Security Experts:

Information Costs Organization $1.1 Trillion Annually, Study

According to a study from Symantec, information is a pricy asset within an organization, costing businesses $1.1 trillion annually. Yet, the same organizations paying such a high cost to manage their data often have problems protecting it.

Data, in all its various types and sensitivity, no matter where it lives - data centers, desktop PCs, laptops, smartphones, tablets, backup systems or archives - represents half of an organization’s value, the study from Symantec explained. The typical SMB has about 563TB of it, while an enterprise may have 90 petabytes or more.  

Data stores will only continue to grow, the study adds, by 67 percent over the next year for enterprises and by 178 percent for SMBs. Moreover, managing all this information will cost a typical SMB $332,000, while enterprises spend an average of $38 million.

Worldwide (taken from a sample of 4,506 organizations in 38 countries) businesses are spending $309 billion on storage, $295 billion on compliance, $117 billion on access, and $324 billion on security annually.

As mentioned however, protecting all of this data, 42% of which is duplicated data on its own, remains a challenge for organizations. In fact, 70% of those who took part in the study reported that confidential or important business information was lost in the last year.

The massive amounts of information also led to compliance failure for 31% of them. When asked to explain the problems, 30% of the respondents blamed information sprawl, while others cited human error, hardware failure, software failure and lost or stolen mobile devices.

Granted, Symantec has a horse in the data management race, from both the storage and security side of things. However, skipping over the marketing and thinly-layered sales pitch, the report offers some solid takeaways.

From the report:

Not all information is equal: Organizations need to gain a complete understanding of their information. The survey showed that many organizations lack even basic knowledge such as who owns specific infor¬mation, how important the data is or even whether it is personal or business in nature.

Consistency is key: It is important to set consistent policies for information that can be enforced without fail wherever it’s located… in physical, virtual and cloud environments.

Protection Measures are Falling Short - In the last year, 69 percent of businesses experienced some form of information loss for a variety of reasons, such as human error, hardware failure, security breach, or lost and stolen devices. Symantec advises that organizations focus protection on the information, not the device or data center.

Stay agile: Finally, stay agile and plan for future information needs.

“The vast amount of information that organizations produce today can help them better serve their customers and increase productivity. However, the same information can also become a major liability if it is not properly protected. Companies that effectively use their information will have a major competitive advantage over those who cannot, and in some cases it can be the difference between success and failure,” said Francis deSouza, group president, Enterprise Products and Services, Symantec Corp. “With its increasing value and rising cost, successful companies will find ways to more effectively protect their information and unleash the productivity it can bring.”

The full report is available here

view counter
Steve Ragan is a security reporter and contributor for SecurityWeek. Prior to joining the journalism world in 2005, he spent 15 years as a freelance IT contractor focused on endpoint security and security training.