Article by Commvault systems engineering director Gary Lim
Businesses often tend to collect data for data’s sake.
That data then sits in storage with no business unit using or needing it.
When data is the catalyst behind how businesses operate in today’s digital economy, simple data capture is not enough.
In order to succeed, businesses need to rethink how they analyse and interact with it. Businesses are also scrambling to understand their data, how to protect it and when to leverage it effectively as new regulations come into play, such as the General Data Protection Regulation and Personal Data Protection Breaches schemes.
The shift in the role of data in businesses is taking shape in Singapore.
The Singapore government provided a clear direction in this year’s budget for businesses to find ways to unlock more value in data not only in quantity but also quality.
For example, the Open Innovation Programme, managed by the Info-communications Media Development Authority virtually matches enterprises of all sizes to infocommunications and technology firms with the aim to accelerate digital transformation.
Data, now recognised as the core to the success of new initiatives, must be protected. Taking an integrated approach to data protection needs to be tailored to businesses and across all facets of people, processes and technology to keep it safe.
Despite this, data protection fails to garner the attention it needs, despite the need to move it to the very top of cybersecurity agendas.
Businesses’ access to and reliance on data also means that the risks are higher than they've ever been.
Businesses are well aware that they have to be prepared for data loss scenarios and develop recovery plans.
However, prevention and recovery do not equate to protection.
What is absent for many businesses is a holistic approach to data protection.
Businesses must have a clear understanding of what data protection is and close the gaps in their protection strategies.
Yes, data protection means ensuring data is safe and secure, but it also means ensuring that the same data is always available and always online.
Organisations struggle with three key issues when it comes to data protection:
Fortunately, there are practical steps organisations can take to overcome these challenges.
First and foremost, if data protection is not part of a business’ cybersecurity strategy, it should be.
Data protection is as much related to cybersecurity as it is to storage.
In addition, data risk and loss can come from various sources: internal, external, malware, system failure, human error, fire or flood.
Businesses need to have a management and recovery plan for each of these scenarios.
Saying that, it’s impossible to protect what we can’t see.
Data no longer lives within an organisation – it also exists in the cloud, running applications and via other third parties.
Unfortunately, many businesses assume these third-party vendors are responsible for the data they are entrusted with.
Some mistakenly believe that migrating data to the cloud will automatically provide advanced security.
This is not the case.
Businesses are responsible for their data and information, irrespective of where it lives.
It is important for businesses to understand the concept of shared responsibility and their role play in the ecosystem.
Despite this, when it comes to making key decisions, two-thirds of businesses have access to less than 50% of their data.
Commvault estimates that when it comes to insights, only 30% of data is active, with the bulk in secondary storage.
Businesses are missing out on the opportunity to put data to work and glean better insights. This demonstrates the importance of knowing where data is stored in order to drive value across the business.
The final, critical piece of the data protection puzzle is ensuring that a business has access to its data, all the time.
Businesses today are extremely susceptible to data loss and breaches.
Considering the critical role data plays in all businesses, protecting it should be at the top of cyber agenda.