In today’s digital age, we’ve become a nation of data hoarders. As our lives become more digital, we save everything, from our entire digital communication world of texts, whatsapps, IMs and emails, to all the videos and vines we found interesting at the time, but failed to delete. We pollute our data storage through the multiple backup and sync cycles of mobile devices, with files we don’t want or need to keep.
Cheaper storage has exacerbated the issue. Once upon a time, you quickly reached the point where your phone wouldn’t take a new photo until you deleted some of the old ones. But not anymore. Today we take five photos instead of one, “just to be sure”. And that’s because we can store as much as we want.
Businesses are beginning to struggle with the challenges brought on by this growth of data mixed with traits of human behaviour.
Organisations have impulsively reacted to this data explosion by hoarding data in the hope that one day they’ll get round to mining it for something useful or of business value. But instead they’re creating a digital wasteland.
The low cost of storage, huge email records and lack of organisational procedures for managing data don’t help solve the data volume issue. Also contributing to the hoarding culture are employees downloading trivial files, such as personal music, photos and cat videos to company storage. Yet, of greater significance are the key personal data items such as passports and credit card information. While a percentage of the data will inevitably be valuable, much of it is redundant, obsolete, trivial (ROT) or unknown (‘dark’) and hasn’t been accessed in years.
The recent Veritas Data Genomics Index found that 41% of data hasn’t been touched in three years. With the exception of regulatory or compliance requirements, three years is a general standard for when data goes from potentially relevant to stale. And yet organisations are hoarding data and not deleting files that hold no value for them.
Risks of data hoarding
If not properly managed, data hoarding can cause serious issues for businesses in several ways. There are cost implications around supporting unnecessary storage. Potentially more damaging are the security and compliance risks, which not only carry financial, but also reputational penalties. Extending your data storage may not be an option as while storage might be cheap, it’s not free. The unnecessary storage of data can cost organisations in Europe a cumulative $891bn by 2020 to manage.
There are also security and compliance risks to consider. The recent Veritas Data Hoarders Report shows that 73 per cent of all respondents store data potentially harmful to their organisations. Unencrypted data typically increases the risk of a data breach. And many admit that the volume of data slows down response times in the event of breach. Ultimately, companies are not secure or compliant if they can’t see what is stored. This unknown is a huge legal and financial risk.
With the European Data Protection Regulation (GDPR) fast approaching, businesses cannot afford to hoard non-compliant data which could lead to huge fines of €20m (approximately $23 million U.S. Dollars) or 4% of a business’ global annual turnover – whichever is higher.
Cleaning up your digital estate
In order to clean up their digital ‘home’ and avoid all the associated risk of data hoarding, businesses need to take action – and quickly. Here are some tips for organisations to consider as they strengthen their information risk management policies.
Culture and Behavior Changes: Constantly educate employees that the company’s IT systems are not their property and the costs of their risky behaviour. This helps employees appreciate the value of information, paving the way for better data management.
Define Collaboration and Responsibility: Compliance teams, marketing and IT have a stake in corporate data. Establish a collaborative culture between these departments. A CDO could help translate the business needs into clearly defined data management and analytics processes.
Visibility and Classification: Understand what data is stored becomes more difficult when the company’s infrastructure is fragmented. Turn the lights on. See what is stored, who is accessing it and how often. Then classify data based on a bespoke data retention policy. Only 16% of organisations do all of this today.
Identify and Remediate Risks: If you don’t know what you’re storing, you can’t be compliant. Employees hoarding personal files could violate copyrights, not to mention data privacy rights. Analysing and classifying dark data enables a workable information governance strategy.
Start to Delete: Focus first on data that is obviously redundant, trivial or obsolete. Deletion of these files should be guided by a policy and should happen at least once a quarter. A deletion in September, for instance, could help clear out employees’ summer holiday photos and videos.
Peoples’ digital lives now span multiple years. That’s potentially a decade of photos, videos, Skype chats, Facebook messages and emails. There is enough, probably too much data, but there’s not enough good information.
David Moseley, Global Solutions Manager at Veritas
Image Credit: Scanrail1 / Shutterstock