By 2025 almost 90 percent of all data created in the global datasphere will require some level of security, but — distressingly — less than half will be secured. So says IDC’s white paper The Data Age 2025, among a slew of advice about the need to manage the world’s vastly growing data.
Although businesses and consumers alike regularly express a strong preference for keeping all kinds of data secure, some data types don’t currently carry hard security requirements — examples include smartphone photos, digital video streaming, public website content, and open source data.
However most data do have hard security requirements, such as corporate financial data, personally identifiable information (PII), and medical records.
What kind of data needs increased security?
- Lockdown: Information requiring the highest security, such as financial transactions, personnel files, medical records, and military intelligence.
- Confidential: Information that the originator wants to protect, such as trade secrets, customer lists, and confidential memos.
- Custodial: Account information that, if breached, could lead to or aid in identity theft.
- Compliance-driven: Information such as emails that might be discoverable in litigation or subject to a retention rule.
- Private: Information such as an email address on a YouTube upload.
Where is data being generated, and who is maintaining it?
With the changes in data sources, usage, and value, the amount of data being created is shifting from being consumer-driven to enterprise-driven. In 2015, enterprises created less than 30% of data, but this figure will grow to nearly 60% in 2025. (Note that prior to 1980, enterprises created and managed nearly all data.)
But whether data comes from a smartphone, an autonomous car, a coffee shop or a global financial services company — regardless of where the data is created, enterprises must face the challenge of managing more than 97% of the global datasphere. That’s because the datasphere of today is becoming more integrated across platforms than ever before.
Take the example of user-generated content on social media. Although individuals upload personal videos and photographs and write text content, the social media site ultimately must store and manage the data on its infrastructure. Because enterprises are managing a growing amount of this kind of personal data, they also bear a greater responsibility in managing privacy and security risks.
Moreover, as data-driven retail and business tools, smart-home appliances, smart-city systems and embedded sensors increase in number, everyday transactions generate more data that’s captured and maintained for its usefulness down the chain — and the need for data security only increases.
Surprisingly, while the vast majority of data requires at least some form of protection, the actual amount of data protection available falls far short of that.
Data breaches can put companies out of business
The security and privacy challenges cannot be underplayed. Data breaches can put companies out of business, targeted attacks can halt operations, and hacking can compromise trade secrets. The business, IT, and security professionals in an organization must continually emphasize throughout the organization that security is not simply an IT technical problem with a purely technical solution. Rather, it is an organizational need requiring the participation of employees at all levels.
The gap between data that isn’t secured versus data that should be secured illustrates the issue simply: there is an increasing need for security, and the technologies, systems, and processes to provide it.
Understanding global data security trends like these is vital to both your business and the businesses of your customers. For more insights to strengthen your ability to anticipate your customers’ evolving data needs, learn more about the emerging Data Age here, where you can also download and read the entire IDC report.