Cyberspace is looking a lot like the Wild West these days, with outlaw hackers ready to rob you of your data and the sheriff nearby looking to make sure you’re sticking to the letter of ever-tightening laws.
Are you ready?
A new Forrester Consulting survey report, Governance Takes a Central Role as Enterprises Shift to Mobile, commissioned by Druva, a data protection and governance firm, shows that more and more companies are responding to these pressures by boosting spending on information governance (IG) and adopting new systems to better-manage data.
Greater Focus on IG
But not everyone is moving quickly enough.
“Gartner predicts that 20 percent of CIOs will lose their jobs due to a failure to govern,” said Jaspreet Singh, CEO of Druva. Already, high profile data breaches like those at Target and Nieman Marcus have come at a high cost for many, he added.
Forrester conducted an online survey of 205 IT and litigation professionals in North America and the UK to evaluate trends and attitudes surrounding governance and eDiscovery in a mobile work environment.
Given the fact that Druva is a data protection company, it's not surprising that Singh thinks every company should take steps to guard against mobile data security threats and to prepare for regulatory pressures.
There are a number of drivers behind the increased attention paid to IG today, including the changing nature of our workforce and how people increasingly mix their personal and corporate lives, said Singh.
Many people have multiple mobile devices, which means it’s more likely than ever that personally identifiable and confidential information can walk right out the door — literally. “Not only does IT have less control of what happens with these devices, it also means that there are more copies of data spread across the endpoints,” said Singh. “Plus, users are relying on consumer tools for file sharing and other uses, removing corporate data from IT’s control.”
The risks: data breach or loss.
Increased Regulatory Scrutiny
“But security isn’t the only risk. The amount of regulations that organizations have to comply with are growing as is the data, which means that a breakdown in governance can result in substantial legal and financial risks,” said Singh. This can put your reputation at risk, as well as your bottom line. He added:
More regulations means an increased need to audit and collect data for compliance and litigation requests. Organizations also are having to comply with increased data retention rates, requiring them to store data for longer, another corollary effect of more stringent information governance requirements.”
Trying to Keep Up
Many companies are trying to establish stronger, centralized governance programs and to put systems in place to protect against mobile threats. The Forrester survey reveals that:
- 64 percent of respondents said they are going to put additional focus on tablet devices
- 89 percent plan to invest more in information governance programs, with 44 percent expecting increases of 10 percent to 20 percent
- 53 percent expect to centralize information governance in hopes of securing and protecting enterprise content on end user devices. This is an increase from 25 percent who are currently centralized and only 18 percent who were two years ago
But these companies see big challenges ahead. Some 44 percent of survey participants believe that their current security and governance controls still leave endpoint data at risk. Why? It’s hard to control file shares, there’s a lack of coordinating governance and mobile device bring big risks.
“With the rise of the mobile workforce, organizations must establish strategies to govern not only corporate and employee-owned mobile devices, but also the multiple channels that are now required to make data available anywhere on any device. The increase in complexity is staggering,” Chandar Venkataraman, Chief Product Officer at Druva noted in a statement.
Getting A Grip
So how can companies take to make sure they are prepared for these new challenges? Singh suggests:
Collect endpoint data. This allows you to understand what data is out there and how it’s used. “This provides insight into worker habits and helps the organization to build a governance structure that meets its needs, while still enabling its workforce,” said Singh. “And just building that structure isn’t enough. Organizations also need to build in checkpoints so that they are able to easily discover data movement and respond if something out of the ordinary happens, such as an employee is suddenly accessing a certain piece of data for unusually long periods of time or from an unexpected location.”
Having the right systems. You should have systems in place that allow you to easily respond to legal requests for data or to access it quickly. When planning for these issues it’s important to be proactive. “Put technologies in place that will aid in your governance efforts, even if information governance itself isn’t a priority at this time--because at some point, it will be critical,” said Singh.