Should Dark Data be brought to light?

Dark data has become a topic of interest for many companies over the last few years.  So, is the term as scary as it sounds?  What is dark data?  Gartner defines dark data as “the information assets organizations collect, process and store during regular business activities, but generally fail to use for other purposes (for example, analytics, business relationships and direct monetizing). Similar to dark matter in physics, dark data often comprises most organizations’ universe of information assets. Thus, organizations often retain dark data for compliance purposes only. Storing and securing data typically incurs more expense (and sometimes greater risk) than value.”

Dark data is unstructured, unmanaged data that has not been analyzed or processed.  Although not pertinent data, it is typically kept around just in case the organization needs it in the future.  Dark data consists of server log files, emails, text documents, multimedia files, presentations, spreadsheets, etc. and makes up a majority of the data that employees create.  It is often complex to analyze due to its storage locations and can be costly to locate and search.  Some of the data may no longer be searchable if the storage device has become obsolete.

Storing this unstructured data in its unknown nature can pose serious risks to an organization.   Here’s a look at some of the risks involved with storing dark data:

  • Legal risk -this data may contain sensitive information such as account information, credit card data, patient records, etc.
  • Organizational risk -this data may be confidential and/or proprietary information regarding a business’s operations or processes
  • Data breach -if this confidential information is released in an untrusted environment it could ruin a company’s reputation

Due to the potential hazards of storing dark data, it is definitely worth looking into how you can better organize and manage this information.  What can be done to minimize the risks of dark data?  You will never rid your organization completely of unstructured data but you can have a process in place to help protect this data from getting into the wrong hands. Processes include:

  • Manage digital assets that have a possible value or pose threats by storing them in encrypted form. Make sure strong encryption is in use for data that is being stored off premise or in the cloud
  • Setup a retention policy -organizations should establish a protocol for retaining information and disposing of it
  • Audit -periodically conduct security audits to evaluate risk

In the information age that we live in today, the amount of unstructured data is only going to increase.  Users typically keep adding to their file system until they run out of disk space.   Take control of your data by understanding where it resides and how it is being protected.  Ensure that sensitive information

Leave a Reply

Your email address will not be published. Required fields are marked *