Taming the Data ROT Beast

Data within organizations tends to literally multiply through duplicates, duplicates of duplicates, etc.  This is a problem often referred to as redundant data.  Data also can no longer be valid.  Version control, where multiple variations of documents exist, quickly becomes an issue. In other cases, data may have been time bound and expired in some way.  Some data may remain untouched for years without any modification—in lots of cases, that untouched data becomes obsolete data. However, obsolete data can still be important when it contains sensitive information. The last area is data that is just not important to the business and is called trivial data

When managed properly, data often serves as a tremendous resource that brings real top-line and bottom-line value to organizations.  Like oil, however, data needs to be refined and processed to unlock its full value.  But what happens when data flows unmanaged—in and out of devices throughout an organization? Things get chaotic and data can go from being an asset to a liability. That’s where data ROT (redundant, outdated, and trivial) can quickly become a massive problem if it goes unmanaged.

Here’s what eWEEK Editors had to say in The Dangers of Obsolete and Redundant Data:

When organizations treat data like oil, the natural instinct is to treat all data similarly – assigning it equal value.  That is akin to what hoarders do – not wanting to throw away anything, thinking that everything has equal value or at least some value.  They end up buried in tons of stuff, often what others would call outright garbage.  They need an intervention and often professional help to get control of their lives.  In many cases, ROT data has a similar effect on an organization.  It builds with the assumption that all data is valuable and the more the better.  In the end the opposite is true.

“The more unaccounted-for data a company has, the higher the risk of falling victim to a cyberattack.”

Businesses believe that retaining all their data will help mitigate potential risks, but the opposite is true. 

 What steps can your organization take to deal with data ROT?  Start by asking yourself these three questions:

Most modern organizations with lots of unstructured data will likely develop a ROT data problem.  And these problems are compounded when ROT data contains sensitive data like Personal Identifiable Information, Protected Health Information (PHI), financial information (i.e. credit card numbers, bank account info), intellectual property, login credentials and more.  For many companies with rampant data ROT problems, an organization’s data surface increases exposure to all kinds of bad things like potential data exfiltration risks, hacker activity, all types of data breaches, the risk of non-compliance with privacy regulations and more. 

In 2022 Forcepoint introduced Forcepoint Data Visibility (FDV) to customers.  It allows organizations to run rapid scans of all unstructured data (main area where most ROT exists) quickly, and on demand. 

  1. How big is your ROT issue at your organization today?  Many organizations aren’t even aware of ROT data.  It’s there – how big has it become for your organization?
  2. What steps are you able to take to effectively and accurately deal with ROT?  Dealing with ROT requires a multi-pronged approach and a commitment to taming the problem. Organizations must be deliberate in putting together a complete practice to eliminate ROT data.
  3. How can you keep tabs on ROT on a regular basis to ultimately manage ROT?  What tools do you have in place today that can help you get a sense of the scope of the problem? Do you currently have any tools that can help with ongoing monitoring?

How Forcepoint Helps Tame ROT

To take a deeper look into the steps to deal with ROT, check out this video:

While many of our competitors charge for each individual scan of a company’s overall data, Forcepoint Data Visibility works differently. It allows for unlimited scans with no additional charges.  This allows you to see your ROT today, tomorrow, next week, weekly, monthly – whatever cadence meets your needs so you can see your exposure to ROT today, monitor ROT improvement as you put practices in place to remediate and measure progress and then continue to monitor to maintain the lowest levels of ROT.

This post was first first published on Forcepoint website by Kevin Oliveira. You can view it by clicking here