The really surprising thing about "Symantec’s State of Information Survey 2012" is just how mundane it actually is. Not because the facts that it contains are mundane, but because the problems around information management, or lack of management, are so well known that it seems not a lot can surprise any more.
That is not to say that the report is not useful, because it is. But it's real use in light of what we know from one report or another about information mismanagement is that it actually quantifies what is happening across the information management industry -- most enterprises have a long way to go yet before they can safely say they have mastered their information.
The research itself was carried out for Symantec for ReRez Research which carried out a survey across 4,506 organizations with between 5 and over 5000 employees across 38 countries in February and March of this year. The result is some insights on information use that are fairly accurate across large sections of global markets.
And almost universally across the companies that were surveyed, there is no clearly defined information strategy that covers issues like information sprawl, lost data and recovery, and the rising costs of storage.
Again looking at some of the figures that are available in this report, it seems a bit incredible that so little thought has gone into information planning.
In typical small company (SMB), for example, there is 563 terabytes of information stored across all stores and devices. And yes, we said devices, because it seems that employees are still using laptops, smartphones, tablets, and home computers to store company information, as well, of course as the work place desktop.
So if SMB’s have this kind of information, enterprises should have proportionally more; and indeed they do. The average enterprise has about 100,000 terabytes of information stored across its networks and devices.
Globally then, the combined amount of information for all businesses worldwide is 2.2 zettabytes (one zettabyte equals one million terabytes).
The result is that, according to Symantec, the spending and cost of information annually is US$ 1.1 trillion dollars, which it points out is enough to buy an iPad for every worker in the world.
And typically, it’s not going to get any better. Data storage is set to grow this year by 67% for enterprises and 178% for SMBs, with an average SMB spending US$ 332,000 on trying to manage and store all this. The average enterprise spending US$ 38 million.
In real terms what this means is that per-employee spending on information for SMBs is US$ 3,670 and $3,297 enterprises.
And if you want a visual image of all that, then Symantec has that too; if 10 kilobytes of text fills a sheet of paper, the stacked sheets would stand as tall as 1,287 Empire State Buildings, or 374 miles.
Again, not really anything we didn’t know, it was just the quantities that were missing. But what is the real value of all this information? If a business is only as good as the information it contains then its company value must be quite substantial?
Information in Enterprises
Again the answer is yes. Companies estimate that 49% of the value of organizations is derived from the information they own. The consequences of loosing that information, according to the companies include:
- Lost customers (49%)
- Damage to the brand (47%)
- Decreased revenue (41%)
- Increased expenses (39%)
- Tumbling stock price (20%)
An IT manager at a large engineering firm who took part in a focus group related to the research and cited in the survey described it like this:
We would have to fold our operations for at least a couple of years before we’d come back again.”
Others predicted they’d lose their jobs or that their companies would be sued or go bankrupt.
But even with all this spend organizations are still struggling to manage their information and facing multiple challenges. Despite the importance of information to organizations of all sizes, and the amount of money they’re spending managing it, IT executives still face multiple challenges in managing that information.
One such a problem is duplication. Everyone knows there is an issue around it but enterprises in the survey estimated that up to 42% of information is duplicated data. That’s nearly half of all the stored information. It begs the question that only individual enterprises can answer themselves: If 42% of information is duplicated, if they dealt with it would they cut their storage costs by nearly half?
There are other figures that are worth considering. In the past 12 months:
- 69% lost important business information
- 69% exposed confidential information
- 42% of data is duplicate
- 31% had compliance failures
- 30% said information sprawl a somewhat/significant factor in these mishaps
While these figures say in all about the use of storage space, the fact that two-thirds have had information exposed outside the firewall is really a cause for concern, as is the fact that one third have had compliance issues around information in the last year.
Another challenge is that organizations have fairly low storage utilization rates -- 31 percent:
Our biggest concern in IT about information is the ability to control and be able to normalize it to really understand what we have…We have so much information it’s hard to glue it all together…”,” said an IT manager at a large financial services enterprise.
So what to do? Obviously there’s a lot that can be done, but many companies are unsure where to even start. Symantec has 5 starting points that users might consider.
Symantec’s 5-prong approach.
1. Information Infrastructure
Forget about devices, Symantec says; if you can’t find information, or access it no device is going to be able to help. Along with adopting technologies like cloud, virtualization and mobile devices and applications, enterprises need to build their information infrastructure in tandem with them.
2. Information Is Not Equal
Enterprises need to know what they have, as well as know exactly who owns specific data and how important the data is to the enterprise in question. In doing so, they can prioritize and classify information for mapping and applying security protocols.
3. De-duplication and Archiving
Given what we’ve seen -- that 42% of information is duplicated -- this has to be done as a matter of priority. There are many tools and applications on the market at the moment that can help enterprises with that.
In order for any information management plan to work, enterprises must set consistent policies for information in physical, virtual and cloud environments. This unifies information classification, automates discovery and controls access.
Develop a flexible infrastructure to support continued growth. Infrastructure, just like people and applications need to be able to respond to changes in the business environment as soon as changes happen.
There’s more in this worth looking into. If you want to read the full paper, check it out here.