Big Data, bigger risks

Enterprises are literally drowning in data and while this can provide valuable insight it can also be a double-edged sword. Here's what businesses can do to protect themselves and their data.

Business leaders today live in interesting times. Despite economic instability, customers, suppliers and shareholders expect ever faster service, in ever broader geographies, and ever greater returns on their investment.

As businesses increasingly turn to technology, the wider usage of mobile devices - from smartphones to tablet PCs - is driving data generation and consumption. Enterprises are literally drowning in data and while this can provide valuable insight it can also be a double-edged sword.

Key technology trends for enterprise 2012

Technology is increasingly being used to transform the business landscape, with a view to turning uncertainty into opportunity. Here are some of the key trends that we are keeping an eye on at the moment.  

  • Demand for High-IQ Networks to handle new smart devices or software applications connecting people-to-people, machine-to-people or machine-to-machine.
  • The growth of the social enterprise with the web-centric enterprise becoming even more social.
  • The consumerisation of IT with many companies trying to improve the user experience and enhance productivity by tailoring enterprise IT policies to support employees who bring their own smartphones and tablets to the workplace.
  • Enterprise cloud solutions coming of age and dramatically reducing capital expenditures, creating business efficiencies and playing an essential role in mobilising enterprise apps that enable workforce mobility.
  • The rise of big data driving innovation and creating new business opportunities through predictive analytics while empowering evidence-based decision making for greater success. 

 All of these trends have a significant impact on the amount of data circulating and being stored within the enterprise. In 2011, IDC stated that the quantity of information stored in the digital universe would surpass 1.8 zettabytes, (1.8 trillion gigabytes) that year – a growth factor of nine in just five years. Enterprises were shown to have some form of liability for 80 per cent at a point in the information’s digital life, for example in its storage, security, privacy and reliable delivery.

Understanding risk

So the data that can help shape what a company sells and when and how they sell it can also be a potential minefield. Given that the data sets will more often than not contain confidential and proprietary information companies need to pay particular attention to compliance. However, that’s not where the problem lies.

Within the enterprise environment, data is the ultimate proprietary asset and most IT organisations have implemented some kind of security on the data they have. It’s the data, devices, and systems they don’t know they have that present a problem. 

This is why it is critical that all data within a corporation—at rest or in transit—is discovered and identified. Data residing on servers “under the desk” or on employee laptops is a good example of ‘unknown’ data sources.

Not ‘good enough”

Many organisations resist regular reviews of security initiatives as they believe that the status quo is ‘good enough’, and are unwilling to spend more if it’s not ‘needed’. These perceived savings are, however, inaccurate. One breach – intentional or inadvertent - can easily exceed the cost of a solid security program multiple times.

The 2012 Verizon Data Breach Investigation Report (2012 DBIR) analysed 855 data breaches across 174 million stolen records – the second highest data loss that the Verizon RISK (Research Investigations Solutions Knowledge) team has seen since it began collecting data back in 2004. Surprisingly, 97 percent of the attacks analysed were avoidable, without the need for organisations to resort to difficult of expensive countermeasures.

 Here are a few basic security recommendations that could save enterprises a lot of heartache:

  • Eliminate unnecessary data. Unless there is a compelling reason to store or transmit data, destroy it. Monitor all important data that must be kept.
  • Establish essential security controls by ensuring fundamental and common sense security countermeasures are in place and that they are functioning correctly. Monitor security controls regularly.
  • Place importance on event logs. Monitor and mine event logs for suspicious activity.
  • Prioritise security strategy. Enterprises should evaluate their threat landscape and use the findings to create a unique, prioritised security strategy.

Data visibility through data classification

When considering a vast amount of data, enterprises should ask themselves three basic questions: ‘Where is the data?’ ‘What is the discovered data and to whom does it belong?’ and finally ‘How is this identified data used and why is it important?’

Classifying data helps organisations manage business growth. In reality, IT departments may not grow at the same rate as the data volumes themselves. Simply ‘getting bigger’ is increasingly impractical. New computing models are increasingly being seen as the key to big data infrastructure.  Cloud computing helps reduce capital expenditure on hardware, software and services by only paying for what have been used.

Today’s cloud-based services must maintain a high level of availability to meet rigorous service level agreements. But probably the biggest advantage is that cloud computing offers security that is often stronger than that typically found in today’s enterprise. Cloud providers have specially-trained security teams, a robust environment, and security protocols that stay current with the latest threats—something most IT organisations struggle to keep up with.

IDC estimates that by 2015 nearly 20 per cent of all information will be touched by cloud computing service providers and as much as 10 percent will be maintained in a cloud. The idea of storing big data in the cloud is not only one that seems set to stay – it’s one that is already here.

If businesses can take a ‘leap of faith’ away from the status quo, and seize the potential new technology trends offer, the end result is likely to be a future where business is dramatically different. Collaborative business ecosystems, joint ventures, partnerships, and secure outsourced models are set to be the new business norm – but what is clear is the leading role that technology will play in the re-engineered and re-imagined enterprise.

John Karabin is the Area Vice President of Verizon Business