Information overload, data explosion and big data – terms we are now reading about on a daily basis. It’s no secret that the amount of information that businesses are dealing with today is huge, so huge in fact that the actual size is still difficult to grasp. But what does this mean to businesses today and should they be concerned?
Our recent State of Information survey found that an unimaginable 2.2 Zettabytes of information is stored by businesses. To try and put this in context, imagine filling the Empire State building with one page documents – 1,287 times – or getting every grain of sand in the world and multiplying the amount by 300.
And it’s continuing to skyrocket. In fact, over the next year information is expected to grow 67% for enterprises and 178% for SMEs. Yet for most businesses, storing all this data isn’t a concern anymore as it’s easy to increase storage space in the cloud. However, where businesses are still falling short is when it comes to effectively managing and securing all this data. The reality is that bad management is either leading organisations to spend far more than necessary on storing and protecting their information or worse ignoring the problem and not doing either.
A key issue that has been identified is information sprawl – the overwhelming growth of unstructured information that is disorganised, difficult to access and often duplicated elsewhere. Companies believe that nearly half (42%) of their information is duplicated, meaning they are paying to store and manage much more information than they need to.
Information is core to businesses and it’s vital that they get up to speed and understand and classify the data that they need to hold on to so that they end up with a realistic amount to manage and secure. Not all information is equal and businesses need to separate useless data from valuable business information; making sure this is protected accordingly and any unwanted data is deleted.
Managing information well will not only improve efficiency and security but will in turn reduce costs.
How do you manage your data? Research shows that businesses produce 2.2 zettabytes of information each year. To put this into context, if this data was available as one page documents then you could fill the Empire State Building 1,287 times. Coping with such a huge amount of data doesn’t just call security processes into questions but also requires organisations to put the correct procedures in place so that data can be tiered for importance and access can be regulated.
Managing data effectively is a challenge every business has to face but getting it right can pay dividends for your business so here are a few steps organisations can take towards effective data management.
Consider multiple platforms: Information is no longer within the four walls of a company. Cloud-based solutions are being used – whether officially or otherwise. This means data protection is not solely concerned with device protection but the data itself needs to be secure – encryption technology is key.
Organisations must prioritise their data: Which data would you feel comfortable giving to your competitor? Is your data suitable for the public domain? These are worthwhile considerations. The consequences of lost data may be disastrous for your organisation, so make sure you can identify and protect what matters.
Deduplication and archiving: This allows organisations to save vital storage space, to speed up network backups and to efficiently target protection on the data that matters. Frequently review the data held on your servers to understand its relevancy and conduct cleanups to remove any duplicated data. Some appliances now do this process automatically.
Value your business: Now that information forms 35% of an organisation’s value it is important that every organisation has a data policy which can be supported across physical, virtual and cloud environments. These are commonly known as data retention policies and are important for managing data across an organisation. Does your organisation have a policy in place?
Technology is constantly evolving: As the amount of data we are storing increases each day, it is critical to make sure that your data centre is prepared for the future. This means ensuring expandable storage space and up-to-date security. Be prepared by having data plan in place ahead of time.
Organisations can no longer rely on data to run their businesses without considering its importance, security and how it should be accessed safely. We believe successful information management is critical for all as it is, now more than ever, a crucial part of running a business. We all need to put the “I” back in “IT”.
Statistics taken from Symantec’s ‘State of Information’ Report.
Last week’s Cost of a Data Breach Study update had one particular statistic that stuck with me and to which I keep being drawn to when discussing it with others. In the UK study, they discovered that where an organisation that suffered a breach had a Chief Information Security Officer (CISO) or someone with the equivalent level of responsibility in place, the cost per record dropped by an average of £18. I think the key word in the previous sentence is “responsibility” for a few reasons.
Firstly, we have the increasing amount of fines and penalties that can be applied to the individuals involved in failing to deliver against expectations. These have gone beyond the original highly regulated industries and out into the broader business context. With the coming updates to EU legislation, it’s likely to get more attention in the boardrooms of Briton, not less.
Secondly, and contrary to popular thinking, stopping data loss and protection of the key information assets an organisation has goes way beyond using scanners to prevent credit card details being emailed out. Primarily, it’s not a technical problem, it’s a people-process-technology challenge.
In the past, I have heard references to people-process-technology being like a three-legged stool of which you can’t remove any without falling off! This can be considered a fair comparison but, for me, the ‘people’ part of this stool is the most critical starting point. People have negotiation skills. People have perspective. People drive change.
When it comes to the role of technology in stopping data loss I view it like an exoskeleton to the people involved. That may sound a little sci-fi but what they need to be able to do is say “this stuff is important, please tell me how it’s being used, where it’s going and who uses it”. Technology enables them to reach into network pipes with gigabits of data pumping through them. Technology enables them to piece together a process involving four employees and an outside contractor. Technology enables them to see the HR director does not like using the VPN from his second home in the Cotswolds.
The reason I view it as an exoskeleton is that the knowledge of what’s important comes from the people involved, as does the appropriate response and the negotiation to get from where they are today, to a more secure future-state.
The relentless growth in information and systems shows we’re not moving towards a state where data loss won’t happen anymore. However, this report shows that if you put someone in charge with responsibility and authority to make change happen when it does occur, the impact to an organisation’s bottom-line is significantly reduced. I’m happy to predict the gap between those that take it seriously and those that stick their head in the sand will only get larger in the coming years.
OK, so we were digital long before 2002, but it was then that the amount of data stored digitally overtook that which was stored in an analog manner. A recent analysis of ‘all’ storage also showed that we now have enough capacity for 295 exabytes of information… which is about 404 billion CDs.
Of course how much if it is actually used is not presented – and neither is how much of it is repeated, i.e. the amount of unique data is probably just a fraction of that. Finding things you know exist becomes harder each day, and a good friend Adrian Seccombe has written a short post on just this problem… losing things in your digital pocket. For enterprises this particular problem is worse, with thousands of hours of productivity lost each year due to people looking for data they know exist but can’t find – and then trying to reproduce it.
Archiving with full-text indexing is one option – but that is often catching less and less information as more ‘digital pockets’ are used. Furthermore, the loss of an unsecured ‘pocket’ could now result in a £500K fine from the Information Commissioner’s Office (ICO). Data growth is inevitable, but as the legislation evolves to encompass new working practices (the cloud, consumerization of IT, social networking sites, …) so too will the risks. As ever, it is time to revisit policies around security and data management and check that they have moved with the times… and if not, make the change before they become a liability.
The new book is out… “Thinking of…Backing Up Data In Your Business? Ask the Smart Questions” has just been published by Smart Questions Limited.
Backup technology continues to move rapidly and unfortunately there isn’t a ‘one size fits all’ answer. New technology and the option of using a cloud computing service just make the decision harder. The Smart Questions series aims to give you the right questions to ask – and an understanding as to why they are important. Going into a discussion with knowledge of what sort of solution you need will help you get the right solution – rather than the wrong one!
This book has been written for anyone who has data that needs to be protected. It is aimed at all those who know that the information they create and store on their computers is important, they have heard of backup but aren’t too sure what to do next. They have heard horror stories of lost data and failed backups and so have tended to use the ‘cross your fingers and hope that nothing goes wrong’ backup strategy in the past but now want something a little more reliable.
This book is really meant for you, if you have a smaller business – the small to medium size business, SMB. It’s designed to help get you started if you don’t have a backup solution and to bring you up to date when you need to review or replace the one you have.
The book isn’t prescriptive, but it will help you make the right decisions to get the right solution for your business.
“We had looked at backup, but the more we looked into it, the more it seemed to be a real minefield. Using the book we were able to approach our technical partner who quickly helped us find the right solution“.
Ian Jackson, Director, Compact Software.
PS It would make a great present for the Holiday Season!
3.141592654… is about my limit when it comes to remembering Pi… and that seems to have worked for me. However… there is a new world record… Pi to 5 trillion places! (It’s a ’2′ if you were wondering…)
However, the real news here is how much storage it took… 6TB. Not too sure what the real point of doing this is, but it does raise an interesting point on how data is expanding – and what was previously thought as adequate and used to take a few bytes now takes MB or even GB… they call it progress.
20 years ago WordPerfect was my word-processor of choice, and I struggled to get files more than a few kilobytes, these days the average presentation is a few megabytes. Time moves on and organizations are increasingly using multi-media for internal as well as external communications programmes (and even as integral parts of presentations) - the move from ‘standard’ video to HD is another area which is driving storage requirements through the roof at 40GB per hour. When planning for future storage needs, these new technologies and ways of working need to be taken into account. It’s not just the storage that is affected, bandwidth can also be crippled with ‘legitimate’ video use which effects overall performance.
Fortunately, backup technology – both from the application and the backup media perspective are keeping up, but you still need to plan for changes.
The news last week was that EMC was closing its Atmos cloud storage service with immediate effect – you can keep using it for developmental purposes but that’s about all.
Why did it close? Industry analysts said that it never took off, and recent surveys show that it is still a way off becoming mainstream.
So… what if you have data in a cloud service provider and it decides to shut down the service? EMC isn’t the first to do this, and it won’t be the last – you do need a contingency plan. In this case, there is a grace period where you can get your data out – but, as a simple task, workout how much data you have and how much bandwidth and figure out how long it would take to get the information out. This is a simplistic view as everyone else will also be trying to get their data, so bandwidth is going to be under severe strain (the equivalent of a run on the banks…) Do you have enough local storage to hold it all and if you have data being processed by an application, then will you be able to get your hands on the application as well?
Let’s assume you did manage to get your data out, then how long will it take to get it reloaded onto another service provider’s cloud and get the application back up and running?
Business Continuity / Disaster Recovery needs to take into account outsourced (out-tasked) IT services and have contingency plans for service outages and shutdowns – planning should start now… after all there’s no time like the present.
An interesting report was published this week by Information Age and concerning IT strategies in 2009 (a hard year for most !). The report found that most effective IT strategies of the year to be:
1. Support mobile working
2. Server virtualisation
3. Unified IP network architectures
Certainly good news for the Hypervisors..
The least effective strategies were deemed to be:
1. Reduce IT staff costs
2. Outsourcing the IT organisation
3. Offshore development
That should raise a few eyebrows !
As we head into Christmas party season we can expect that alcohol-fuelled “forgetfulness” will see many work laptops and smartphones left in bars and varying forms of public transport as people raise a glass to celebrate the festive season as well as having survived an incredibly difficult year.
In an increasingly mobile workforce the number of corporate devices with sensitive data on them, such as laptops and smartphones, is growing. In fact, ABI Research recently stated that the number of smartphones shipped this year was 178.3 million.
With that in mind, please be careful that you store your laptops and phones in a safe place before ordering your first tipple.
So course Christmas parties are a time to let your hair down and have fun. However, losing a work laptop or smartphone could leave you with more than just a hangover. If your business doesn’t operate daily back-ups then it may not be able to recover your precious corporate information. The worst case scenario will be if the device has fallen into the wrong hands, as it poses an incredible security risk. A criminal will be able to use the unprotected laptop or smartphone to access very sensitive corporate information – which they could then sell for considerable profit in the black market.
Listed below are 10 of the most common documents a cybercriminal will try to access should your device inadvertently fall into the wrong hands:
1. Your credit card information e.g. credit card number, magnetic stripe information, transaction data
2. Your employee information e.g. employee ID, salary and benefit information, personal health information
3. Sensitive customer data e.g. name, date of birth, national ID number
4. Price lists
5. Design documents
6. Source code
7. M&A contracts
8. High net worth client lists
9. Marketing plans
10. Financial earnings reports (during quiet period)
With this abundance of precious information available on corporate laptops and devices, make sure you take necessary precautions to minimise risk, should they fall into the wrong hands. Firstly both laptops and smartphones should be locked with strong passwords. Also, you shouldn’t forget about physical security – laptops can locked down with cables and Kensington locks and PDAs can be protected in locked cases.
However, should you fall victim, follow this guide and also informing your IT manager immediately, so that the device can be remotely disabled.
Symantec today announced it is offering its next-generation security and enterprise-class storage management solutions through the Amazon Elastic Compute Cloud (Amazon EC2). Symantec Endpoint Protection and Veritas Storage Foundation Basic are now available on Amazon EC2. Businesses can leverage the Symantec solutions to add additional protection to their Windows servers in the cloud with comprehensive threat prevention and manage their cloud storage online with a single toolset that delivers reliability, scalability and high performance.
“As many businesses increasingly leverage the cloud for applications and services, they want to protect and manage those environments with the security and storage management solutions they are used to from Symantec,” said Greg Hughes, group president, Enterprise Product Group, Symantec. “By taking the same proven security and storage management solutions that organizations have come to rely on in their data center and extending them to Amazon EC2, Symantec is delivering on its commitment to provide value in the cloud.”
“As a web service that provides resizable compute capability on demand, Amazon EC2 makes web-scale computing easier for customers of all sizes,” said Steve Rabuchin, General Manager of Developer Relations and Business Development for Amazon Web Services (AWS). “We’re pleased that our mutual customers can now extend familiar Symantec security and online storage management solutions to the AWS cloud.”
Amazon EC2 users now have access to key protection technologies provided by Symantec Endpoint Protection. Symantec Endpoint Protection combines Symantec AntiVirus with advanced threat prevention to deliver defense against malicious attacks such as viruses, worms, spyware, Trojans, zero-day threats, and rootkits. Symantec Endpoint Protection helps ensure information remains safe and business assets are protected wherever that information resides.
Amazon EC2 users also now have access to advanced online storage management capabilities provided by Veritas Storage Foundation Basic from Symantec, allowing them to manage multiple hosts from a central interface and optimize storage performance and availability online. Storage Foundation enables non-disruptive storage operations through GUI-based management and online configuration with dynamic disks.
“We have been running Symantec Endpoint Protection locally to secure the endpoints and servers in our computing environment and have been very pleased with the level of protection it has provided,” said David Jordan, CISO of Arlington County. “As our infrastructure becomes more of a mix between on-premise and off-premise offerings, we look forward to leveraging these new delivery models for security and storage solutions.”
Today’s announcement marks another significant step in Symantec’s cloud strategy to deliver customers unmatched choice in the adoption of cloud solutions based on the company’s enterprise class products. For more information, please visit http://www.symantec.com/cloud.
Licensing and Availability
Symantec Endpoint Protection and Veritas Storage Foundation Basic are available now in the form of custom Amazon Machine Images (AMIs) that allow customers to run Symantec provided instances on Amazon EC2 on a pay-as-you-go, hourly basis.
Customers can subscribe to these custom AMIs and find additional information about Symantec and Amazon Web Services at http://www.symantec.com/amazon.