Article Written By David Zimmerman, CEO of LC Technology International

IT should be able to frame data management as a classic case of business "risk/reward". The risk comes in the form of the cost of data storage, but this expense is greatly surpassed by the reward that comes secure and reliable data. The loss of data will cripple a business' ability to function and deliver a sometimes fatal branding hit. Protecting data involves creating a well-planned data management strategy, which usually involves cloud services.

The cloud's benefits are well known. It requires low capital expense to use the cloud, it's highly available, and offers instant scale that can be dynamically adjusted in time with business needs. There are however limitations to the cloud that are important to recognize, so firms can properly adapt their strategies. 

Detailing the cloud's limitations:

• With the public cloud, every company's data is within a crowded environment. Multi-tenant cloud environments means data from one client is in close proximity all of the others. A breach affecting one client could mean hackers now have access to all of the tenants and their information. While the public cloud offers instant scale and is relatively inexpensive, the shared environment is a risk, especially for firms managing very sensitive data.
  

• Management and movement of files is the client's responsibility within the cloud. This provides flexibility and control, but it also means cases of "user error" are the client's responsibility. If a firm moves all of their marketing prospects data to a cloud folder and a glitch occurs that renders the information unreadable, then the cloud provider cannot likely do anything for recovery. The management (and essential backup) of files are the client's responsibility.
  

• The cloud and internet are of course inexorably linked. Cloud services cannot be accessed without a stable internet connection, so a power or ISP outage means clients will need to work without needed data. Of course the modern business runs on data, so firms that place mission-critical data in the cloud must have redundant systems such as physical media backups in place to help them manage internet interruptions.
  

• Not all cloud providers are the same. The public cloud industry has evolved and consolidated, and a few players now dominate. However, there are still many firms out there that might offer reduced pricing in order to attract a sliver of market share. Companies should be wary of unknown providers why might not offer the reliability, security, and customer service of the bigger firms. Unreliable firms dampen the client community's trust in the cloud to provide a stable data platform.
  

Understanding the limitations of the cloud provides companies with valuable context, so they can spot situations where the cloud is and is not the right choice for their data needs. And they can develop strategies to properly store and manage data:

• Write a detailed management plan. Any competent sales or marketing team will have a written plan that outlines their short and long-term efforts, metrics, and goals. IT should follow suit with a data storage and protection plan that features step-by-step instructions for the entire department and every involved individual.
  

Formal plans introduce transparency and accountability. They delineate the responsibilities of every staff person as it relates to data security, whether it's regarding password management for cloud access or who is responsible for data backups. Planning can greatly reduce the risks of data loss, and provide the opportunity for a "damage control" team that can guide the company through any unfortunate event.

• Backup the backups. Tackling the cloud's limitation of reliability should involve a multi-level backup plan. Data duplication that occurs across various storage types is recommended, with a mix of physical and cloud services used in concert. Going back to the "risk/reward" analogy, storage is very cheap, and companies should use a blend of redundant storage to hold large amounts of data at an ever-decreasing cost.
  

• Handle devices with care. Using a blend of storage mediums to manage the limitations of the cloud often involves leveraging physical on-premises hard drives. Staff in the field might also still use laptops or other physical storage that cannot be always connected to the cloud. Perhaps employees are taking video footage of their company's tradeshow booth and demo, and therefore need to use portable SD cards for storage. In either case, the proper handling of such devices is crucial to preventing data loss. The data management plan should provide tips on device handling, for example the use of protective cases, keeping them away from heat and dirt, and not swapping out SD cards between devices to avoid corruption issues.
  

• Understand the dynamically-changing laws and regulations. Looking deeper into the cloud's limitations can uncover the regulatory and compliance issues from multi-tenant cloud environments. The data management plan should include detailed sections on the current regulatory requirements, and procedures for frequently checking the updated policies. Any company that manages Personally Identifiable Information (PII) should be especially in tune with reducing any internal or external threats to their data security.
  

Cloud services that hold PII and other compliance-regulated data should be managed with strict data access rights, complex mandated password protocols, and procedures for revoking rights from vendors or departing employees.

• Centralize all of the relevant data. The data that can be shifted to the cloud might come from dozens of sources, from social media content to CRM or BI systems. The data management plan should identify and organize all of these data sources and then IT should move them into a centralized secure location. Such organization offers additional benefits of improving access to information, boosting efficiency, and powering analytics engines to find hidden insights from data.
  

• Use metrics perform testing. The successful sales team will frequently check on their progress as compared to the plan and test their procedures (for example prospect-to-lead efforts) in order to gauge performance. IT should follow a similar structure when it comes to the data management plan. By writing down various benchmarks, the plan gives IT some goals and ties their efforts into the overall business' success. For example, there could be a percentage goal for movement a certain amount of the company's data to the cloud by a certain date, or a reduction in the number of unauthorized user access incidents. IT should leverage automated tools to track the employee's usage of data, so they can for example spot an employee who downloads thousands of customer records without a valid business reason.
  

Testing the data management plan should involve making sure every employee understands their role in protecting and accessing data, a review of the security protocols used by chosen cloud providers and any in-house storage, and various other criteria.

With a strategic plan in hand, IT can enjoy the benefits of the cloud while protecting data through backups and personnel training. Forward-thinking IT departments will recognize the cloud's limitations and use that knowledge to their advantage by creating data management plans and practices that mold to those limitations.

##

About the Author

 

David Zimmerman has been in the hardware/software industry for over 35 years, specifically in the data recovery software market for 20 years. During this period, he has been involved in the creation; marketing and support of the earlier drive recovery software products to enter the PC market and successfully marketed them both nationally and internationally. His company makes data recovery products for most of his competitors. His experience in the market has made him uniquely familiar with the data recovery business.