When corporate leaders think of protecting corporate data, they usually think in terms of protecting it against cyberattacks. But in reality – even if a company is fully protected against external threats – those aren't the biggest issues companies face with respect to their data.
Storage devices have high reliability, but they aren't fail proof. Companies need their storage plans to account for failures. This means using clustering, mirrored disks, and replication to ensure that data is available on another device.
Most companies have automated backups, but the backup plans often aren't reviewed and updated. This means it's easy to miss new devices and omit them from the procedure. Backups also need to be monitored, to make sure the automated scripts work properly. Lastly, companies rarely test restoring from backup, but this should be done in order to verify the procedure and understand how long it will take.
People make mistakes that expose corporate data. Phishing campaigns have convinced users to provide corporate bank accounts. But it doesn't take a phishing campaign. Users often send sensitive data through unencrypted email. They share passwords because getting set up properly takes too long. They mistype a command and the system doesn't require confirmation before executing it. Issues like these can largely be addressed through better training or redesigning systems.
The biggest data issue companies face, though, is corrupt data. When incorrect data feeds into other corporate processes, the company's decision making is inevitably adversely affected. Corrupt data entry is often caused by poorly designed applications; it can also occur when data is force-fit into legacy systems because creating a new application with appropriately named data fields would take too long. At the same time, migrating data from legacy fields to new applications introduces possibilities for error when fields are mapped wrong. In many businesses, the same data is entered into multiple systems, with chances of incorrect or inconsistent values.
Data is at the heart of business operations, and it's unquestionably important for companies to protect it. Doing so effectively requires taking a broad view of the data at rest, in transit, and when it's accessed by both man and machine.