The modern data protection landscape is changing at an unprecedented pace. Data is growing exponentially, new and evolving regulations are appearing all the time, litigious activities are increasing and not a week goes by without news of a natural disaster or other emergency severely impacting a location – and the lives of the people living and working there. Clearly in such an environment, being able to protect your data is more important than ever.
It was with this idea in mind that we asked IT professionals from a wide variety of businesses and industries to help us predict the future of data protection. We asked questions about how the challenges of the current environment will evolve over the next two to three years and what strategies, policies, procedures and technologies organizations will leverage to overcome them. The results were illuminating.
Despite recognizing that data protection challenges will continue to grow, participants believe that few organizations will take decisive action to fortify their data management practices in the near future. As you read through the predictions on the following pages, you will see phrases like “keep everything forever” and “conduct periodic reviews” that show a lack of urgency for participating in this next generation of data protection. We can speculate about why — perhaps participants believe limited budgets or lack of expertise will hold organizations back – but the fact remains that “do little” or “do nothing” postures will not cut it going forward. The costs of uncertainty and inertia are just too high.
We all know the risks of inadequate data protection — they are many and well documented. Whether it’s the penalties and fees of non-compliance, the brand damage and loss of customer trust associated with an inadvertent disclosure or the bottom line impacts of not being able to recover data in a timely fashion, today’s organization’s simply cannot afford taking a reactive, “it’ll never happen to us” approach to data backup and recovery. After all, the landscape is too competitive, and one incident, quickly spread across websites, blogs and social media, has the potential to change how a business is perceived forever.
We've organized the predictions into four sections that mirror our best-practice-based approach to optimizing your data protection infrastructure:
Our hope with this report is that it will provide a baseline of understanding upon which we can build the tools and information needed to help our clients navigate this complex environment. How? By understanding that a more proactive approach to data protection is needed — one that starts with a high-level strategy, feeds into well-defined policies and procedures and is supported by the right mix of data backup and recovery technologies.
Data growth, compliance, a stagnant economy and flat budgets are just a few of the challenges facing organizations in today’s data protection environment. The predictions in this section show that the risks these challenges bring with them (e.g., data loss, inadvertent disclosures, non-compliance, etc.) are top of mind for many organizations — and that they’re actively looking for strategies and best practices they can implement to overcome them.
An overwhelming majority of participants believe that risk of data loss or inadvertent disclosure will be a major concern of IT leaders over the next 12 to 18 months. The next closest concern was “bring your own device” (BYOD) and mobile technology trends, followed by compliant IT asset disposal and destroying assets in environmentally friendly ways.
As data continues to grow at an exponential rate and businesses embrace more data-intensive trends, such as big data and predictive analytics, it’s not just the amount of data they are storing that has increased — it’s also the criticality of that data. At the same time, expanding compliance requirements across heavily regulated industries like Healthcare, Financial Services and others are putting pressure on organizations to secure the privacy and integrity of their data. As these data and compliance demands continue to grow, the risks around data loss and inadvertent disclosure multiply, so it’s understandable that participants viewed them as urgent data protection concerns in the near future.
The BYOD issue is an interesting one, because even though most organizations recognize it as a trend that is here to stay, few seem to understand how these devices fit into their data protection strategy. That said, organizations truly concerned with protecting themselves from data loss in a BYOD world should not overlook IT asset disposition strategies. Together, BYOD and data growth trends have led to a surplus of devices organizations have to manage — each containing business data that could be compromised if not disposed of properly. These devices may create a less-visible data loss risk, but that does not mean they can (or should) be ignored.
When organizations look at their IT environments, it is common for them to view the number of devices they have to manage as a reflection of the amount of data they are storing, so it stands to reason that they are more concerned with what they see as the cause (the data) rather than the effect (the devices). In addition, with data and device growth happening at such an accelerated rate, some participants are worried that compatibility will become a challenge as data moves from one storage medium to another.
It’s no secret that data volumes are growing at an unprecedented pace; however, BYOD and mobile technology trends are bringing new and different device types into the enterprise that are not accounted for in the “more data equals more devices” equation discussed previously. Today’s employees use an average of 3.5 devices in the workplace1, so if the time to address device management is not now, it’s coming in the near future.
Many IT infrastructures today comprise an assortment of server, software and storage components that have been accumulated over time, with aging legacy systems running alongside the latest and greatest technologies. In such environments, it’s not uncommon for businesses to be concerned with data compatibility — especially as they consider consolidating and standardizing their infrastructures in the future.
Few survey respondents believe that data protection systems and budgets are keeping up with data growth, but they — like many others in IT organizations today — are feeling the effects of tight or reduced budgets on their backup and recovery efforts.
When the people in charge of backups for their companies say that their systems are not keeping up with data growth demands, what they really mean is, “I don’t have the budget to keep buying new technology to address the problem.” What’s more, they know it’s not going to change anytime soon, because backup is rarely a priority at budget time. So, what can they do? They have to take a fresh look at their environments and make smarter technology decisions that change the economics around their backup and recovery processes. For example, by maximizing the capabilities of existing assets, incrementally adding new solutions when budgets allow and marrying this technology with innovative thinking and best practices, they can start to bridge the divide between their current and ideal future states.
There’s an old adage that there’s always money to do something over, but never enough to do it right. When it comes to protecting data, that’s a risk most can’t afford. Data tiering is a widely recognized best practice that can help drive cost reductions throughout backup and recovery practices — helping organizations take better advantage of their limited budgets.
A data tiering project can begin with the simple steps of identifying a data set and understanding how business-critical it is, how often it changes and how accessible it needs to be. For example, if 30 percent of data is volatile and needs to be on spinning disk, it’s worth asking the question: “Can the other 70 percent be moved to a more cost-effective medium?” If the answer is “yes,” the organization has freed up significant disk space to accommodate data growth without having to purchase costly new hardware.
Here is a quick test to see how your organization is handling the challenges of the current data protection environment. If you score a three or above, you’re likely experiencing some of the pains discussed, and you should begin thinking about how you can change your data protection approach to reduce or eliminate them. If you score a two or below, you’re in pretty good shape, but with data growing exponentially and elements like compliance requirements changing all the time, you should return to this exercise in the future to make sure you’re staying ahead of these challenges.