Article Written By David Zimmerman, CEO of LC Technology
International
IT should be able to frame data management as a classic case of business
"risk/reward". The risk comes in the form of the cost of data storage, but this
expense is greatly surpassed by the reward that comes secure and reliable data.
The loss of data will cripple a business' ability to function and deliver a
sometimes fatal branding hit. Protecting data involves creating a well-planned
data management strategy, which usually involves cloud services.
The cloud's benefits are well known. It requires low capital expense to
use the cloud, it's highly available, and offers instant scale that can be
dynamically adjusted in time with business needs. There are however limitations
to the cloud that are important to recognize, so firms can properly adapt their
strategies.
Detailing the cloud's limitations:
-
With the public cloud, every company's data is
within a crowded environment. Multi-tenant cloud environments means data from
one client is in close proximity all of the others. A breach affecting one
client could mean hackers now have access to all of the tenants and their
information. While the public cloud offers instant scale and is relatively
inexpensive, the shared environment is a risk, especially for firms managing
very sensitive data.
-
Management and movement of files is the
client's responsibility within the cloud. This provides flexibility and
control, but it also means cases of "user error" are the client's
responsibility. If a firm moves all of their marketing prospects data to a
cloud folder and a glitch occurs that renders the information unreadable, then
the cloud provider cannot likely do anything for recovery. The management (and
essential backup) of files are the client's responsibility.
-
The cloud and internet are of course inexorably
linked. Cloud services cannot be accessed without a stable internet connection,
so a power or ISP outage means clients will need to work without needed data.
Of course the modern business runs on data, so firms that place
mission-critical data in the cloud must have redundant systems such as physical
media backups in place to help them manage internet interruptions.
-
Not all cloud providers are the same. The
public cloud industry has evolved and consolidated, and a few players now
dominate. However, there are still many firms out there that might offer reduced
pricing in order to attract a sliver of market share. Companies should be wary
of unknown providers why might not offer the reliability, security, and
customer service of the bigger firms. Unreliable firms dampen the client
community's trust in the cloud to provide a stable data platform.
Understanding the limitations of the cloud provides companies with
valuable context, so they can spot situations where the cloud is and is not the
right choice for their data needs. And they can develop strategies to properly
store and manage data:
-
Write a
detailed management plan. Any competent sales or marketing team will have
a written plan that outlines their short and long-term efforts, metrics, and
goals. IT should follow suit with a data storage and protection plan that
features step-by-step instructions for the entire department and every involved
individual.
Formal
plans introduce transparency and accountability. They delineate the
responsibilities of every staff person as it relates to data security, whether
it's regarding password management for cloud access or who is responsible for
data backups. Planning can greatly reduce the risks of data loss, and provide
the opportunity for a "damage control" team that can guide the company through
any unfortunate event.
-
Backup
the backups. Tackling the cloud's limitation of reliability should involve
a multi-level backup plan. Data duplication that occurs across various storage
types is recommended, with a mix of physical and cloud services used in
concert. Going back to the "risk/reward" analogy, storage is very cheap, and
companies should use a blend of redundant storage to hold large amounts of data
at an ever-decreasing cost.
-
Handle
devices with care. Using a blend of storage mediums to manage the
limitations of the cloud often involves leveraging physical on-premises hard
drives. Staff in the field might also still use laptops or other physical
storage that cannot be always connected to the cloud. Perhaps employees are
taking video footage of their company's tradeshow booth and demo, and therefore
need to use portable SD cards for storage. In either case, the proper handling
of such devices is crucial to preventing data loss. The data management plan should
provide tips on device handling, for example the use of protective cases,
keeping them away from heat and dirt, and not swapping out SD cards between
devices to avoid corruption issues.
-
Understand
the dynamically-changing laws and regulations. Looking
deeper into the cloud's limitations can uncover the regulatory and compliance
issues from multi-tenant cloud environments. The data management plan should
include detailed sections on the current regulatory requirements, and
procedures for frequently checking the updated policies. Any company that
manages Personally Identifiable Information (PII) should be especially in tune
with reducing any internal or external threats to their data security.
Cloud
services that hold PII and other compliance-regulated data should be managed
with strict data access rights, complex mandated password protocols, and
procedures for revoking rights from vendors or departing employees.
-
Centralize
all of the relevant data. The data that can be shifted to the cloud might
come from dozens of sources, from social media content to CRM or BI systems.
The data management plan should identify and organize all of these data sources
and then IT should move them into a centralized secure location. Such
organization offers additional benefits of improving access to information,
boosting efficiency, and powering analytics engines to find hidden insights
from data.
-
Use
metrics perform testing. The successful sales team will frequently check
on their progress as compared to the plan and test their procedures (for
example prospect-to-lead efforts) in order to gauge performance. IT should
follow a similar structure when it comes to the data management plan. By
writing down various benchmarks, the plan gives IT some goals and ties their
efforts into the overall business' success. For example, there could be a
percentage goal for movement a certain amount of the company's data to the
cloud by a certain date, or a reduction in the number of unauthorized user
access incidents. IT should leverage automated tools to track the employee's
usage of data, so they can for example spot an employee who downloads thousands
of customer records without a valid business reason.
Testing the data management plan should involve
making sure every employee understands their role in protecting and accessing
data, a review of the security protocols used by chosen cloud providers and any
in-house storage, and various other criteria.
With a strategic plan in hand, IT can enjoy the
benefits of the cloud while protecting data through backups and personnel
training. Forward-thinking IT departments will recognize the cloud's
limitations and use that knowledge to their advantage by creating data
management plans and practices that mold to those limitations.
##
About the Author
David Zimmerman has been in the hardware/software
industry for over 35 years, specifically in the data recovery software market
for 20 years. During this period, he has been involved in the creation;
marketing and support of the earlier drive recovery software products to enter
the PC market and successfully marketed them both nationally and
internationally. His company makes data recovery products for most of his
competitors. His experience in the market has made him uniquely familiar with
the data recovery business.