*By Marcos Tadeu
In today's era of seemingly infinite data volume and complexity, many companies are unwittingly overlooking an entire category of data that is critical to their protection and management practices. More than 50% of a company's data are "dark” – information held in data repositories with no added or determined value. In addition to costing on average US$ 26 million in storage expenses per year, the dark date, or obscure data, pose significant risks to a company's security and compliance efforts, making it more important than ever to address the fundamental issues that cause them.
dark date threaten the protection
Most companies are not clear about the data they need to protect. Like dark date Often out of sight and out of mind for many companies, dark data reservoirs – which contain sensitive and valuable data – become an attractive target for cybercriminals and ransomware attacks.
Furthermore, nearly half of senior IT decision makers cannot confidently and accurately state the exact number of cloud services their corporation currently uses, even when companies implement a multi-cloud approach with on-premises and public cloud resources such as part of your data the infrastructure. If an organization is unable to clear up dark data, especially dark data stored in the cloud, multi-cloud approaches can further open the door to cyber-attacks and recovery at scale cannot be guaranteed.
Surviving any type of ransomware attack requires an understanding of what and where your data is, as well as its value. The more companies know about the data they have, the more effective they will be at understanding how to protect it from risk and how to recover after an attack.
dark date threaten compliance and governance
Unlabeled and unstructured data also pose challenges to meet the requirements of the General Law for the Protection of Personal Data (LGPD). Companies that identify and catalog their most critical information, remove information that has no value, and ensure they are meeting all other compliance requirements are better equipped to proactively manage information risk and close gaps in data governance.
Tactically, companies can implement data capture, archiving, and surveillance capabilities to follow data compliance requirements. Better management of obscure data will help companies comply with strict regulations and implement discreet retention policies across their data estate.
Furthermore, dark date play a significant role in a company's environmental compliance – another set of growing regulations. As companies work to develop sustainability programs to meet carbon reduction standards, the environmental cost of obscure data must be a priority. it is estimated that the storage of dark date emits 6.4 million tonnes of carbon dioxide into the atmosphere in 2020. And the prospects are even worse – analysts predict an increase of 91 ZB of dark date by 2025 (more than four times the volume in 2020). This means that dark date will continue to emit carbon into the atmosphere at alarming rates.
To protect the planet from wasted energy dark date, companies must review their data management strategies, identify valuable data, and rid their data centers and clouds of unnecessary data. By properly managing dark data, there is a significant opportunity for companies to reduce their carbon footprint, comply with industry environmental regulations and meet sustainability goals that are increasingly important to a wide range of stakeholders.
Managing and protecting dark date
It's clear that dark data poses threats to a company's security and compliance. So how can data managers better identify, manage and protect obscure data in their enterprise?
First, data owners must develop and act from a proactive management mindset that enables organizations to gain visibility into their data, take control of data-associated risks, and make informed decisions about what data to retain. or deleted before a critical security event occurs.
Some tactics that data managers should implement to establish a proactive mindset are data mapping, used to discover all sources and locations of data collected and stored, and minimization, used to reduce the amount of data stored and confirm that the data retained is directly related to the purpose for which it was collected.
Second, companies must also use technological advances to their advantage. Artificial intelligence (AI) and machine learning (ML) offer significant opportunities to effectively identify, manage and secure large unstructured and unmarked data sets, and play a vital role in data management processes.
The ultimate goal is to manage information, not just data, right at the source (edge) by quickly scanning, labeling and classifying information to ensure sensitive or confidential data is properly managed and protected, no matter where it resides. As such, transparent AI and ML policies help companies gain full visibility into their data, identifying vulnerabilities and minimizing risk. This is the next frontier.
Properly managed dark data offers a more secure and compliant future for organizations, reduces costs and enables action through previously untapped intelligence, opening up possibilities for organizational optimization and innovation in any company.
*Marcos Tadeu, senior manager and sales engineering at Veritas Technologies in Brazil
Notice: The opinion presented in this article is the responsibility of its author and not of ABES - Brazilian Association of Software Companies