Dark data — creating major security blind spot for most UK companies

UK businesses continue to house dark data within their organisations, which has created a honeypot for cybercriminals.

This is the conclusion of a study from Veritas Technologies, who surveyed 1,500 IT decision makers and data managers across 15 countries, including 100 from the UK.

It found that on average, nearly half (48%) of all data within UK organisations remains unclassified or untagged (dark data), indicating that businesses have limited or no visibility over vast volumes of potentially business-critical data, creating a ripe target for hackers.

Classifying otherwise dark data

Classifying data enables organisations to quickly scan and tag the increasingly valuable asset to ensure that sensitive or risky information is properly managed and protected, regardless of where that data lives.

According to the study, this broad visibility into data helps companies comply with ever-increasing and stringent data protection regulations that require discrete retention policies be implemented and enforced across an organisation’s entire data estate.

Why a data strategy is key to a successful digital transformation

Matthew Beale, storage solutions specialist at Ultima, explores the importance of a solid data strategy when embarking on digital transformation. Read here

Weak links in data security

Public cloud and mobile environments represent weak links in data security, with the majority of data across these environments most likely to be left unclassified and potentially unprotected.

Just 9%of UK-based companies claim to have classified all of their data in the public cloud, while only 8% have classified all of the data that sits on mobile devices — it is a challenge.

Over half (56%) of companies admit they have classified less than half of their public cloud data, while nearly two-thirds (61%) have classified less than half of the data that sits on mobile devices.

Responsibility

Veritas’ previous Truth in Cloud research revealed that 69% of global organisations wrongfully believe data protection, data privacy and compliance are the responsibility of their cloud service providers, although cloud provider contracts usually place data management responsibility on businesses.

“As modern workforces become more mobile and data is dispersed across organisations, businesses have a big task in ensuring they have visibility and control over their data. If data isn’t effectively classified and tagged, it is more likely to go ‘dark’ and pose a serious security risk to businesses and their customers,” said Jasmit Sagoo, senior director, Northern Europe, Veritas. “Organisations must take responsibility for all of their data, or they could face significant repercussions to their reputation and market share.”

Discovering the power of dark data

Don’t be afraid of dark data. Read here

The dark data age

Organisations consider strengthening data security (65%), improving data visibility and control (41%) and guaranteeing regulatory compliance (51%) among their top key drivers for day-to-day data management.

Yet the majority of respondents admit that their organisation still needs to make improvements in all of these areas — security, like digital transformation, is a constant journey.

“In today’s digital economy, it’s not a question of if a company will be targeted by cybercriminals, it’s a matter of when, and a company’s pool of dark data serves as an easy and enticing target for attacks. The more organisations know about their data, the better they will be at judging its value or risk,” added Sagoo. “The average company holds billions of data files, so manually classifying and tagging them is near impossible. With the help of data management tools that include algorithms, machine learning, policies and processes, businesses can effectively keep data secure, available and gain valuable insights from it, regardless of where that data sits in their organisation.”

Avatar photo

Nick Ismail

Nick Ismail is the editor for Information Age. He has a particular interest in smart technologies, AI and cyber security.