Nowadays, every company is a data company. Data is, and should be, a core factor in the building of any business strategy. Investing in, knowing and understanding data is crucial for a company’s growth and expansion.
However, according to research conducted by Exonar, 72% of organisations are finding it difficult to get visibility of what’s in their data across their entire estate, and you can’t secure, or use, data that you don’t know you’ve got.
This is a scary statistic, particularly given how important data security is for building trust. In fact, our research also shows that 88% of organisations say customer trust is dependent on how Personally Identifiable Information (PII) is handled.
There’s good reason for organisations to be concerned, as it seems that not a week goes by without another data breach hitting the headlines. Just recently, the Government’s ‘track and trace’ scheme has widely come under fire for how it’s handled private data: reports are emerging that individuals employed as contact tracers have allegedly shared the private details of COVID-19 patients on WhatsApp and Facebook in unregulated groups.
Managing data, therefore, requires a delicate balancing act – how to protect data and also use it to power the business forward.
Powering business with data
Being able to access the right data helps leaders make smarter decisions about where to take their companies – whether that’s to develop new products, unlock new markets or reach new audiences.
It’s easy to use the information in structured data sets like your CRM system used in marketing, or your HR database used to manage information about your staff, or your accounting systems containing financial data. These are known, managed and secured, and pose little risk to the company.
But that isn’t the case with unstructured or ‘dark’ data. We know from our experience helping companies reveal their data, that approximately 85% of it is dark. It’s comprised of documents, spreadsheets and information often downloaded from structured databases. It’s shared and stored in email inboxes, Word documents, Excel spreadsheets and cloud storage drives. It can pose a serious security risk if it contains sensitive information.
Our research also told us that 77% of companies are concerned about having personally identifiable information (PII) or sensitive business information hidden in their data that nobody knows about. And we know from our customers that on average 9% of it contains personal information.
However, once revealed, there’s gold to be found in unstructured data – knowledge, information and intelligence that can power a business and create a compelling advantage. We have a customer who is using data discovery to unearth scientific information and extract knowledge from documents in their unstructured data which were considered long-since lost.
Balancing data security and productivity starts with visibility
In the age of digital, organisational borders are being stretched further than ever before, as businesses open themselves to new ways of working. But without a traditional ‘perimeter’ to protect, gaining visibility of devices, their users and who owns them is almost impossible. This means it’s only a matter of time before unprotected data finds its way out of the organisation, causing a damaging data breach.
The challenge for data security professionals is how to allow employees access to the data which they need to do their everyday jobs, while at the same time protecting the organisation from a breach.
The first step to achieving security and productivity must be to gain visibility of data at scale.
For example, we have a customer in the financial services space using Exonar to gain total visibility over a data estate exceeding 160TB. By identifying what data it has and where it is, that information can be secured in a regulatory and contractually compliant way. And by joining the dots to combine data in highly complex ways and in a visual format, the organisation is giving technical and non-technical users the insights they need to make strategic decisions about how to commercialise its data and strengthen its competitive advantage.
By discovering and gaining visibility of structured and unstructured data across an entire data estate, the organisation acquires a much clearer understanding of what’s out there, where it is, how it’s developing, and how it’s moving, changing and growing.
Uncovering hidden data allows a business to analyse trends around where insider breaches are most likely to happen. The presence of sensitive data might be uncovered, meaning that measures can be employed, or the data secured, to reduce the risk of breach from the inside or outside.
Our customers tell us that the best way forward is a combination of two things. The first is knowing your data better as an organisation, so appropriate remediation actions can be taken to reduce the amount of sensitive, personal or unnecessary data left lying around unprotected;. And the second is targeted education of employees, designed to encourage adherence to data protection policies.
Pursuing this combination of people, process and technology, with the ability to find and protect information, while monitoring adherence on a daily basis with policy, is a recipe for success for information security and data governance professionals alike.
Make data visible to protect and power the organisation
Only once an organisation can see what data it possesses, can it begin to use what’s valuable and govern what’s sensitive.
It is a fine balancing act because organisations must open their data environments up to allow people to work effectively and efficiently, while at the same time protecting that data.
At a time when cloud, mobility, AI and the IoT are driving the digital agenda, it’s the companies that are able to protect their data while using it for competitive advantage and to adapt quickly to address the scenarios they face, that will be better equipped to thrive, or even turn situations to their advantage.
Stay in the loop
Sign up for news, opinion and useful resources on data governance