As interesting as Big Data is often for locating patterns within the past, its biggest promise for security lies in having the ability to predict the longer term. No, we’re not talking about some kind of Minority Report dystopia where the state peers into your soul. Used correctly, Big Data analysis fairly often reveals emerging data patterns which will tip the likelihood of an imminent problem. There’s no one-size-fits-all approach to extracting value from Big Security Data, and that’s true for predictive analytics capabilities also. During this article, we’ll take a somewhat futuristic check out what Big Data is going to be ready to predict in retail applications.
The retail industry is usually trying to find new tools to scale back shrinkage. Big Data solutions are already making huge advances in correlating Point of Sale (POS) data with video analytics to spot and reduce various sorts of employee malfeasance at the register. This was probably one among the primary applications to emerge because it’s a tightly constrained, data-rich environment that creates analysis relatively simple. However, it tackles just one sort of retail loss. There are many other problems in retail settings that need more subtle analysis across even larger data sets. Electronics retailers, for instance, routinely lock up high-value goods in access-controlled cages to limit who can handle these things and when.
Biometric readers can increase the knowledge of who has accessed the cage, and video cameras can provide visual verification. But during a busy store, including a whole chain, that represents mountains of knowledge to sift through and store managers are usually too busy serving customers to sort through all that data in a timely manner. Enter Big Data. It’s possible to research access to inventory and POS sales data to scan for meaningful correlations in real-time. As a baseline, for instance, there should be a statistical relationship between the number of times the high-value storage is accessed, and therefore the number of high-value sales actually rung up at the register.
An outsized organization could further normalize this data on a per-store basis by the time of day, by specials and sales, then forth. Thereupon statistical baseline in situ, any deviations spotted in real-time might be flagged for local or corporate loss prevention review. What’s different since the arrival of massive Data is that the software to try to this sort of study has come down in cost by orders of magnitude, and increased in speed by similar leaps and bounds. There are many patterns that would indicate the likelihood of theft, but they will only be predicted in real-time with the sort of advanced tools that have come to plug since Big Data’s arrival. True, such software could be written a few years ago, but the expense would have created an ROI few companies could justify.
What about Privacy?
We can’t leave the discussion of massive Data in Security without considering its impact on personal privacy. As USA Today’s Howard Rheingold put it: “You can't assume anywhere you go is private because the means of surveillance is becoming so affordable then invisible.” which was well before Big Data, which has further heightened concerns that it'll have the perverse effect of further empowering governments and enormous corporations at the expense of the individual. There’s perhaps a no better example of this concern than the recent controversy over the extent of NSA surveillance techniques.
By an equivalent token, within the commercial arena, much of the predatory lending and outright fraud that happened during the 2007-08 housing implosion was an immediate result of banks and mortgage companies using huge databases to focus on vulnerable consumers. There are real, potential drawbacks, so does this mean we should always not use Big Data in security? No, I don't believe so. But as always, there must be responsible, regulated use of any technology. Writers on this subject have cited the OECD Privacy Principles as a start line for any data collection policy associated with Personally Identifiable Information.
This is a useful framework that lays out standards along eight dimensions:
• Collection Limitation
• Data Quality and Relevance
• Specification of Purpose
• Limitation of Use
• Information Safeguards
• Individual Participation
In some respects, many of those principles are at odds with the practices of the safety organization, which by its very nature must often operate covertly. That said, there is a minimum of two important exceptions we should always all observe as we build Big Data databases and tools: our customers and our employees. For both of these groups, clear guidelines are essential to the very trust and long-term relationships we try to instill as a part of security’s core mission. Because the 911 Commission Report put it: “We must find ways of reconciling security with liberty since the success of 1 helps protect the opposite.”