August 16, 2011
By Ursula Talley Vice President Marketing
StoredIQ
Article

Are Islands of Data Exposing You to Risk?

It's no secret that most companies don't know where their data is. Even worse, Gartner reported that 90% of data is either stale or of non-business value. Data fragmentation highlights the difficulties of understanding information across the enterprise and contributes to significant risk to businesses.

The challenge clearly for IT lies with utilizing effective tools for intelligent information management. With hundreds of different data sources and file types across petabytes of data, it can be a nightmare scenario for even the most experienced organization to gain control of.

Understanding the Risks

Businesses rarely foresee the difficulties in maintaining an ever-growing population of data, and more importantly the information management challenges that can arise from it:

Regulation—Laws such as Sarbanes Oxley, Basel II, FCPA, FINRA and HIPAA all place mounting pressures on companies to establish and maintain an effective corporate governance strategy;

Legal—Responding to e-discovery requests and investigations frequently requires accurate and immediate action;

Security—Protecting business-critical assets and intellectual property (IP) are fundamental to an organization's viability and competitive advantage;

Privacy—Addressing the laws and regulations concerning personally identifiable information (PII), such as the Massachusetts law 201 CMR 17, is necessary to avoid litigation, sanctions and fines; and

Costs—The costs of properly storing and managing an ever-increasing volume of unstructured electronically stored information (ESI) are growing exponentially.

The lack of information management visibility leads to islands of data that are often forgotten, and are the first to fall out of compliance with corporate policies regarding e-discovery, defensible deletion and records management. Rarely does IT have the tools at their disposal to effectively maintain data visibility across the entire organization.

The Costs are Real

We've all heard the stories of a small, well-planned SharePoint pilot, for example, that suddenly exploded into thousands of rogue sites. Suddenly, just like the forgotten server, a new SharePoint site pops up and new information is added to it, all out of the purview of corporate governance.

For those companies in financial services and other highly regulated industries, these exploding SharePoint sites are a real risk to ever increasing compliance regulations, such as Dodd-Frank, or FINRA. A small, forgotten information set, even setup temporarily, can cost an organization hundreds of thousands of dollars in compliance penalties or e-discovery costs.

As a tangible example, consider the Massachusetts law 201 CMR 17, which protects resident's personal information from data loss. The penalties for non-compliance with 201 CMR 17 can be significant, with every single violation resulting in a civil penalty of $5,000. A spreadsheet containing the first name, last name and social security number of customers can be a ticking time bomb for companies, potentially resulting in a fine of hundreds of thousands of dollars. And it's not just large corporations that should be concerned. Earlier this year, a restaurant chain was fined $110,000 over allegations that the chain failed to protect patron's personal information.

Discover, Analyze and Act

So, how does an organization get control of its information management issues? How do you convert the islands of data into structured information that allows your business to gain visibility into your data and establish repeatable processes to reduce corporate risk?

When evaluating any information management solution, it's helpful to consider three essential capabilities for gaining control of data:

1. Discover. The ability to find data within the enterprise, including file shares, email archives, files servers and SharePoint. Corporations have petabytes of data, requiring a scalable technology platform with sophisticated search capabilities that can distinguish and infer the meaning of words (will, Will and will, for example, which describe an adverb, a proper name or a legal document).

2. Analyze. Understanding the data topology of your organization, how data from different data sources relate to each other, either at an organizational level or through individuals. How much of the data is duplicated? Does it contain PII or corporate IP? Advanced analytics allow you to understand what you don't know; converting data into information that allows corporations to not only take action, but the right actions.

3. Act. After discovering and analyzing the data, establishing policies to automatically enforce compliance or records management and automatically enforce record retention schedules. A repeatable and enforceable policy can offer clear ROI; case in point: DuPont. After a very large legal case, DuPont conducted a post mortem and found that more than 50% of the documents that legal reviewed were kept past their established retention period. DuPont estimated that it cost $12 million to have attorneys review all of these additional documents.

By providing IT with the ability to discover, analyze and act on data as well as providing an in-depth assessment of unstructured data across the enterprise, organizations will have critical visibility into and control over their business content to make more informed decisions about the management, retention and disposition of their data. This intelligent information management will allow IT and legal to:

Comply with corporate policy and compliance mandates in order to meet all regulatory requirements;
Reduce risk, preempt litigation and avoid fines by proactively identifying and securing documents as required by the law; and
Ensure that valuable business information is safe and accessible to authorized personnel only, according to regulatory compliance requirements and corporate access policies.

An effective information management solution that allows your organization to discover data where it lives, apply advanced analytics, and more importantly, apply policy to this data can help anyone who is suffering from data overload. You won't fear that server in the corner anymore; you'll know that it's no longer a risk to your company or your information management policies.

StoredIQ's enterprise-class Information Intelligence Platform enables organizations to gain visibility and control over business-critical information to help meet their compliance, governance and legal discovery requirements. Industry-leading companies rely on StoredIQ's award-winning technology to streamline their information management and e-discovery processes to reduce the risk, complexity and cost of litigation. For more information, visit www.storediq.com.

Free

for qualified subscribers

Subscribe Now Current Issue Past Issues

KMWorld 2024 Is Nov. 18-21 in Washington, DC. Register now for Super Early Bird Savings!

Are Islands of Data Exposing You to Risk?

Understanding the Risks

The Costs are Real

Discover, Analyze and Act

How Knowledge Graphs Make Generative AI Consumable in Enterprise Environments

Building a KM Foundation for Enterprise AI

TRANSFORMING ENTERPRISE KNOWLEDGE: THE JOURNEY TO SAFE, SECURE, AND TRUSTWORTHY AI

More

Knowledge Revolution with Generative AI: Megatrends and Success Stories

Unlocking Enterprise Knowledge with Microlearning

Intelligent Content Management: Game-Changing Technologies and Strategies

Optimizing LLMs with RAG: Key Technologies and Best Practices

More Webinars