Data sharing within organizations is vital for companies that want to create value in the digital economy, but it can be slow, costly, and risky.
In a new research briefing from the MIT Center for Information Systems Research, principal research scientist Barbara Wixom, research scientist Ina Sebastian, and University of Virginia professor Robert Gregory make the case for companies to embrace “data sharing 2.0”— that is, cross-company sharing of complementary data assets and capabilities.
In the first iteration, data sharing 1.0, companies shared data to enable or preserve an existing value proposition — to solve a problem, complete a transaction, or comply with a regulation. Data sharing 2.0 encourages companies to curate their data and make it widely available to encourage collaboration and innovation.
MIT CISR studied interorganizational data sharing over three years at 23 companies, including PepsiCo, Schneider Electric, and IBM, looking at why and how they shared data and how sharing helped them gain more value and innovation from their digital initiatives.
They identified three practices that can help companies accelerate toward data sharing 2.0.
Curating data means creating prepared data sets that can be used by various teams across the company to innovate. Steps to take can include removing personally identifiable information, converting field values to conform with industry standards, compiling records into higher levels of aggregation, and extracting insights to share that don’t include the underlying data. Curation can also include pre-vetting the company’s ownership and right to share the data.
Establishing channels for secure data exchange protects the data while allowing it to be accessed and transferred across the company. There are several options for how to do this:
- a data platform, either internal, such as a data lake accessed through application programming interfaces, or external, like a third-party hosted platform.
- secure data movement — exchanging data using blockchain technology or another form of masking and encryption.
- “data-at-rest” sharing techniques that manage access rights. Data-at-rest is inactive data stored in a cloud or on a platform; those in charge of the data can manage access rights across tenants of the platform or cloud, or federate access so people can see results of queries or analysis but not the underlying data.
According to the researchers’ interviews with executives, many companies rely on security and legal teams to create specialized processes and procedures. These could be generalized through use of repeatable controls, allowing companies to move from time-consuming, bespoke data governance measures to standard operating procedures for oversight. Teams should aim to capture lessons learned, exceptions, and repeatable steps to build a playbook for future data sharing arrangements.