Data Protection

Data Protection In An Era Of Mass Fragmentation

Data has become the fuel for business success because it drives insight.

Steve Norman, Head of Data Protection for Iomart, explains why comprehensive management of your secondary data is the key to unlocking its value.

Here’s a question for you. Do you know how much data your organisation has and where it’s stored? This might seem like a simple enough query but for many, it’s complicated to answer. This is because we’re operating in an era of mass data fragmentation.

As the volume of data we collect and use continues to grow, only about 20% of it is production data – the information we use to keep our organisations up and running every day. The rest of it is what we call secondary data – your backups, your archives, and the data you use for test and development or business analytics. That’s a whopping 80% of your data and it’s not just sitting in one place – it’s spread across silos throughout your IT systems, on different software and hardware, across different data centres and in different clouds. 

This is not just a major headache for your IT team. At a time when compliance and new privacy standards like the General Data Protection Regulation (GDPR) are front of mind for all of us, it’s a real security risk. While this secondary data is largely non mission-critical, it still forms a very important part of your obligations when it comes to data protection. If you can’t see and manage the data you’ve got properly, how can you be compliant?

The reality of this was highlighted in research published in November 2018 which questioned more than 900 senior IT decision-makers about their secondary data. The survey (conducted by Vanson Bourne on behalf of our data management partner Cohesity) revealed four levels of data fragmentation.

Level One

Fragmentation across silos: backups and recovery in one silo; file and object servers in another; archiving in another, test and dev data somewhere else; and search and analytics data in another silo.

Level Two

Storage of the above data on a range of different systems, such as tape/media servers, etc.

Level Three   

Storage across data centres and in cloud services in different locations.

Level Four

Fragmentation from redundant copies of the same data that are stored ‘just in case’ for e-discovery.

According to the respondents, as well as being hugely inefficient and incredibly complex, failure to grasp this problem was also causing major financial pain, with some IT teams wasting as much as four months of the year on secondary data management because they don’t have the right tools in place. The reality is summed up in the main conclusions of the report:

Almost three quarters of those who responded said that secondary data is becoming so fragmented that it will become impossible to manage in the future. This, they believe, will put their organisation at a competitive disadvantage, eat up their IT budget and put even more pressure on already stretched IT teams. 

This, the survey said, was ultimately putting IT experts in constant fear of a compliance breach because of their organisation’s fragmented data.  

It’s worth remembering that every time you make a copy of a dataset and move it to a new location, you are reducing visibility and increasing risk. Do you even know how many copies have been made of your data and where they reside?

While historically secondary storage and data management has been done by the IT team, without the rest of the business paying much attention – one writer describes it as “the ugly stepchild of the data industry” – the growing pressure to innovate has turned it into a high priority for every CIO. 

This previously ‘dark data’ is now in the spotlight. By getting on top of the issue of mass data fragmentation organisations can ensure GDPR compliance, make informed decisions about what data to keep and what to discard, use it to make better business decisions and monitor it for potential threats. 

The GDPR places a set of legal and technical requirements on organisations that process personally identifiable data. The clauses on data protection and management apply to the storage systems and vendors being used. There is a balance of responsibility which each organisation must be aware of. Therefore consistency in your approach is a huge positive when meeting your compliance requirements. 

By consolidating that 80% of data that’s lying across your secondary storage systems you will: 

  • gain the visibility and security your organisation requires
  • make your data easily searchable for e-discovery and compliance  
  • make it more useful for business analytic purposes 

This issue is too important to overlook. Just making storage more efficient or reducing the number of copies of your data isn’t enough. The most successful companies are choosing secondary data solutions to help them become more innovative while reducing competitive exposure and enterprise IT staff burdens. Your organisation can achieve this too.

Data is a business’s most important asset so start taking steps to harness it by consolidating and unifying all of your secondary data and applications. First, overcome mass data fragmentation with a single, software-defined solution that runs on-premises, in the cloud, and at the edge. Second, gain competitive advantage by improving IT agility with less management complexity, easy data mobility, and data reuse.

By combining proper management with greater visibility, analysis and protection of your data, you will be taking actions that will benefit your organisation.  


Steve Norman is Head of Data Protection for iomart, a provider of managed data protection, data storage and managed cloud solutions from ISO accredited UK, European and global data centres. He provides high-level strategic advice to help iomart’s customers improve their business compliance, performance and profitability. For more information visit