Why data footprint reduction is essential to data security and how to do it right
BY ELIZABETH MCKINNON
March 30, 2021
It’s nearly impossible to overstate how rapidly the data universe is growing. While most people still think enterprise data is confined to the information in a company’s CRM or ERP system, the reality is that companies of every size and in every industry ingest or collect more data, from more sources than at any time in history.
Every minute, users add 300 new hours of video on YouTube, totalling more than 1 billion gigabytes (1 exabyte) of data, share more than 100 terabytes of data on Facebook daily, and create untold volumes of data via video conferencing spurred by the COVID-19 pandemic. That data, according to researchers, is at least 80% unstructured, a figure expected to grow by 500% each year heading into the next decade, adding a new layer of complexity in trying to effectively govern, manage, and secure it all — and many new layers of expenses to deal with.
For enterprise data and security leaders the sheer volume of enterprise data dramatically raises the bar for thoroughly protecting the data and managing it in a way that complies with ever-changing regulatory standards — while significantly increasing the cost of storing it. In response, IT leaders are eagerly looking for ways to reduce their company’s data footprint to simplify their data protection efforts and rein in runaway spending.
Data remediation isn’t so cut-and-dry
People often think of a data footprint reduction simply consisting of detecting and deleting duplicate, incorrect, or unused data. The problem is that in many cases businesses are legally obligated to hold particular data types for a defined period of time in accordance with various data management regulations like California Consumer Privacy Act (CCPA), GDPR, and others.
Many organizations still perform data remediation tasks manually using cleaning tools, script-based batch remediation, data migration, or a combination of these methods. Teams are forced into this time-consuming and ineffective method because they often don’t have the bandwidth or expertise to execute the full set of required activities for data remediation or even have clear data ownership, leaving to chance that all data will be properly evaluated and managed.
The risk of cost-driven, conventional data remediation can be extreme. That’s because much of that data is personal identifying information (PII), which is among the most sensitive in an enterprise’s store and the most important to properly control while trying to downsize their data footprint.
However, simply deleting it in an effort to shrink how much data is under the company’s command can result in fines for non-compliance and other legal liabilities if it’s not done properly. Instead, enterprises must accurately classify their data to know exactly what information they have, how it was collected, how long it must be retained, and how to properly dispose of it.
If personal data persists in the environment beyond its period of usage, it creates unnecessary risk of being discovered and compromised, deleting it too soon and in violation of data governance standards is equally risky. Next-generation data remediation solutions like Spirion Sensitive Data Platform automate critical aspects of thoroughly protecting sensitive data while enabling enterprises to strategically and methodically reduce their overall data footprint.
The platform automatically and securely erases data using multiple layers of cutting-edge secure data erasure techniques, can securely relocate data to ensure it can’t be recovered by anyone who gains access to the computing environment, and anonymizes personal data by removing identifiers that connect an individual to stored data.
Systematic, strategic, and cost-effective data remediation
The unprecedented growth in data velocity and volume has challenged many IT and security professionals to reevaluate their data lifecycle management practices in an effort to shrink their data universe and, by extension, the cost of managing it all.
But simply deleting data as part of a cost-cutting initiative is just begging for disaster, as incurring the fines and brand damage from running afoul of stringent data governance compliance standards can often end up being more costly than having an expansive data universe in the first place.
Enabling systematic, strategic, and methodical data remediation through automated and scalable tools that scour every operating system, cloud, or network-attached storage system is vital for improving your company’s overall data security posture and ability to slim your data stores down to their minimal levels.
Not only will it cut down on wasteful manual data remediation efforts, but it will also help to assert greater control over your most sensitive data, enabling your business to trim the costs associated with storing and managing large amounts of private data while creating a comprehensive, end-to-end data lifecycle management strategy that stands up to the evolving challenges of business in the Digital Age.