While cloud computing provides plenty of advantages for companies in terms of speed of deployment and cost, it also creates challenges – and risks – when it comes to data storage. When a company uses multiple cloud providers, IT may lose visibility into data as well as the ability to effectively manage it.
A survey of 2,550 senior IT decision makers across 22 countries conducted by Vanson Bourne lays out the problem in stark terms. It found that 52% of all corporate data was “dark” or untagged – meaning the organization doesn’t know what value it has, if any. The study also found another 33% of data was redundant, duplicated, or obsolete, having no business value. Do the math and that leaves only 15% of data that is classified as business-critical.
To understand how we got here, and what to do about it, we recently spoke with Walter Wintermute, a Global Services Product Manager with Veritas who is in the trenches with customers and sees first-hand what goes on. The problem is, it’s easy for data owners throughout the business to spin up file shares, often in the cloud, and open them up for employees to store data, he says. Much of the data is never tagged or classified, putting it in that “dark” category.
Email is another issue. “People store hundreds of millions of emails in .pst files. They may contain sensitive, confidential information, and they stick around forever,” Wintermute says. “I’ve been in banks where we scan 100TB of data and 25% of if it are .pst files that contain millions of unindexed emails.”
The risks inherent in dark data
All this dark data stored both on-premises and in multiple clouds creates numerous problems and risks. First is cost.
“I see data that hasn’t been accessed in 10 years or more stored on the most expensive storage tier,” Wintermute says. Then, of course, there’s that 33% of data that has no business value but is nonetheless taking up storage capacity.
Dark data also presents security and privacy risks. Files may include personally identifiable information (PII) that is covered by regulations such as the EU’s General Data Protection Regulation (GDPR) or the California Consumer Privacy Act, yet they’re left on public file shares.
“We frequently find files on corporate network shares containing salary information, Social Security numbers, and bank account information,” Wintermute says. “I’ve also seen gigabytes of files infected with ransomware, and the IT administrator wasn’t aware they’ve been attacked.”
Legal risks are another issue. “Over 50% of employees store personal photos and 33% store videos,” he says – including bootlegged copies of movies like Star Wars that may put the company at risk for copyright violations.
Getting a handle on dark data
To get a handle on the problem, companies should first ensure they classify data before moving it to the cloud.
“Classification can tell you which files are too sensitive to move to the cloud, and maybe you’ll find 30% can be deleted, which means significant storage savings,” Wintermute says.
Next, companies need a storage-agnostic application that can see dark data both in on-premises-based storage and in the cloud from a single pane of glass, giving them the ability to effectively manage it. Veritas Information Studio, for example, can connect and scan more than 25 data sources, both on-prem and in the cloud.
It can also help you classify data as well as identify any files that contain PII and move them to secure storage if need be, Wintermute says.
“In a couple clicks, you can see where all the stale data is, where all the non-business data is located, all the emails.” And any rogue copies of Star Wars, too.
To learn more, go to https://www.veritas.com/