We always talk about the importance of protecting data — but just how much data is there in the world? And what can you do to keep your sensitive data away from prying eyes? Let’s explore the answers to both of these questions…
Data is the lifeblood of your organization. It’s what allows you to make informed business decisions, improve the quality of your products, provide better services to your customers, and make your organization more secure. Your most sensitive data — customer information, intellectual property, and trade secrets — is invaluable, and cybercriminals know it. This is why getting access to your data is often the primary objective for threat actors targeting your business.
But how much data does your business have? Moreover, how much data is in the world as a whole? And how secure is all of this wealth of information? And what steps can you take to make your organization’s data more secure?
That’s a lot of big questions with a lot of variables. But as we always love to say around here…
Let’s hash it out.
Just How Much Are We Talking About? A Look at How Much Data Is in the World
If you’re wondering how much digital data is in the world — well, the answer depends on the source you look at and what factors they include in their calculations. PwC estimated that the digital universe was anticipated to reach 44 zettabytes of data by 2020. Of course, this data was originally reported back in 2018, and their report was based on an IDC data projection that dated back to 2012!
Considering we’re now in 2022 and the daily data creation growth rate, that number is basically old news. However, it provides some idea of context when it comes to the massive amount of data that exists within our digital universe. Now, let’s consider some more recent data.
In March 2021, IDC reported that more than 64 zettabytes of data were “created or replicated” in 2020 alone. Their latest DataSphere forecasts a 23% compound annual growth rate (CAGR) in data creation and replication between 2000-2025.
Okay, throwing these numbers around is all fine and well — but what does all of this really mean in terms of how much data is in the world? If you’re not a mathematician, it’s likely that a “zettabyte” means nothing to you. (It’s basically gibberish to me as well!) So, before we go any further in talking about data statistics, let’s quickly explore what a zettabyte actually means by giving this term a little context.
A Break Down of Data-Related Calculations
The World Economic Forum (WEF) provides a valuable table to put a “zettabyte” and other incomprehensible numbers into context.
|What This Translates to (Bytes)
|0 or 1
|A binary digital that is 1/8 of a byte
For those of my fellow readers who aren’t particularly math- or numbers-inclined, let’s simplify it a bit more: every time you move up to the next data size level, you tack on three more 0s. So, a kilobyte (1,000 bytes) becomes a megabyte (1,000,000 bytes), and a megabyte becomes a gigabyte (1,000,000,000 bytes). With this in mind, that means that 64 zettabytes (i.e., 64,000,000,000,000,000,000 bytes) of data were either created or replicated in 2020 alone.
Okay, all of this is great to know… but what does it all really mean? Let’s put it into some context.
Netflix says that it takes about 3 GB of data to watch one hour of high-definition streaming video on your device. With this in mind, it means that Netflix requires about 72 GB of data to stream high-definition video content per day. So, that’s 26,280 gigabytes of data per year. Putting it another way, that’s:
- 210,240,000,000,000 bits of data per year,
- 26,280,000,000,000 bytes of data per year, or
- 26.28 terabytes of data per year.
This means that it takes 26.28 terabytes of data to stream HD Netflix shows or movies 24/7 on your device — and we’re still nowhere near even one zettabyte.
64 ZB of Data Would Span from Earth to the Sun 6+ Times
Say, you were to record 1 ZB of data to CDs and store each of those discs in a standard case to protect it. If I’ve done my math correctly (fingers crossed), this means it would take 1,428,571,428,571 CDs, stacked in their cases, to hold 1 zettabyte of information. Now, consider that it takes approximately 30 CD cases, when laying flat, to equal one foot in height. This means your massive stack of encased discs would stand approximately 47,619,047,619 feet tall (9,018,759 miles)!
Feeling lost? Let’s make this a little easier by using a well-known New York City landmark for reference. The Empire State Building, the sixth tallest building in the United States, stands 1,454 feet tall (including the spire and antenna). This means the building stands the equal height of 43,620 stacked CD cases. This means that 1 zettabyte of data saved on stacked discs would be as tall as 32,750,377 Empire State Buildings standing on top of one another!
As another example, consider that the sun is roughly 93 million miles from Earth. (or, 92,900,000 miles if you’d like to be more specific). If you were to put 93 million miles in terms of stacking CDs inside their cases, that means this life-giving red giant is approximately 16,368,000,000 stacked discs away from our planet.
Now, consider that we’ve been calculating these numbers based on 1 ZB of data. If you calculate this for 64 ZB of data, it’s the equivalent of 577,200,576 miles of stacked disc cases. So, if you’re stacking CD cases with discs full of data, that stack would span the distance from Earth to the sun more than six times!
Examples of the Types of Data You Need to Secure
Categories of data expand far beyond any list we’d have time to put together. Basically, if you have data, it needs to be secure and have backups available for when something goes wrong. But what are some examples of the types of data that organizations need to keep secure? Let’s take a quick gander:
- Customers’ and employees personally identifiable information
- Intellectual property, research and schematics
- Industry research and trade secrets
- Sales and other financial information
- Cryptographic keys and certificates
- Passwords or other credentials
- Website content backups (text, graphics, images)
- Support information and documentation
- Internal procedures and policies
- Other internal resources
- Other data backups
… That’s a lot of data. Now that we know what kinds of data you need to protect, it’s time to see how companies store this wealth of information.
How Businesses and Other Organizations Store Data
Data storage methods range from one organization to the next. Your organization’s data storage needs will likely be different from those of other organizations in part because of the types of data you need to store. Here are a few of the ways you can store data:
- Individual end users’ devices (although everything saved on individual devices should be backed up and saved elsewhere)
- Flash drives
- Air gapped computer systems (offline computers or servers)
- Servers on your internal network
- Hardware security modules (HSMs)
- Cloud-hosted servers and databases
- File-sharing websites
- Backup tape drives
- On-prem or cloud backup servers
Some companies store all of their data onsite while others store everything in the cloud. There are some organizations that adopt hybrid cloud approaches — storing some data in the cloud and other data on prem — that fall somewhere in the middle and offers the best of both worlds. And, finally, there are larger enterprises that are adopting multi-cloud strategies, which means that they use two or more cloud vendors.
So, what methods do enterprises and other organizations use to store their data and support their workloads? Let’s explore the following survey-based predictions data from the Spiceworks report The 2022 State of IT:
- Organizations expect to run 50% of their workloads in the cloud by 2023.
- Budget allocations for cloud-based (hosted) services are poised to increase from 22% in 2020 to 26% in 2022.
- Hardware allocations for budgets are expected to decrease from 33% in 2020 to 30% in 2022.
You can see the shift in how organizations are breaking up their IT budgets:
Entrust’s 2021 Global Encryption Trends Study data shows that three in five (60%) of organizations “transfer sensitive or confidential data to the cloud whether or not it is encrypted.” Basically, this means they’re uploading plaintext data to servers that unauthorized individuals could potentially access without having some other data security mechanism such as tokenization or data masking in place to make that data unusable. Not a good idea, and certainly not an industry best practice!
Regardless of which approach your organization takes, the big takeaway here is that you need to store this data as securely as possible. This can be done in several ways, depending on the platform or data storage method in question. And no matter which method you choose, just make sure that you have multiple current backups of your data!
Why You Need to Secure Your Data
Asking why you need to secure your data is like asking why you breathe: it’s a necessity for life — in this case, the life of your organization. Taking steps to encrypt your data is necessary for operating a business or organization. After all, if you don’t protect your customers’ and organization’s most sensitive assets, you likely won’t remain in business very long. Or, at the very least, you’ll suffer major financial setbacks and reputational harm.
Cyber security and data security best practices exist for a reason — use them to your advantage and keep your valuable data safe and secure. Of course, there are plenty of reasons why you need (and should want) to keep your data secure. Here are a few quick ones:
Cybercrime Is on the Rise — and Sensitive Data Is Often the Primary Target
Data from Sonicwall shows that ransomware increased substantially in Q3 2021. Many modern ransomware attacks are double-edged swords: attackers not only prevent you from accessing your data, but they also may choose to steal your data so they can use it, publish it online or sell it to other bad guys. And they frequently do this regardless of whether you agree to pay the demanded ransom.
You Need to Keep Your Data from Falling Into the Wrong Hands
By and large, bad guys want easy targets; they’re looking for the low-hanging fruit that offers a potentially big payday for the least amount of effort. Why work harder when they can work smarter, right? While it may be a challenge to be the most secure company in your industry, you should at least be more secure than your competitors.
You Want to Protect Your Brand’s Reputation
Spoiler alert: customers want to do business with companies and organizations that they have confidence in. Your customers are going to have a hard time trusting you if you can’t be bothered to protect their sensitive data and information.
2021 research from Okta and YouGov shows that 47% of customers will completely cut ties with companies that experience data breaches or reportedly misuse data. Furthermore, their survey respondents also indicate the following:
- 37% will delete their accounts with those companies, and
- 37% will delete the affected companies’ apps from their devices.
Needless to say, having ineffective security measures can result in losses of customer relationships, sales, profits, and future business opportunities.
Your Organization Needs to be Compliant with Industry and Regional Regulations
Ever heard of the General Data Protection Regulation (GDPR)? How about the Payment Card Industry Data Security Standards (PCI DSS)? HIPAA? CCPA? The list of regulations goes on and on. These are all powerful data security regulations that require the secure storage and transmission of data. If you’re not compliant with them, you’ll quickly find yourself in the hot seat and facing substantial fines. Amazon learned that the hard way when they got hit with a $887 million fine for GDPR violations.
Still struggling with coming to terms with having to invest the time, money, and other resources to securing data? Ask yourself the following rhetorical question: Why bother generating or collecting valuable information if you’re just going to hand it over to your competitors, cybercriminals, or other unauthorized users without a fight?
How to Securely Share and Store Your Data
When it comes to data security in the internet age, a central part of the conversation revolves around encryption and the framework of technologies, processes, and procedures that support it. Public key infrastructure, or PKI, is what makes secure data transmissions and communications possible on public networks.
We won’t get into everything PKI entails in a technical sense here; that’ll take way too much time and take us off the topic at hand. However, you can put public key infrastructure to work to help keep your data secure both while it’s at rest and in transit.
Here’s a quick overview of some ways that you can make your IT infrastructure and data more secure:
- Secure your network with firewalls and antivirus tools
- Monitor your network and respond to any threats via intrusion detections and prevention systems
- Use identity and access management tools and procedures to restrict access
- Install an SSL/TLS certificate (i.e., website security certificate) on your website’s server
- Using strong, unique passwords to secure all cloud databases
- Use certificate-based passwordless authentication methods (instead of traditional passwords) to secure access
- Implement other strong password security measures
- Store your cryptographic keys in an HSM or key escrow
- Store your internet root CA certificates in an offline server (for private CAs, or internal certificate authorities)
- Store other critically sensitive data offline via air gapped systems or devices
- Keep multiple current, secure backups of your data
Of course, there’s another critical element to keeping data secure: you need to know where every bit of data is located and who (or what) has access to it. This entails performing regular audits and maintaining a current inventory of assets. You can’t protect what you don’t know you have.
Final Thoughts on How Much Data Is in the World & Why You Must Protect It
Securing your data is both an industry best practice and a regulatory requirement. And from a customer’s perspective, keeping their data secure is a requirement if you want to keep their business. If they don’t believe their data is secure with you, then research shows they’re likely to voice their dissatisfaction with their wallets by business with your competitors.
To stay compliant with industry regulations, protect your brand’s sterling reputation, and maintain customer relationships, it’s vital to view data security as a primary focus. Now that you have some idea of how much data there is in the world and why it’s so important, it’s easy to see why you must do everything possible to keep it secure.