Where exactly is all that data in the cloud?

Tuesday-Main

The more digitally connected we get, the bigger the amount of data we have to find ways to manage gets.

As Mary Meeker, one of the world’s most influential technology watchers, points out, we generate 2.5 quintillion bytes of new data every day. That means data is increasing at a 50% compound annual rate.

Where is all that data going? Into the cloud. After all, while date volumes are increasing, cloud storage costs are coming down by 20% per year. However, while cloud might appear an inexpensive and simple solution to the question of what to do with all this data; in reality, if we let our grip on our digital assets slip, we lose visibility, accountability and control.

That’s especially true when it comes to deletion policies. The classical enterprise discipline of ILM, Information Lifecycle Management, may not be in fashion currently, but its principles of classifying, managing and storing information over time remain completely relevant. Analyst firm Gartner defines it as follows: “An approach to data and storage management that recognises that the value of information changes over time and that it must be managed accordingly… ILM seeks to classify data according to its business value and establish policies to migrate and store data on the appropriate storage tier and, ultimately, remove it altogether. 

Criticality – a forgotten, but core, data management concept

I think that’s a timely reminder that the value of data is a function of time. Not all data needs to be retained permanently – and in fact for good governance, it needs to be deleted at mandated times. Hence the term ‘criticality’ – the value of your data to you and your business.

Cloud and software-defined storage may have taken the spotlight off the need for ILM, but such criticality should still be on your radar: what data needs to be kept, what needs to be deleted, and how can you prove that to the regulator? Obviously, different sorts of data have different levels of criticality; some data will be far more sensitive than others. But if you don’t know where your data is how can you manage it and track what has actually been deleted?

The problem with public cloud is that it obscures the issue, because by its very nature, cloud data resides in different geographies on a host of different media. Of course the cloud is convenient, but the concern is how do you know what data has been deleted permanently?

Public cloud-multi-tenancy is a particular issue here in controlling data. Any responsible company will have full visibility and security of the management of data residing in the cloud, especially around archiving and retention of information. This means ensuring that your cloud provider has the capabilities to do this.

Meanwhile, new legislation – the European General Data Protection Regulation (GDPR) – is also something you need to address. Organisations will need to start determining the risks to be managed, including having a full view of what data they have, where it is stored and what needs to be protected and secured before it becomes law in 2018.

GDPR has serious teeth, and organizations that fall foul of it can be fined heavily, and ILM should be a major lens through which to view this task, especially if you are a major cloud user.

The importance of the SLA

Any organization that has information at scale would be advised to consider a private cloud or a hybrid solution, and should be focused on smart Service Level Agreements (SLAs) to manage their relationship with business and service partners.

Last but not least, with cloud, ILM and compliance, the longevity of the supplier is an important consideration; what happens if they go out of business a few years down the line? If you are a financial institution with a big pensions database, this would create enormous problems. While no-one can predict the future, you need to try and mitigate your ILM and cloud risk as much as you can. A clear statement in your contract stating that your data remains your property and that you can have it returned in any format at any time is important. 

To sum up, if data needs to be deleted in your business process, you must be aware of where and the way it is stored. This will undoubtedly become a more complex issue the more digitally connected we get – and the more demanding the regulatory environment becomes, whatever new trading relationships and therefore new legal jurisdictions we end up having.

 

Howard Frear

Howard Frear

Howard Frear has been at the forefront of major trends in the software industry for close to 18 years. Howard is a very successful and experienced sales and marketing professional and is the driving force behind EASY SOFTWARE UK’s go-to-market and business development strategy. Day to day Howard is charged with managing the direct sales force, directing key marketing activities and overseeing strategic partner liaison.

Latest Posts:

 

Tags: Cloud Computing, Data Center, Technology