Organizations Still Struggling to Secure Data
And yet, despite the danger, organizations are having trouble securing that data. Symantec found that in the last 12 months:
- 69 percent of organizations lost important business information due to human error, hardware failure, software failure and lost or stolen mobile devices
- 69 percent of organizations exposed confidential information
- 31 percent of organizations had compliance failures
When it comes to exposure of confidential information and compliance failures, one of the smoking guns is information sprawl. Thirty percent of respondents said information sprawl was a somewhat or significant factor in these mishaps. "Our biggest concern in IT about information is the ability to control and be able to normalize it to really understand what we have," says an IT manager at a large financial services enterprise. "We have so much information it's hard to glue it all together. With all the different regulations in the financial industry, it becomes very difficult."
In fact, Desai says, as much as 42 percent of data stored by organizations is duplicate information-data stored on a file share, backed up on a desktop, attached in an email file or copied to a mobile device.
Given the ballooning amount of information and the potential dangers it represents if unprotected, how can organizations get a handle on it?
"You have to make sure that information is at the top of your mind," Desai says. "Focus on the information, not the device or data center. Track your information flow. Where are you storing the information? Are you tracking your sensitive information?"
Five Ways to Better Manage Data
Here are five steps you can take to better manage your data:
- Focus on the information, not the device or data center. Focus on building an information infrastructure that optimizes the ability of your organization to find, access and consume critical business information. Key technologies include virtualization, cloud computing and mobile devices and applications.
- Gain a complete understanding. Know your information and recognize that not all information is equal. Many organizations lack basic knowledge like who owns specific information, how important the data is or even whether it is personal or business in nature. You need to map and classify information to discover its relative value. Once you've done this, you can more easily prioritize security, protection and management resources for the information that really matters.
- Be efficient. Use deduplication and archiving technologies to protect more while storing less. Only store what you really need.
- Set consistent policies. It's essential to set consistent policies for information that can be enforced wherever the information resides, whether in physical, virtual or cloud environments. This unifies information classification, automates discover of who owns and uses specific information, controls access and distribution, automates information retention and deletion and speeds the process of eDiscovery.
- Stay agile. Plan for future information needs by implementing a flexible infrastructure that supports continued growth.
Sign up for CIO Asia eNewsletters.