Newest-Ransomware has polished professional look

Newest Ransomware has Polished, Professional Look

Criminals are raising the bar in the fight for your money.  It’s natural to expect that competition would follow success—and ransomware is succeeding.  Your data is the target and your pocketbook is the end goal.  As the landscape becomes more saturated, criminals are seeking ways to get a better return on their infections by making it easier to pay up.

One way extortionists are making it easier to pay is by using alternate currencies.  The process for purchasing bitcoins, the mainstream ransom currency, can be difficult for those who have never purchased them before.  Victims cannot just go to their bank and exchange dollars for bitcoins. That’s why some ransomware such as FLocker and TrueCrypter allow for payment with iTunes or Amazon gift cards.

Other ransomware distributors provide very clear instructions and online support.  Today’s ransomware is developed in multiple languages by professional translators so that the instructions for paying the ransom are easy to understand.  Some even come with a guide that explains how to obtain the desired currency. These cyber crooks utilize call center technology and live chat to walk victims through the process of purchasing bitcoins, paying the ransom, and decrypting their files.

Ransomware authors utilize graphic design professionals to create ransomware that has the feel of a professional application.  Sophisticated visuals and easily readable text can make paying a ransom feel more like renewing software.  Each new piece of malicious software is crafted in this way to make it more likely for you to pay rather than protect.

In some cases, organizations and individuals do choose to pay up. A one-time cost may seem the simpler route, but now you’ve opened the door to more attacks; you’re considered a paying customer. The best way to avoid being re-targeted is not to have to pay ransomware distributors in the first place.

No one ever put out a fire by feeding it.  Rather, we must starve the flames to see them extinguished.  Equip your company with the processes, people, and technology to fight the fire.  Protect yourself with a solid backup plan that can help you avoid paying cybercrooks. And you can help make ransomware a thing of the past.

Continue reading

Share Button
Geolocation tech targeted message vanderburg

Geolocation technology helps ransomware deliver targeted message

It might surprise you to know that ransomware uses geolocation technology to customize payloads and target individuals. You probably already know that geolocation is the approximate place where an Internet-connected device resides. Geolocation obtains an approximate location of a connection by referencing a machine’s IP address against various databases. As a reminder, here’s a good definition of IP address, which is the protocol by which data is sent from one computer to the other on the Internet.

Those databases are maintained by Internet Service Providers (ISP) and Traffic Detection Services (TDS), all of which utilize and maintain databases on the places where an IP address has been used. Geolocation data does not provide the actual address of an Internet-connected device, but it can get within 10 to 20 miles of a device’s lcoation.

This geolocation information is used by extortionists to direct ransomware to specific regions where they can believe they can get a big return. They might use geolocation to customize ransom messages for each target region, so you are fooled into thinking a fraudulent email or link actually leads to information you want or need regarding changes to your regional bank, or utility provider.

Also, ransomware distributors can target regions or countries with a higher average level of income such as those in the United States, Japan and Europe where users more capable of paying more than $500 to get the keys to decrypt their data. Recently I wrote about how ransomware distributors are using graphic designers and online chat tools to make it simpler and more likely that victims will pay — and geolocation is just another way that ransomware is becoming more sophisticated.

Geolocation customization

Ransomware uses geolocation to customize the language and content of the ransom message it displays to a user. Cybercriminals know that it will be much easier to get paid if their victims do not need to translate their messages first so they write ransom messages in the language used by the victim’s region. Some ransomware also check the language settings on the computer in addition to using geolocation information so that they utilize the correct language.

A variety of ransomware threats have included false claims from law enforcement agencies that users have conducted illegal activities such as downloading copyrighted movies, games, or music. Those that falsely claim to be from a law enforcement agency have the greatest chance for success when the law enforcement agency they claim to represent is one that has jurisdiction over their intended victim.  These ransoms lock the computer until fines are paid to the extortionists. Such schemes use geolocation to customize which law enforcement agency is used in the ransom message.

As you can see, geolocation is an essential part of ransomware. No matter where you live, though, the basic rules of data protection apply. Avoid phishing emails that lead you to bogus sites. Back up your data with a reliable provider. Take the time to check out and reminders or invitation to click on links, to upgrade applications or browsers, simply by hovering over the link to see the full name of the URL. Often times, you’ll find suspicious words in the URL you are being encouraged to use. Ransomware of any type feeds on fear, and the motivation to move fast to avoid danger. Instead take the time to look for any hints of trouble.

Continue reading

Share Button
Ransomware-Radar

Adding Ransomware to Security Radars

Ransomware is the quickest way to turn your valuable data into garbage.  Ransomware is a form of malicious software that blocks access to user data such as documents, spreadsheets, pictures, music, or videos, typically by encrypting those files.  At this point, the ransomware will display a demand for payment in order to send the victim the decryption keys to the data.

Businesses and consumers often do not know what they have until it is encrypted.  It is then that they realize their Christmas list, family photos, and personal financials are inaccessible.  It can be much worse for companies.  Imagine the impact when payroll data, product formulas, or inventory records are suddenly unavailable.  Now imagine a doctor who is unable to prescribe medicine or perform an operation because the prescription information or patient records they need are encrypted.  As you can see, the impact of ransomware can be severe.

Despite ransomware’s severe impact, its attack vectors are more mundane.  Ransomware is obtained through a variety of well-known routes including email, websites, online advertising, exploits on system vulnerabilities, and infected files on shared folders or cloud file sharing services.

Email

Emails, particularly phishing emails, frequently entice users to open attachments that contain ransomware or to click links leading to infected websites.  The techniques used here are the same ones used by scammers, hackers, and other malware distributors.  Protection techniques include screening attachments with antivirus tools and utilizing email gateway scanning and filtering tools.  It is also important to educate employees or family members on how to recognize suspicious emails.

Infected websites and online advertising

Ransomware is also distributed from infected websites and through online ads.  Extortionists seed websites with malicious code and then wait for unsuspecting Internet users to visit a compromised site and get infected with their ransomware.  The likelihood of infection from such sites can be greatly reduced by utilizing a web filter, scanning web sites for malware or by browsing the web in a virtual machine.

Extortionists also create ads on social media or in search engines that download the malware.  Ads might pretend to be a flash player update, help or chat ads, or fake antivirus.  These ads are collectively known as malvertising.  The best way to protect against ransomware distributed through malvertising is by using an ad blocker.  There are many extensions for common browsers or standalone applications that can perform this activity.

Shared folders or cloud file sharing

Ransomware can also be obtained when a computer is connected to a network share that has ransomware on it.  Many ransomware variants are capable of spreading to shares that a computer is connected through, typically through mapped drives.  Ransomware can also infect your machine if you are using a cloud file sharing service that synchronizes files between machines.  If a personal computer is infected and has the cloud file sharing software on it, it can replicate the malware to other computers that are part of the sharing relationship, infecting them all in the process.  Monitor file servers for mass file changes to detect ransomware behavior and scan files that are placed on network shares.  Similarly, equip each computer that utilizes cloud file sharing applications with antivirus software and segment business cloud file stores from personal ones.

System vulnerabilities

Vulnerabilities in operating systems, applications and browser plugins are well documented once they have been discovered.  Attackers create exploit kits to target these vulnerabilities and then other malicious actors utilize these exploit kits to deliver malware to your machine.  The most common exploits are those related to operating systems such as Windows, applications such as Adobe Acrobat, or browser plugins such as Java, Flash, or Silverlight.  The best way to protect against the exploitation of such vulnerabilities is to keep systems, applications, and plugins updated to the latest version.  Vendors frequently release new versions or patches to software that fix the vulnerabilities that have been discovered.  Applying these updates can prevent those vulnerabilities from being exploited.

Exceptions

There will always be exceptions in a security system.  No system will protect you one hundred percent of the time and that is why it is important to have contingency plans.  When ransomware gets past your defenses, and it will at some point, be sure you have up-to-date backups of critical files so that you can remove the malware and encrypted files and then restore clean versions of the files back to computers.  Backup solutions should be distinct from production systems.  For example, a hard drive connected to a computer or a network attached storage device are both accessible from an infected machine so they are likely to be infected too.  However, tape backups or online backup services are distinct from production storage and can be relied upon to restore clean copies of data if the restore points predate the infection date.

Continue reading

Share Button
storage-server-farm

Preparing Your Storage Environment for Tomorrow’s Opportunities

Businesses today can’t exist without data. They feed on it, breathe it, and those that understand how to most effectively harness it, achieve competitive advantage. Not only will those companies see returns today but tomorrow as well since they will be well-poised to seize future data storage opportunities and better leverage their data to make decisions and glean insight.

As you know, companies and consumers alike are producing data at a rate never seen before and this continues to increase. Those companies looking to the future know that they will need to support a data set vastly larger than the one they support today and at faster speeds. However, this is only part of the future storage landscape.

Setting

Looking towards the future in any industry can be difficult because so many things will change, but change is expected, often cumulative, consisting of a series of many small changes that overall shift the business and technology landscape forward. In this way, they are somewhat predictable even if we do not know the exact specifics of how those changes will take place.

It is true that organizations will have much more data in the future, but this huge amount of data will be spread among a variety of different providers including cloud services, local storage, peripheral devices, and datacenters. Employees will interface with their data not only via computers, browsers and apps, but through wearable technology and possibly augmented and virtual reality. Users will not be the only ones creating the data of the future. As sensors continue to decrease in cost, the Internet of Things (IoT) will become more prolific and see many new use cases.

In fact, IDC expects the “digital universe” of global data to double in size every two years between now and 2020, when it will reach 44 zettabytes.[1]

These changes will produce new storage opportunities for organizations.

Opportunities

The main opportunities for storage and IT will be in protecting data’s competitive advantage and achieving new insights and capabilities from integrating systems, while supporting larger data volumes and faster access to data.

Self-protecting data

Data today provides significant value to organizations. Without it, many companies would not be able to exist. The value of data will only increase and as that data is used in more and more places, securing it in the absence of traditional organizational security controls will be of prime importance because the secure data will allow companies to maintain their competitive advantage. Companies will do this by allowing data to be self-protecting. Data will need to be able to move freely but still enforce organizational security policies.

New insights and capabilities from system integration

Creation and consumption of data by users and things will take place on many devices, peripherals and connected things, managed by their own systems. Such systems will most likely be a diverse collection of companies and technologies. Those companies that can effectively integrate the data from these sources will be able to gain new intelligence and it will set the stage for data management opportunities.

One data management opportunity for future storage systems will be to reduce rework. Data created on one device can be shared with other devices, so that users do not need to recreate the data. This will be especially important for teams working on the same project. Organizations will be able to take this a step further and integrate data from different teams together, so components from one project or initiative are automatically correlated with others. This will increase agility and key business metrics such as time to market, closed sales or customer response time. Furthermore, the insights and uses of different systems will allow for users to utilize the data they create in multiple ways, enhancing data utility and maximizing the data’s organizational value.

Those companies skilled in data management will also be better equipped to protect data against loss. Data creation and change events can be tracked across systems so that they are effectively synchronized and archived.

Larger data volumes, faster speed

Companies and storage partners will need to effectively architect a solution that meets current and planned capacity and performance needs without introducing bottlenecks down the road. Disk has been our bottleneck for so many years that we are conditioned to focus on it, sometimes to the exclusion of other factors.

As flash storage approaches new heights in speed at lower price points, utilizing more open standards, bottlenecks will crop up in other parts of the storage network such as switches, Host Bus Adapters (HBAs), and virtual fabrics. Future ready solutions need to take this into consideration and allow for increased bandwidth, expandability and flexibility in the storage network and various interconnects such as WAN or cloud services.

Case in point – Wunderlich Securities Inc. implemented a flash-storage solution, and chief information officer Aaron Goodwin reports “We’ve got a lot of headroom for growth, plus more peace of mind.”

Future Ready Strategy

How effectively companies can utilize their current and future data will depend upon the ability of companies and their storage solutions to tag and categorize data, evaluate and integrate data platforms, build system organizational intelligence and empower end users.

Define policies for tagging and categorizing data now

Most data now are like a patient in the ICU without ID. Doctors don’t know who the person is, including their medical history which limits treatment options. Tagged data, like the patent with ID, has a history and it can tell that history to the applications that work with it. Some patients refuse care and some data will refuse to be accessed while others may be accessed with some restrictions.

Establish methods for evaluating and integrating data platforms

Data that exists in silos can only benefit applications and users operating within those platforms. Future ready companies will need to allow for secure integration between these diverse platforms. However, they will need to ensure that data leaving is protected and that incoming data is screened. The organizational data silos of today are like fresh water cisterns. Those can be combined together into a much larger collection, but introduce saltwater and the entire repository is unusable. Similarly, garbage data in a system will result in poor decision making, and new data created based on this data will be similarly flawed. This is particularly important for companies employing machine learning and artificial intelligence based business intelligence systems.

Build organizational intelligence and awareness into systems

From a security perspective, future ready storage solutions act more like a parent at a playground rather than an executive secretary. Whereas the secretary keeps the executive sealed off from the world, the parent lets their child experience the playground under the parent’s watchful eye. Those that believed the secretary would protect the executive’s schedule were proved wrong again and again as attackers pushed their way past the secretary or worked around her. The parent, while not infallible, is ever-ready to intervene. He or she is intelligent enough to make decisions in a changing environment with many simultaneous interactions and they can take appropriate action such as negotiating with other parents or communicating and coordinating with more powerful entities such as law enforcement when the need arises. Data, like that child, will need to interact with many systems under an intelligent, flexible guardian.

Empower end users

Lastly, users of tomorrow’s systems will need to be aware of how their creation and use of data impacts the organization. It is not enough to have effective data integration and security controls if users incorrectly categorize data, disclose it to unauthorized persons, or feel so restricted that they do not utilize the systems. Users must be empowered so that the technology and data allows them to work more effectively. Such users will embrace the technology and bring the most value to the organization. They will also find their careers more enjoyable when they do not need to compete with the technology. Technology should be a tool, not a restriction, a pencil rather than handcuffs. Are your storage systems ready for the future? It is coming faster than you think so prepare yourself for tomorrow’s opportunities.

Continue reading

Share Button
Data-Storage-Costs

Preserving Value in Future Ready Storage Solutions

Storage solutions make or break the systems they support and yet these same systems are routinely seen as a cost to be decreased, rather than a competency to be developed. A racer doesn’t remove his engine if he expects to compete. However, rational, well-intentioned businesses sacrifice storage capabilities in an attempt to improve the bottom line. Those who wish to be future ready must think differently. The fact is that storage supports the business and it will be even more important as we move forward into this data-driven economy.

Traditional cost factors and costly mistakes

Storage as a component of IT, is often seen as a cost of doing business. You can’t run a business without looking at costs, but costs are only part of the picture. Companies exist to provide some value and the costs they incur should be contributing to that value. Cutting cost without regard to their value erodes organizational effectiveness, ultimately leading to organizational demise. That said, storage is a cost, but it is more important to view it as a component of the organization’s core competency, and a large contributor to the value the organization offers to its customers.

IT decision makers are still looking for storage solutions that reduce rack space, lower power and cooling costs and meet IOPS (Input/Output Operations per Second) requirements at a low price point. That much hasn’t changed, but continued progress in these areas has primarily been the through the increasing use of flash storage. Flash uses less power and produces less heat and it now comes at an affordable price.

“Compared with other storage solutions in our data center, we have seen a 100 to 200 percent increase in data speeds with our all-flash Dell storage arrays,” says Xu Hui, chief information officer at Daqo Group.

It can also meet IOPS requirements with fewer disks or chips so I/O intensive apps can run off a smaller footprint. Flash capacity has also been changing  with technologies like 3D flash memory allowing for arrays to be flash only, and it comes in a variety of flavors such as SLC, MLC and TLC that offer different price to performance ratios.

For those choosing to retain their spinning disk systems, power and cooling costs cannot be ignored. These aging systems can be costly to maintain. Some organizations may need to keep their data in house due to regulatory or data sovereignty issues, so use cases vary. However, opportunities abound for moving archival functions to the cloud rather than keeping costly nearline storage systems running. Cache locally and hybrid solutions are giving organizations more ways to move active data to the cloud as well which is replacing traditional capital expenditures with operating expenditures.

Some companies do not need the IOPS that flash offers. They are more than happy with a few hundred or thousand IOPS, especially in network attached storage. Some businesses have difficulty adopting flash because of the initial cost, especially when they have an existing system in place that seems to do the job. However, configuration and utilization mistakes are far too common. RAID (redundant array of independent disks) groups are sometimes overprovisioned in order to meet IOPS requirements resulting in lower disk ROI. In other cases, the full cost of ownership of a storage system is not factored in because cost factors such as power and cooling are not assigned directly to the underlying resources, but are managed in their own bucket instead.

Long-term storage value

Each company exists for some purpose and employees work towards that purpose. Similarly, the technology an organization employs is also utilized to further organizational goals such as producing a product, organizing teams, communicating with employees and customers, and making sure that everyone is paid at the end of the day. When you look at organizational assets in terms of their value, it is easy to see which things should be enhanced and which should be removed. Systems that do not provide value should be cut or replaced and those that can bring more value should be enhanced.

Agility is a key factor in both the business of today and tomorrow. Organizations need storage systems that can be deployed quickly and easily to protect their data from loss, ensure its availability when needed, and respond quickly to application and end user requests. Fortunately, deploying storage systems can be much easier today, and some systems are preconfigured for certain use cases. Hyper-converged systems, for example, are already preloaded with software for a workload. These systems are practically ready to go when they are plugged in. This can be quite advantageous for those companies that know what they need. However, other companies need flexibility with platforms that can support a wide range of workloads which flash and hybrid tiered storage can provide.

I would be remiss if I did not mention security because security preserves data value. Organizations rely upon their data, and they receive significant competitive advantage from it. This competitive advantage is maintained when the security of their systems remains intact.

Lastly, users demand instant access to emails and files while databases are ever-hungry for more speed. Future ready storage solutions will see the most value when they can meet or exceed demand. This will allow organizations to make decisions quicker, create solutions for customers in less time and innovate faster than ever before. This is a bright future where technology is leveraged to allow people to do more than they thought possible. The future starts now. Is your storage ready for it?

Continue reading

Share Button
Human brain vs. computers in the identity challenge

The human brain vs. computers in the identity challenge

The concept of identity is core to the protection of data.  Data and other computing resources exist to be used by individuals, each of whom has an identity that is used to grant of deny access to such resources.  However, identity is not limited to humans.  Computer services also have an identity that allows them to interact with other services and data.

As humans, we understand identity as all the characteristics that are representative and unique of an individual and our method of validating identity comes naturally in the course of interaction.  We recognize and associate these characteristics with a unique person and our ability to associate characteristics with a person increases with our exposure to the individual.  Exposure does not need to be direct, such as spending time with them, but can be gained indirectly through activities such as reading or talking about them or seeing them on TV.  This is why some persons are more easily recognizable than others.  Consider how you recognize the touch of a loved one or the voice of your mother whereas a former acquaintance’s name may be unfamiliar to you, even when encountering them face to face.  Similarly, popular personalities such as actors or politicians are easily recognized by each of us even if we have never met them personally.  Similar methods are used to build trust.  You wouldn’t let a stranger borrow your car, but this might change as strangers become friends.

Computers, likewise, can use a variety of characteristics to validate a claimed identity but the methods of recognizing that identity differ from humans.   Users validate their identity to a computer by claiming an identity and then providing credentials to back up that claim in a process called authentication.  For example, a username claims an identity while the correct corresponding password validates it.

However, there are several important distinctions between the identification that occurs on a computer system and identification between persons.  Computers have an advantage over humans in that they do not forget user identities over time but their methods of identifying a person are much more limited.  Whereas a human can use hundreds of characteristics to make an identity and they can associate a different set of characteristics with different people, a computer system typically only supports a few very structured methods of identification.  The most familiar method of authenticating to a computer system is the traditional username and password, but other methods such as fingerprints, facial recognition, proximity cards and secret questions can also be used.

There are further distinctions between computers and humans in terms of trust.  Humans trust an individual based on their experience, knowledge and interactions with the individual, but computers trust an individual only as far as the user’s permissions dictate.  Permissions determine how an identity can interface with data including viewing, modifying, creating or deleting it.  Other permissions might allow a user to issue commands to a computer system, run a program, or utilize a service.

Mitigating computer-based identity weaknesses

Both human and computer identification systems suffer from inherent weaknesses.  A computer’s limited methods of identification and the structured method used to evaluate identity make it relatively straightforward for an individual to programmatically exploit these methods and fraudulently authenticate.  These characteristics are also an advantage since a computer will always stick to the rules and enforce the identity requirements for an individual when identity systems are implemented properly.  Computer weaknesses are commonly exploited through credential cracking, credential theft, and the exploitation of authentication system vulnerabilities.

The overly simplistic solution to the problem would be to combine the advantages of both systems together.  However, this does not work well in practice.  Multi-factor authentication — utilizing multiple methods for validating a claimed identity — is a well-accepted method for improving authentication over single-factor authentication, but this is often limited to a small handful of identifying characteristics.  This limitation primarily lies in resistance from users of computing systems who resent the time required to present multiple credentials or the need to carry items on their person in order to authenticate.  Some of the most effective systems utilize a combination of user provided credentials and data the computer system can collect on its own such as the location, device initiating the connection, and time and date, but still fall short of what can be utilized by a human in identification.  Furthermore, these credentials can still be faked or fraudulently obtained.

Human interaction typically detects a change in identity or behavior naturally in the course of interaction, but computers validate identity once and then trust the identity has not changed between a user’s logon to a system and their logoff, also known as a session.  This presents a problem for enterprise security since malware, shared sessions, or idle sessions that have not been locked, allow for misuse by others.  The computer system cannot differentiate between activities taken by a coworker on another user’s computer or malware running in a user’s session and legitimate activities performed by the user.  This risk is somewhat mitigated by automatically logging off idle sessions and by locking out computers at specific intervals, but this still leaves a lot of room for session compromise.

Some systems are beginning to revalidate credentials periodically to protect against a compromised session.  The most basic systems simply revalidate at predefined intervals while more advanced systems utilize a variety of variables and complex algorithms to evaluate the level of assurance they have in the identity.  For example, user interaction may be abnormal which could trigger reauthentication or the user could change location, or login in two locations simultaneously, also prompting reauthentication.

A variety of systems under the umbrella of Identity and Access Management (IAM) have been created to handle computer identity based on the scope and complexity of the need.

Mitigating human-based identity weaknesses

Humans are not as disciplined in validating identity and humans can become distracted.  A pretty smile or a few friendly words will not be enough to get past a computer, but they work just fine and quite often with humans.  Other techniques such as making oneself appear to be an authority figure, playing on emotions, or asking for help, exploit general human characteristics.  I refrain from calling them weaknesses because they are vital to positive social interaction but they can present a threat when exploited by a malicious individual such as a social engineer.

Human weaknesses are the targets of social engineering, cyber persuasion schemes that entice users to divulge their credentials or perform actions on the social engineer’s behalf.  This threat is reduced through security awareness training, documentation and enforcement of policies and procedures, and a culture of security.

The threats to identity compromise, both with computers and humans, have been the force behind many of the security controls in place today.  Humans and computers handle identity very differently but both access and interface with organizational data and both are potential targets for identity compromise when they are protected independently. However, when humans and computers are integrated into a human-centric security strategy, their strengths and weaknesses can reinforce one another.  When humans lack consistency, a computer assists and when computers have difficulty validating, humans add context and experience.  As a result of this increased understanding of human-computer strengths and weaknesses, the security controls that comprise a human-centric strategy are easier and more intuitive for users.  This results in fewer mistakes or security workarounds and it increases productivity by reducing security complexity.  Simply put, humans and computers combined are a winning combination.

Continue reading

Share Button
data-new-storage

Big Data ROI – How to use what you already have

We may not be using more of our brains but we can probably use more of our data. Did you know that organizations typically use only 1 percent of the data they collect? Why is this and how can we change it? Do organizations need more motivation, utility, expertise, tools, or just better data retention policies?

The problem of motivation

Motivation is the driving force behind activity but businesses, and the people who run them, are often juggling many priorities. Big data may just not be on the top of their list. It is easy to push analyzing organizational data because it seems easy to keep it around. After all, storage media continues to grow and is available at lower cost. However, there are additional costs, especially associated with the loss of data in a breach that organizations do not often factor in when considering the cost of storing data that may or may not be utilized in the future.

At the same time, some organizations struggle with motivation because they are always waiting to collect a bit more data before analyzing it. Statistical analysis is typically more reliable as data sets grow. However, machine learning can be used to fill in the some of the gaps once an analytical program has been sufficiently trained. Still, no matter what method is used, a minimum amount of data will be needed for a relatively accurate analysis and some companies are afraid of acting on potentially incorrect data. The downside of this is that they are also waiting to capitalize on the benefits of the data they hold.

Motivation needs to come from the top down if you want the use of data to be both successful and consistent. Organizational leaders must decide what they want to achieve from their data and then empower those best suited to analyze the data the task of putting it all together to obtain meaningful and valuable results.

Finding the utility

Lack of data ROI could also be due to a lack of value or utility. Some organizations collect data just because it is there or because it was provided but they have no need for the data and it is not producing them any value. Further, they see no value in the information. In this case, the best course of action is to make an informed decision as to whether the data is valuable. If it is not valuable, the organization should delete the data so that they do not have to expend resources managing and protecting it.

Achieving expertise

Analyzing big data, configuring machine learning algorithms, evaluating outcomes, and implementing the underlying analytical systems for big data requires a high level of expertise in a variety of disciplines. Some organizations do not have the expertise or they are in the process of developing that expertise.

Those that are new to analyzing big data might seek the help of a trusted partner to get them up to speed or they may outsource the role entirely. However, given the value of organizational data and the risk of exposure, outsourcing should be treated with a due diligence assessment of the outsourced company’s capabilities and reinforced with a strong contract.

Building better models and tools

Those who are using big data probably see room for improvement, especially in the models they are using to interpret the data and, in lesser cases, the software and infrastructure they utilize. Cloud computing can offer great advantages in expanding to meet big data needs and in providing the raw computing power to analyze large data sets. Other companies are deploying private or hybrid clouds so that they can offer more customized analytics to decision makers.

Performing better housecleaning

Lastly, some only use 1 percent of their data because they simply do not have a policy and procedure for removing useless data. A large component of this is the data retention policy which spells out how long different types of data will be stored by the company and when that data will be destroyed. Additionally, some data that fits certain criteria may be removed immediately. This might include spam or other junk emails, draft files, temporary files, Internet history, cookies, or encryption keys. Removing this data makes it easier to manage the remaining data and it can prevent malicious outsiders from obtaining data that could be used to launch attacks or otherwise harm the company or its customers.

Humans only use a small portion of our minds and we use an even smaller portion of the data we collect. The good news is that there are viable strategies companies can employ to begin utilizing more of that data. So what is holding you back?

Continue reading

Share Button