Over the last few years, big data technology has been reaching into every segment of every industry imaginable. The reason is obvious: data-driven insights produce better business outcomes and greater efficiency in operations. The big data revolution, as its name implies, is also causing the amount of data being produced worldwide each day to skyrocket – to 2.5 quintillion bytes per day and counting – and there's no sign of it slowing down.
For global mega-corporations, managing all of that data is a major undertaking. They, however, have the budgets to devote to warehousing, securing, and protecting the data they collect (although their results have been less than great so far). For small businesses, however, big data can add up to big problems when something goes wrong.
In the Crosshairs
As big data has started to penetrate the SME market, the risks those businesses face have started to mount. At last count, small businesses suffered 58% of all data breaches and were far more likely to go under in the aftermath of one. On top of that, 2018 saw the EU's GDPR go into effect, seemingly to the surprise of a big chunk of the SME sector. Now, with 2019 right around the corner, it's more important than ever for small businesses to reevaluate how they're protecting the data they collect, and what contingency plans they have in place to deal with a breach, should one occur. Here's what they should focus on.
Practicing Data Minimization
The best way to protect data is not to have it at all. In the big data era, that may sound counterintuitive, but it's just as true today as ever before. First and foremost, businesses that are subject to the GDPR should already be making data minimization a part of their standard operating procedures, but those that aren't should consider it anyway. To do so, it's necessary to develop criteria that help determine what kinds of data must be kept. In general, data that's valuable to a business should be specific, timely, and accurate. That means limiting data collection to verifiable sources that don't require excessive data validation procedures to become useful. In short, if the business holds data with no clear use case or that has demonstrated no real-world value, it should be disposed of immediately.
Controlling Access to Data
The biggest challenge that SMEs face in protecting the data they collect is controlling access to it. That's often because they don't have a technology infrastructure that allows for centralizing data storage so that it may be catalogued and safeguarded. Today, cloud storage and local NAS devices make data centralization and control both cost effective and easy. Cloud storage providers also provide SMEs with access to more advanced access controls and security systems than they're likely to have with on-premises equipment, and in some cases, assume some of the legal responsibility of protecting the data they house.
Keeping Compliant Backups
If there's one thing that SMEs have always struggled with, it's maintaining adequate backups for their data. Ironically, the percent of small businesses that have no backups in place mirrors the total that suffer data breaches – 58%. Even those that do aren't always keeping their backups current, and many don't conduct periodic testing to make sure their disaster recovery plans will work when called upon. Straightening out backup solutions and testing them regularly should be a key component of any SMEs data protection plan because it offers an option of last resort when hit with things like ransomware or sudden hardware failures. Don't get me wrong, data recovery tools will always have their uses, but there's no substitute for a complete and ready backup solution.
An End-to-End Process
It should be obvious from the practices mentioned here that SMEs must create data management policies and practices that cover all phases of the data lifecycle – from collection, to storage, to recovery – if they want to minimize risk. Failure at any of those points means facing the prospect of a data breach that could destroy the business. The good news is that there are plenty of options that SMEs can use every step of the way, to ensure that their data remains safe and secure while also being useful and profitable. They just have to make it a priority and get to work before they can become another sad statistic.