Consider data management an ultimate business risk/reward. There’s an expense in storing and properly handling data, but the cost pales in comparison to the “reward” of keeping data safe and secure. Loss of data is crippling, and many businesses cannot take that sort of branding hit. Constructing a data management strategy typically involves the cloud.
The cloud does have significant benefits, namely low capital expenses, high availability, and instant scale that can be adjusted up or down in tune with business needs. Despite these benefits, there are limitations to the cloud, especially for firms that rely solely on cloud services.
Understand the cloud’s limitations:
• File management is the responsibility of the client. If a company moves its sales figures to a cloud folder, and then a glitch causes the file to become missing or unreadable, the cloud provider cannot do much about it. Even if the client did not have a case of “user error”, there’s no recourse with the cloud provider. Managing the files and ensuring backups are in place are the client’s responsibility.
• The “neighbourhood” is public and crowded. With the multi-tenant public cloud, companies have their data in close proximity. If another firm experiences a security breach, and hackers gain access to public cloud data, then you’re company could also be exposed. Public clouds are inexpensive and provide scale, but the shared environment should give pause to firms that looking for a safe haven for sensitive data.
• The cloud must have the internet. While it’s an obvious statement, it does bear repeating. Companies that experience a power or ISP outage will not be able to access their cloud data. “Businesses run on data” goes the familiar refrain, and firms that put mission critical information in the cloud run the risk of business interruptions during an outage. Look at physical media backups to provide an extra layer or protection.
• Some providers are disreputable. The public cloud market has evolved and is now dominated by just a few players. While companies should look for lower pricing, they should stay away from lesser-known providers that might not offer the security, reliability, and customer service of the bigger established names. Do not put data in jeopardy unnecessarily by “bargain shopping” for storage.
Armed with a deeper understanding of what the cloud is and is not suited for, businesses can better draft strategies for manage and store their data:
• Build a detailed plan. The marketing and sales teams likely have written plans for their efforts, and IT should follow a similar track when it comes to data storage and protection. A plan with step-by-step instructions is crucial, especially if it details the personnel responsibilities for every data management decision. A plan means transparency and accountability, because every member of the organisation should understand how their role impact data security. The plan should clearly delineate responsibility and scheduling for data backups, who manages cloud and physical storage assets, and who will manage “damage control” communications in the case of data loss.
• Create multi-layered backups. Data duplication across multiple types of storage is an essential part of the management plan. Both cloud and physical storage are inexpensive, allowing companies to hold massive amounts of data at consistently decreasing costs. Mix together public and private clouds along with on and off-premises physical storage to build “backups of the backups.”
• Manage devices carefully. Hard drives and especially SD cards should be handled with the utmost care, as they’re fragile and not ideally suited for long-term data storage. Even with the cloud, some personnel will still need to use physical portable media in the field. Perhaps they’re taking video of a company event or need access to large PDF files while in remote locations. In either case, the employee will handle laptops with hard drives and camera devices with SD cards. The data management plan should include direction on how to handle such devices, including the need to keep them free of dirt, excessive heat, or liquids. There should also be rules on how long data should reside on such devices before it’s placed in approved longer-term storage.
• Know the laws and regulations and manage access. Many firms that look deeper into the cloud’s limitations will see the regulatory and compliance risks that can come from multi-tenant clouds. Ensure all of the data management regulations are exceeded to prevent lawsuits or fines. The data protection plan should be a dynamic document that is updated whenever regulations concerning Personally Identifiable Information (PII) are adjusted.
Staying in compliance means reducing external and internal threats to data security. Companies should strictly manage access rights of both employees and any third-parties that can view or edit company information. The data management plan should strike a balance between giving employees access to the data they need to complete their work, and restricting data to only those that truly need it.
• Centralise and organisation. Consider the data sources of the modern medium to large-sized business. The company pulls data from dozens of sources, including social sites, customer service, email, mobile marketing, CRM, BI, and many others. A core part of a data management plan should involve organising these sources and placing them under centralised management, which helps eliminate duplicated efforts. Staff can work efficiently because the data they need is easily accessible, and by comparing and combining data sets, they might be able to engage in analytics to uncover hidden correlations. .
• Use metrics and test the plan. Marketing (and upper management) will review the marketing plan frequently to ensure it’s on the right path to spur growth and a positive brand image. IT should do the same with the data management plan. Such a plan should include various benchmarks and goals as well as data that can be reviewed on a schedule. The plan itself should be a dynamic document that is edited based on the availability of new data sources, personnel growth, technology adjustments, and a host of other reasons. IT should introduce automated tools to track employee’s access to data, keep track of data backups, and to spot breaks in protocol. Testing the plan is essential, and can involve a review of each person’s responsibilities, the resiliency and security of storage, and other criteria.
IT departments that understand the cloud’s limitations will be able to make more informed choices about how the company manages and stores data. They’ll be able to leverage the cloud’s unparalleled benefits while protecting the most sensitive data, and putting into place a mix of storage capabilities that ensure data is backed up and safe.
David Zimmerman, CEO of LC Technology International
Image Credit: Everything Possible / Shutterstock