When it comes to managing data, a majority of IT specialists would prefer to hand that task over to a managed service provider (MSP). A new survey from London MSP Six Degrees Group finds that the overwhelming amount of compliance rules and regulations governing today’s data storage and management has proven to be confusing and frustrating for many IT professionals.
According to the group, 52 percent of IT specialists surveyed would rather use an MSP to deal with data compliance than try to manage it themselves. And nearly half of IT professionals queried admitted they don’t really understand compliance legislation as it relates to managing data.
The findings are significant based on the number of standards and regulatory requirements in force surrounding data management today. From PCI DSS standards for data storage to HIPAA in the U.S. and the FCA in the U.K., there is an abundance of confusing legislation and jargon. And yet organizations are expected to comply with the dizzying array of standards or else face fines, legal action and at the very minimum, unhappy customers.
“Organizations need to manage vital financial information, customer details and intellectual property correctly in order to comply with the latest regulations,” said Campbell Williams, group strategy and marketing director, Six Degrees Group. “It is troubling that the majority of IT professionals surveyed have an insufficient understanding of how to make sure they are compliant. There’s clearly been a breakdown in communications between the compliance and IT departments, but considering the number of rules out there, perhaps it’s not surprising.”
Of those surveyed, 86 percent believed that where their data is stored is a cause for concern. And yet 35 percent of IT professionals who use an MSP said they do not know where their data is housed.
While Six Degrees’ findings are largely related to the U.K. IT sector, the same problems abound in the U.S. A recent Forbes article reveals the U.S. financial sector is in an uproar over the December “Volcker” rule that gives banks only a few months to get data analysis systems in place. The rule, part of the Dodd-Frank reform ordered by President Obama, is geared toward stopping commercial banks from proprietary trading. New reporting requirements must be in place by June 30, which has left some of the country’s largest banks scrambling to meet compliance mandates.
“Banks, quite simply, need to record and collect everything,” said Ralph Silva an independent financial analyst. “They need to report on the data, from more sources, and keep it longer than before. Around 80 percent of bank data is collected but not commonly understood – only a fifth is actually analyzed.”
“When a third of IT professionals using a managed services provider don’t know where their data is stored, how can they be sure that the data is safe?” questioned Six Degrees’ Williams. “With businesses relying on cloud providers that might be operating anywhere in the world, it’s time to start asking these questions and make compliance and sovereignty a business priority.”
Edited by
Stefania Viscusi