Data Gone Wild: Rampant Growth and Clouds Heighten Risk

(Valery Brozhinsky/Shutterstock)

Data may be the new oil, serving as the digital feedstock for innumerable downstream products. But like oil, data also carries risks for those attempting to harness it. Could a Deepwater Horizon-style event be lurking in your digital future?

According to a new survey of midsize businesses by from StorageCraft, nearly nine out of 10 IT professionals think that data volumes will grow by 10x over the next five years. That’s a tremendous rate of growth, and one that mostly jibes with the numbers collected by IDC and other analyst firms.

What does this growth mean for companies? More than half of the survey respondents said they were “realistically concerned” about the impact of “extreme data growth.” They accepted that it carries risk for the organization that will need to be managed. Compare that with the 3% who reported being “scared” for the impact of data growth.

On the bright side, StorageCraft reported that 26% of survey-takers said they were “cautious” about the coming data surge, with mostly minor impacts expected, while 20% reported feeling “calm.” Only about 1% said they were not concerned at all, and were fully prepared for the data surge.

The biggest impact of extreme data growth is expected to be cost, which was cited by 64% of respondents to the survey. Nearly half reported potential difficulties in recovering fast enough after a data outage, while about 40% cited security risks. Another 40% feared that data growth would suck resources from other projects, and nearly 30% were afraid strategic projects might fail.

(Inspiring/Shutterstock)

We’re quickly approaching an inflection point where organizations will not be able to keep up with the volume and complexity of data management in the big data age, according to Shridar Subramanian, vice president product and marketing at StorageCraft:

“The fact that a quarter of companies participating in the research are unable to recover from an outage for days or even weeks highlights how widespread this issue is,” he says. “Businesses of all sizes and industries strive to flourish in increasingly data-driven economies. To succeed, their IT infrastructures require an economically viable and contemporary scale-out data protection system.”

Companies are beginning to realize what kind of reputational and financial risks come with storing large amounts of data, particularly on cloud. A new report issued this week by McAfee, called “Cloud-Native: The Infrastructure as a Service (IaaS) Adoption and Risk Report,”  highlights some of the risks that companies may not be aware of.

The data in the report is not comforting. McAfee’s survey of about 1,000 organizations found that about 99% of misconfigurations in the cloud go unnoticed by the organizations using IaaS. What’s more, the company found that the average organization suffered through about 3,500 misconfiguration incidents per month, but was only aware of an average of 37.

“In most cases, the Cloud-Native Breach (CNB) is an opportunistic attack on data left open by errors in how the cloud environment was configured,” McAfee says in the report. “Adversaries can exploit misconfigurations to escalate their privileges and access data using native functions of the cloud, instead of malware.”

As big data flows into the cloud, the opportunities for misadventure are ripe. In their race to leverage big data for a competitive advantage, organizations frequently bypass their own IT departments and set up shop in the cloud. The result is misconfiguration of servers and data stores, and a lack of attention paid to authentication and access control.

Organizations are unaware of the large magnitude of the misconfigurations in their cloud accounts, according to McAfee

McAfee labeled IaaS “the new shadow IT.” the security firm said that 76% of survey respondents said they used multiple IaaS providers. However, McAfee’s own research shows the figure is actually closer to 92%, which is up 18% over the past year. “Security incidents are almost guaranteed to go under the radar if companies don’t even know where all of their infrastructure lives.”

Cloudera, which is in the midst of transitioning its business focus from providing on-prem Hadoop software to become an “enterprise data cloud” company, discussed this phenomenon this week at Cloudera Analyst Conference, which was held in conjunction with the Strata Data Conference.

Mick Hollison, Cloudera’s CSO and CMO, said the rise of complex cloud-based shadow IT deployments reminds him from the early days of the mobile phone revolution, when companies would struggle with the “bring your own computer” phenomenon.

“Much like BYOC, you’re not going to be able to shut shadow IT down,” Hollison said. “You can’t stop it. It’s already got a life of its own. So, much like BYOC, the great enterprise IT operations are going to get out in front of it and figure out how to solve this.”

Related Items:

Not All Data is Created Equal: Why Companies Need a Data Governance Strategy to Succeed

Capital One Hack Highlights Poor Data Security Practices

Banks Consider the Rewards and Risks of Big Data