This interview is an excerpt from GovLoop’s recent research guide, The Current State of Government’s Cybersecurity.
A flood of unstructured data is entering government, with no signs of slowing. This has serious implications on security as unstructured data gives less visibility to agencies, making them more vulnerable to cyberattacks. Additionally, agencies are struggling to gain control of runaway storage costs while security and compliance risks are increasing.
That’s why government needs improved information governance strategies. In an interview with GovLoop, Stephen Watts, Federal Strategist for Information Governance at Veritas, defined information governance and shared its importance to government’s data management practices. Veritas is a market leader in information management solutions and focuses on data management solutions for organizations in both the public and private sector.
The Data Deluge
Watts highlighted the problems facing government with the growing flood of unstructured data or “data deluge.” “There’s simply too much data, storage management costs are expensive, and there are users carrying around access to data they don’t need,“ he said. “If we keep everything forever, storage costs grow, storage infrastructure grows, and management of this data is a problem.”
He added: “Deleting data is what most people should be doing. The problem is a lot of people choose not to.” This makes it harder for agencies to keep track of who’s using their data and for what purposes. Long-term employees who still have permissions to files systems from previous assignments, for example, may be insider threats looking to expose important information. Agencies need to go even further by not only monitoring users’ permissions but also monitoring their activities.
“Looking at data is one thing,” Watts said. “But it’s also important to look at the user’s interactions with that data and see if any red flags emerge, such as someone who opens 50 files during the day compared to 6,000 files at night.”
Additionally, all of this data makes agencies vulnerable and leads to high costs for storage space. “Gartner found that 69 percent of customers’ data is redundant, outdated, and trivial,” Watts said. That’s where an effective information governance strategy comes in.
Why Government Needs Information Governance
Information governance allows agencies to manage and understand their data’s age, location, and ownership. “The more you know about your data, the better decisions you can make to reduce your actual risk,” Watts said.
Information governance is a strategy that focuses on people, processes, and technology to effectively identify and protect an agency’s most critical information, while simultaneously deleting information that contains no value.
Tools like VERITAS Data Insight allow agencies to determine what their data is, where it is located, and who is working with it. Then once agencies have an understanding of their data, they can take action against it.
Veritas Enterprise Vault help agencies automate and manage their data by defining policies that can automatically archive email, files, SharePoint and other critical information sources, index it to make is searchable and store to locations on-premise or in the cloud.
Enterprise Vault.cloud can address email retention and management to help save on storage costs by requiring no on-site infrastructure and including unlimited storage for a predictable monthly fee.
Tools like Veritas’ eDiscovery Platform can be helpful with government’s compliance needs and responding quickly to legal matters and regulatory requests. Once policies are established, an agency can use this platform to automatically identify and classify data based on such policies.
California Department of Corrections and Rehabilitation
California’s Department of Corrections and Rehabilitation (CDCR) was able to take advantage of compliance and data management benefits that come with information governance.
CDCR is the largest state-run prison system in the country and manages a population of more than 118,000 inmates and juvenile offenders as well as over 46,000 parolees. It also operates 34 prisons, 3 juvenile facilities, and 50 parole officers as well as over 29,000 peace officers.
The department faces many legal challenges requiring IT and legal affairs staff to sort through mountains of documents stored away in order to produce requested documents quickly and accurately. So the Department deployed Veritas Enterprise Vault and eDiscovery Platform to take their data from sitting in archives to providing it on-demand for legal purposes.
With these new solutions, CDCR was able to:
- Reduce time and cost in reviewing requested information;
- Help legal staff produce and manage data without IT assistance;
- Save costs with cloud storage archiving; and
- Deliver faster performance, boosting productivity.
CDCR is a great example of a government entity that conquered its data deluge through information governance. While it may sound daunting to start defining data policies and manage data, Watts emphasized that agencies should not be intimidated. “The best place to start is by being informed,” he said.
To learn more about the current state of government cybersecurity, be sure to check out our latest guide by clicking here.