27 June 2019

UK CIOs have revealed the huge extent of dark (unused) and unstructured data lurking within and posing a threat to medium and large organisations, research has found.

A report by Crown Records Management (CRM) said that nine out of 10 respondents said that unstructured ‘”data oceans” – a wealth of data which is difficult to view, access and secure – are a problem and pose risks of security and non-compliance with data regulations.

As much as 59 per cent of data across UK organisations is unstructured while 40 per cent of data is “dark” or unused.

Given that IDC found that 90 per cent of unstructured data is never analysed, organisations are in unchartered waters when it comes to managing risk, fulfilling personal information requests under GDPR or gaining intelligence from their information.

The report revealed that 51 per cent said unstructured data was a security risk and 49 per cent said it put them in danger of noncompliance.

However, it is not all about data risks and if managed effectively, unstructured data appears to hold the key to further business success.

In addition, 64 per cent said they could improve operational efficiency and productivity by tapping into unstructured data more.

Meanwhile, 34 per cent said they could grow sales, 32 per cent believed customer loyalty could be improved and 31 per cent saw it as a source of improving employee engagement.

CRM, which helps organisations manage their data securely and effectively, found that data was commonly stored in over 20 types of locations.

Although the most common were databases, the cloud and back-up systems, it was alarmingly frequent for both used and unused data to be held in hard to reach places with limited security protection.

For all used data, 29 per cent said it was held on laptop hard-drives, 22 per cent said email accounts and 21 per cent said filing cabinets.

For all dark data, 19 per cent said people’s desks and drawers, 17 per cent said written notes and 12 per cent said employees’ homes were all storage locations.

“Many organisations seem to be at risk of drowning in vast amounts of data that they are not aware of, and many are suffering from a wealth of data in which they don’t know what information it contains,” said Kevin Widdop, information security consultant at CRM.

Widdop pointed to the fact it is valid to hold unused data for compliance purposes such as the financial services industry keeping financial data for up to 25 years or forever in some cases, as per Financial conduct Authority regulations.

However, it becomes an issue when much of this data is held in unstructured formats and when sensitive data isn’t adequately protected, potentially landing the business with a fine or negative public image if the data is breached.

“In some ways it’s even worse that organisations are unaware of what data lies in these unstructured sources, limiting their opportunity,” he added. “As data indexing and management tools develop, organisations have increasing options to help them keep both their unstructured and dark data secure but accessible. They can then ensure that risks around security and compliance are kept at a minimum. Dark data will become visible and easily accessible.”