Addressing the Need for Strong Data Governance

• The need for strong data governance has become a focal point for many organizations in recent years
• The coronavirus pandemic and resulting move to a work-from-home model has forced IT executives to reimagine data governance plans, according to a recent report
• A majority of IT executives said employees are not doing enough to safeguard sensitive data
• Organizations are taking steps to enhance content management and data governance

The need for effective data governance at organizations has intensified over the past few years, especially with the big shift to cloud services and the emergence of data privacy laws such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

But the coronavirus pandemic and resulting move to a work-from-home model has forced IT executives to reimagine data governance plans in the context of remote-first and remote-only working conditions, according to a recent report by Wakefield Research commissioned by content collaboration platform provider Egnyte.

The report, based on an online survey of 400 C-level technology executives in the U.S. conducted in July and August 2020, reveals new and emerging security threats associated with the remote work paradigm and shows just how much organizations have had to adapt their data governance plans.

Indeed, three quarters of the IT executives said they have implemented at least three new data governance protocols since the pandemic began. And of particular concern is that 71% said employees are not doing enough to safeguard sensitive data. Only 29% of the IT executives gave their employees an “A” grade for following policies and procedures to keep files and documents secure.

The report highlights the challenges associated with managing the data type most greatly affected by remote working scenarios: unstructured data.

This is data that either doesn’t have a pre-defined data model or isn’t organized in a pre-defined manner. Examples include word processing and spreadsheet documents, e-mail messages, photos, video and audio files, presentations, Web pages, and other kinds of business documents.

Clearly there are security risks when much of the workforce is operating away from the corporate office. Nearly 30% of employees are accessing corporate files through unsecured Wi-Fi networks and on personal devices with no password requirements, the report said. On average, 47% of these files contain sensitive information.

One of the key aspects of data governance is managing content, and this is an area in which organizations are struggling. A large majority of the IT executives (97%) said content management is rife with problems. Three quarters of them are concerned about the effects of content sprawl, and 38% are very concerned about it.

Executives at larger enterprises are more likely to be concerned about digital file sprawl than those at companies with fewer employees. The reason for this is that far-flung employees using a variety of devices make the basics of file management much more difficult.

Nearly half of the IT executives said employees have access to files they shouldn’t be able to access, while 40% don’t have access to the files they should. Among the common digital file management issues are that some files are on unsecured devices or on local devices and not backed up, and some files are lost and unrecoverable.

Many of the executives expect data sprawl to continue or get worse in the coming months. In many cases, the tools companies deploy to handle large data loads and adapt to their changing needs are now driving increased sprawl, the report said. About half said using multiple file-sharing applications is a main driver of digital sprawl.

The costs of content sprawl to organizations, including the loss of personal information, regulated data, and intellectual property, can have devastating consequences, the report said. As content continues to grow out of control, the sensitive data it contains will become increasingly vulnerable to leaks, breaches, and compliance fines.

IT departments are taking steps or implementing certain protocols to protect sensitive data during increased remote work. These include keeping security tools such as anti-virus software and firewalls up to date; avoiding public Wi-Fi; using a virtual private network (VPN); having password requirements on home Wi-Fi; using automatic cloud backup; using encryption services for sensitive data; using two-factor authentication; having password requirements on personal devices; keeping work data on work devices only; and not leaving personal devices unattended.

And many executives are working to combat data/content sprawl and improve digital file management. This includes deploying data lifecycle management, virtual assistants and data automation, permissions monitoring, and automated content classification.

More than half of the organizations surveyed plan to invest in artificial intelligence and machine learning to automate content management and data security.