How to modernise data management safely

Modern data management requires a nuanced approach that combines private and public cloud and on-premises environments with training to increase security posture

Even before the digital age, the collection and management of data was absolutely critical to success. From door-to-door sales calls to online form fills, this has always been the case. The difference in 2021 is that the number of touchpoints businesses are now able to gather data from has increased beyond measure, resulting in a ‘data boom' that provides businesses with a plethora of new challenges.

One of those challenges, of course, is storage. By 2025, analysts predict the amount of data gathered by organizations around the world will exceed 175 zettabytes - an almost unfathomable figure. That's largely due to applications such as artificial intelligence, machine learning and predictive analytics. Netflix, for instance, was able to significantly predict and influence subscriber viewing habits by analysing their 100 million-strong user base. Even smaller businesses are now accustomed to hoarding vast volumes of data to drive their digital marketing campaigns and optimise their brand experience. Collecting and storing data has become the norm for businesses of all shapes and sizes, but those businesses need to be able to store, label and organise that data affordably and effectively in order for it to be useful.

This is a problem that's already been partially solved by cloud. As of 2020, more than 80 per cent of enterprise workloads already take place in the cloud, and 94 per cent of businesses worldwide use at least one cloud service. Cloud services are an affordable, flexible and streamlined solution to the ‘storage problem' for businesses of all shapes and sizes. However, while cloud services provide an elegant solution to the problem of data management, using them brings issues of its own.

The complexity of the cloud services market

Businesses assessing the cloud market today would be forgiven for feeling utterly overwhelmed by the number of options. The sheer volume of services out there makes security an inherent challenge, particularly with so many businesses now opting for a blended approach that combines private, public and even on-premise solutions.

While cloud services can be excellent cost-saving tools, their main value lies in their ability to support fast-paced digital change - something that's become all but essential throughout the course of the pandemic.

The most resilient and forward-thinking businesses out there have realised that by taking the best each cloud solution has to offer and applying it to different parts of their businesses they can essentially get the best of both worlds in terms of security and adaptability.

To explain this in a little more detail, we need to look at the various solutions on offer and their impact on security.

Balancing adaptability with security

When it comes to evolving a business's data management strategy, the trade-off between adaptability and security takes precedence over all else. It's a difficult balance that will weigh heavily on the shoulders of even the most astute business leaders, CTOs and enterprise architects.

Public cloud solutions have boomed in popularity in recent years for their affordability and accessibility. They allow businesses to effectively ‘rent' data service infrastructure for their own storage and computing needs. They're incredibly flexible and scalable and require virtually no capital expenditure. They're also incredibly reliable with services often distributed across a number of data centres behind the scenes, so if there is an issue at a data centre such as a fire or power failure, client businesses are unlikely to be impacted. Public cloud services often utilise a subscription-based ‘pay as you go' service model, making them easy to cancel, or scale up or down as is necessary.

However, these advantages come at the cost of data control and, therefore, security. This can quickly turn into an expensive problem for businesses, particularly as many public cloud providers prefer to share the regulatory burdens that come with data ownership, such as GDPR or PCI DSS. Not only do businesses relinquish an element of control over their data, they're still responsible for the manner in which it is stored and culpable when it comes to issues around governance and compliance.

Private cloud is different in that a business has exclusive access to its own cloud infrastructure, usually hosted off-premises by a third-party provider. This allows a business to retain full ownership and control over its data, as well as control over how that data is stored. Because no other client businesses need to be considered, a private cloud's servers can be tailored specifically for one businesses' needs, including all of its required firewalls and policy controls. The only real downside to choosing a private cloud over a public cloud solution is that it's typically more expensive and often comes with more long-term commitment.

With so many options to consider, and the majority of businesses taking a blended approach to data storage and management, younger businesses are bound to feel paralysed by choice when it comes to modernising their data management strategy. However, being able to do this in a safe, scalable and sustainable way is an absolute imperative if a business wishes to succeed in 2021 and beyond.

Maximising security with hybrid cloud

Not all data comes with the same security risks. Some data, such as customer payment information or medical records, for instance, is highly sensitive and requires tight levels of security. Other information, while crucial, could be categorised as less sensitive or at least less ‘valuable' and therefore less likely to be targeted by cybercriminals.

Striking a balance between public and private cloud allows businesses to spread their data storage budget, leveraging the flexibility and agility that comes with the former, as well as the tight security controls that are made possible by the latter. For instance, a business might choose to store its highly sensitive data on a private server, while utilising public servers for its dynamic day-to-day cloud-based operations, with tight access controls set up between the two.

This hybrid approach to data management also makes businesses more agile than if they were to simply run with one solution exclusively. For instance, if a business experienced a sudden surge in demand like many online businesses did during the pandemic, it could move non-sensitive data from its private servers to their public cloud to free up valuable space for intense big data processing.

The human touch

Spreading the risk of data management across private and public cloud is certainly a smart move, but that alone does not mean businesses are invulnerable to breaches. In fact, more than 95 per cent of data breaches in 2021 are still caused by human error, and 88 per cent of organisations worldwide have experienced a phishing attempt in the past 12 months.

Staff training is an increasingly important tool in our arsenal when it comes to combating cybercrime, particularly with so many employees now working remotely from home due to the pandemic. With home working set to stay - at least in some form - for years to come, we're going to be leaning on cloud technology more than ever before.

Safely modernising data management therefore requires a nuanced approach that combines private, public and on-premise cloud solutions with well-rounded training to maximise a business' security posture. It's hard to envisage a future where our dependence on data isn't rising exponentially, and with more types and sources of data materialising each and every year, it's crucial to have a fluid approach to data management that addresses the specific needs of individual businesses.

Jon Lucas is director at Hyve Managed Hosting