed or discovered by accident. Instead, it is the product of an ongoing process of data creation, collection, and analysis. With context, data become information. With meaning, information becomes knowledge. The process never really ends; new data are created at every moment.
In the digital era, data grow exponentially. In 2020, the world produced around 2.5 quintillion data bytes every day, and this number increases every year (Bulao 2021). With every search, post, and click, a global population of internet users, numbering 4.6 billion in January 2021, produces this “big data.” Today, creating actionable information from these data is easier than ever with the rise of software-as-a-service (SaaS) companies specializing in processing and analyzing massive data sets. This information can be used in various ways—recommending your new favorite Netflix show, creating targeted marketing campaigns, or predicting supply and demand for personal protective equipment throughout a pandemic. Because of this potential, data are often called “the world’s most valuable resource.”
The internet opens paths to knowledge and encourages new forms of communication, collaboration, and creativity. However, the collection and use of digital data come with risks and responsibilities. In combination, data points are informative; they can identify an individual, reveal sensitive information, predict behaviors, and invade privacy. In the hands of a cybercriminal, information can be held for ransom, used to develop phishing and impersonation campaigns, and spread targeted disinformation.
The same is true for the data we produce as an institution. We create and manage troves of valuable data in our research, teaching, and patient care. Everyday operations such as onboarding new employees, registering for classes, or updating medical records similarly involve large amounts of data. It is our responsibility to protect these data from unauthorized access and use so that we can continue our crucial work for the good of society.
Many of our data are protected, regulated by law. Other data are confidential, provided with the understanding that they will be held in confidence. If we fail to protect these data, we may reveal sensitive information about individuals, let data fall into the hands of those who wish to do harm, violate the law, and damage public trust in our institution, our disciplines, and the important work that we do.
Securing our data is essential to our work, and we count on everyone to do their part to protect our institution, its people, and our data. The Office of Information Security is here to help you identify the best strategies for managing data, no matter the type. The first step is understanding the risk of harm that might result if those data are disclosed, altered, or destroyed without authorization. Start the process by visiting our refreshed Data Classification page to learn more about different types of data and the security practices that protect them.
Let’s defend our data in the quest for knowledge and protect the privacy of everyone who contributes to that effort!
Please reach us at firstname.lastname@example.org for additional assistance. Thank you for everything you do to keep WashU secure.