Data: Your Most Valuable Asset – A Business Case for Data Governance

Unstructured data comprises 80% of most company’s total data volume. The average organization’s data volume is doubling every two years, and much of that data must be managed for years to come in order to meet regulatory compliance laws. Data governance, the management and security of your data, is the most important challenge faced by organizations today. Your organization runs on data, some critical to operations, much of it confidential. Let’s face it; your data is your most valuable asset.

Many organizations today spend millions on security technology rather than a fraction of that on information management risk assessments and data process (governance) improvements. Organizations rarely have a full accounting of all the data they create, transact and store, but they do have detailed inventories of the hardware on which that data resides. Addressing this problem is not easy without the proper tools.

Nearly all definitions of ‘information governance’ contain a stated goal to manage data as an asset. Many organizations toil with this concept: how do we calculate the ‘value’ of this asset, and if value is a subjective thing, then the whole notion of ‘business value for data’ becomes a weak argument for information governance. It can be difficult for organizations to arrive at accepted subjective units of measurement to calculate an agreed upon business value for their data. That being the case, the value of data is often not seriously examined until after disaster strikes, like a breach, or during a publicly transitional time, such as a merger.

Data is transactional in nature, meaning data is the result of some activity or process. In terms of unstructured data, it can be a work product, or it can be a conversation within an email. In either case, that data is a type of result. The value of that data in motion is now usefulness in a productive process, such as building customer relations or product research. The usefulness of that data in motion may diminish over time. A three-year-old email may not have the same business value in motion today as a current email exchange with a customer yesterday. The value of that three-year-old data now at rest is usefulness in meeting the mandatory data retention compliance laws enforced upon your industry and avoidance of stiff fines for penalties cited. If asked, can you answer the challenging yet vital questions of who has access to your unstructured data, who should and shouldn’t have access, who uses and who abuses their access? If a first attempt at answering that question is made during an emergency, the process will likely be costly and slow. Wouldn’t it be nice to be prepared to answer that question before asked?

What about the question of, which of your sensitive files, if any, are exposed to risk? These are tough questions to answer with the native tools in Windows Operating Systems. Unfortunately, with the break-neck speed of information technology development, the increasing barrage of security threats and ever-changing landscape of BYOD connectivity, these questions are often left unanswered until disaster strikes, like a data breach.

Did you know that data breaches are one of the most common and costly security failures in any size organization? In fact, recent studies report that companies are attacked an average of 16,856 times a year, and that many of those attacks actually do result in a quantifiable data breach. And with data today moving freely between corporate networks, mobile devices, and the cloud, data breach statistics show this disturbing trend to be accelerating rapidly. Building a business case for data security management investment begins with quantifying the threat. Data breach statistics are plentiful on the web. But not all data breach statistics are reported, and some victims aren’t even aware they’ve been compromised.

Technology providers including IBM conduct their own research collected from the thousands of client networks which they monitor and share their data breach statistics in annual reports. Rest assured data hk , the data breach threat is very real, and costly. IBM reports that the financial consequences of a data security breach today amount to an average 29% damage of reputation and brand, 19% loss of revenue and 21% lost productivity. Those are tough challenges to overcome. Many businesses are unable to regain public trust of their reputation and brand and do not survive another 2 years after a data breach. Fortunately, data breaches can be managed with a cohesive data governance plan, including proactive monitoring of your sensitive unstructured data combined with automation to secure any found sensitive files before unprivileged users have an opportunity to see or share.

Here’s another great question for you, who should be responsible for managing access rights to your data? For years IT has undertaken the complete responsibility of configuring data access rights and monitoring data access audit logs. A common problem is, oftentimes, IT does not know the context of the unstructured data for which they are responsible to secure access, and why should they? Why not put the responsibility for data access control on the actual data owners, those with the higher understanding of the data content and who should or should not be granted access and what type of access they should have?