How can you address what you don’t know you have?
No, this isn’t a trick question. The answer is simply that you cannot. In order to know and effectively address what data your organization has, you have to take a few steps back and define, create, and implement an overall data strategy.
Last month, my colleague Chris Plauschinn, Director of Cloud and Infrastructure Solutions for Ricoh Canada, and I led a Canadian Corporate Counsel Association (CCCA) webinar on Data-Driven Decision Making: Building a Data Strategy. During the one-hour presentation, we shared the risks associated with unmanaged data.
What is a data strategy?
In short, a data strategy is a framework for how your organization acquires, stores, manages, shares and uses its data. It is the building block to comprehensively support data and risk management across an organization. Storing vast amounts of data without a defined strategy can bring increased security exposure and legal risks to your organization.
Does your organization have a defined data strategy?
A poll conducted during our presentation to attendees revealed that only 18 per cent of respondents had a defined data strategy for their organization, while 50 per cent did not and 33 per cent were unsure.
Of those 18 per cent who did have a defined data strategy, only eight per cent were confident that the plan was being adhered to across their organization. 46 per cent answered they were “somewhat confident” and the remaining 46 per cent had low confidence in their organization’s data strategy plan.
Though some might find these metrics jarring, they were not altogether surprising. In fact, we see this reality across the varied organizations that we support. Often, it isn’t until a “triggering event” occurs (such as a law suit or a data breach) that an organization will go into reactive mode and work backwards to try to establish a data strategy where one did not previously exist. However, working proactively rather than reactively to develop an effective data strategy can help save significant time and cost in the face of a triggering event. It may even help to prevent one in the first place!
Benefits of Developing a Data Strategy
There are several benefits that come with developing a data strategy. Within the legal context, an effective data strategy can allow for reduced discovery and review costs associated with a triggering event, reduced risk of accidental disclosure of protected information such as Personally Identifiable Information (PII) and enhanced security of confidential materials.
By integrating data mapping, data access rights and data storage management, a well-thought out data strategy can save your organization time, money and frustration all while maintaining its goodwill and reputation as a legally compliant and proactive organization.
What do you need to consider when creating a data strategy?
Before devising your organization’s own data strategy, consider the following questions:
- What data does your organization have?
- Is there PII? Is it Confidential? Is it privileged?
- What are the risks associated with the various buckets of information your organization has?
- Where does the data live?
- Who can and who should access it?
- What tools does your organization have to store and secure it?
Who will benefit from a data strategy?
There is risk at every organization as it pertains to its data, whether it be a risk of data breach or disclosure or a risk of not meeting legal discovery obligations. Building defenses via an effective data strategy is a fundamental way to minimize risk. Within your organization, every division benefits: Legal and Compliance will gain an advantage from a risk perspective while IT and Security will be able to ensure all the data is kept safe and available only to those who require access.
If you need help getting an effective data strategy in place, or even just want to know how to get started, reach out to our team. If you are a CCCA member, you can watch the full webinar recording here. Not a member? Get in touch to learn more.
You may also be interested in…
Every employee plays a role in contributing to the data deluge that organizations are faced with and therefore are critical in addressing the problem successfully. Here are the top five reasons it's time to contribute to clean data efforts.
By 2022, it's predicted that 93% of all data will be unstructured. Without managing your data repository, you're at risk of carrying high quantities of ROT data which can leave you vulnerable to security breaches, high IT costs and wasted time. Our latest eBook shares everything you need to know to begin mapping, cleaning, classifying and migrating your dark data successfully.