2017 – the tipping point for data being outside your control?

More companies are betting on public Cloud services and applications.

Analyst firm IDC released research on software spending in Western Europe in the first half of 2016. Of the total volume of spend on software by companies, the amount dedicated to public cloud services went from 11.6 per cent of software in 1H15 to 14.7 per cent in 1H16. This represents about $7 billion in more spend that is now devoted to public cloud in that six-month period.

More companies are betting on public Cloud services and applications. However, this will require some big changes in how IT and business teams consider how they manage services over time. These predictions cover some specific changes that company IT teams will have to factor into their plans for 2017.


Prediction #1 – In 2017, more than 50 per cent of enterprise data will be outside the enterprise

Over the past few years, the volume of data that companies create has grown massively. However, where that data is being saved has also changed. Rather than being located centrally as it was in the past, data is now spread more widely across a business. Everything from emails and documents through to sensitive files and databases may be saved locally on individuals’ phones, tablets and laptops; similarly, data is now getting stored in cloud applications or on branch office file servers.

In 2015 and 2016, around 40 per cent of enterprise data was estimated to be outside the central control of IT. In 2017, this will go past the 50 per cent barrier. 

How do company IT teams apply security and data protection policies when all the files are out at the edge of the organisation? This will call for more use of automation around spotting what kinds of files users are creating, whether the information in those files requires additional security, and then tracking over time.

Prediction #2 – Getting more insight into what people actually do with data will be a strategic goal

Alongside this increasing use of data out at the edge, IT teams can benefit from more insight into what roles people play within the organisation as well as how those roles rely on cloud applications and services. This can help with longer-term management of IT services and data security.

For example, staff in the marketing department may use cloud-based customer relationship management systems, marketing automation tools and standard productivity apps like email. All of those systems can live in the cloud and store data. However, reports using information from those systems can be stored locally for people to work with; they can also share data sets between each other.

This role can handle sensitive customer information on a daily basis, yet all the information is outside the remit of traditional IT. Recognising this kind of work pattern can help IT ensure that it is supporting business processes with security advice and best practices, even when all the services are external.

Alongside this, spotting non-standard behaviour can also be improved. If a marketer downloads a customer database locally when that information has never been stored outside the Cloud before, is that behaviour suspect? Alternatively, is there a valid business reason and IT just needs to ensure that the data is stored securely while it is required? Either way, IT will need to react more to these kinds of activities that previously may have transpired without any oversight at all.

Prediction #3 – As a sector, information management will get more interesting

Information management as a discipline refers to the wider lifecycle that should exist around company data. From initial creation of new data and files, through classification and management over time, through to long-term storage and archiving, this discipline has existed for years.

Traditional markets like enterprise content management and information management overall have been fairly static compared to the huge growth of spend and interest around big data and analytics. However, these traditional management disciplines will come back to the fore as more companies migrate their systems to the Cloud.

Individual information management tasks like managing files for legal hold and compliance requests, data protection and archiving will start to merge as more information is stored in the Cloud. Making use of multiple services around these sets of data should make sense as the time to deploy traditional services for legal hold requests can be days. 

These time savings can provide huge advantages for users across the business, not just IT. However, the result here will depend on an ecosystem developing between the different services that built on the Cloud. Without these connections, you just have islands of data that can’t achieve what is required.

Prediction #4 – Ransomware will continue to hit people and businesses – the impact on companies will be higher and lower

Ransomware has the biggest malware trend for 2016 and there are no signs that this will slow down in 2017. Trend Micro estimates that there will be around 25 per cent more ransomware families developed in the next twelve months.

For companies, the prospect of losing all their data can force them to pay up. However, in the next year, the potential impact on companies will diverge between those that are momentarily inconvenienced by ransomware and those that are seriously affected and see significant financial losses from an event.

For those companies that either have thorough backup plans in place – or implement data protection to prevent ransomware attacks – the ability to recover means that any incident should be simple to resolve. Re-imaging machines and using backup data can be done quickly, while using cloud-based services can help protect data that is outside the enterprise data centre just as well. This level of preparation should ensure that any business impact is minimal.

However, the continuing development of ransomware in 2017 will affect those without backup more harshly. Currently, many ransomware families have flaws in how they are created that can be used to decrypt files without paying a ransom. As malware writers can see these issues found and fix them in the future, these easy vulnerabilities in the malware code will disappear over time. This will lead to more potential problems for those companies without backup strategies in place.

Prediction #5 – More collaboration around information will force more collaboration across businesses

The development of new regulations around data protection by the European Union has put more emphasis on how companies of all sizes will deal with customer data over time. However, multiple teams within the business use customer data while other departments should also be involved in how this data is managed over time. With so many teams involved, information management disciplines will be required.

The European Union’s General Data Protection Regulation will force teams and departments across businesses to collaborate around compliance. Business departments will have to collaborate around their processes for handling data, while teams like IT and legal will also have to stand shoulder to shoulder in establishing how best practices are implemented. 

In order to make this work in practice, companies will establish cross-business teams that can ensure everyone works in the same direction. At the same time, CEOs and leadership teams are keen to know how their companies will progress to becoming compliant. Without this leadership support and collaboration, businesses will find it more difficult to manage their compliance efforts. There will also be more potential for gaps in compliance to be missed or develop over time.

The need for GDPR compliance will force companies to put better data management processes in place, but at the same time, the majority of company data will exist beyond the data centre. This shift towards the edge will therefore force companies to re-consider their approaches to information management. We are at a tipping point for data moving into the Cloud, but Cloud can help extend those data management strategies across all the locations where company data might reside.

Jaspreet Singh, CEO, Druva
Image source: Shutterstock/alexskopje