Opinion

The Value of Data

A new way of thinking about data, its value and the risk associated with it

By Bob Bragdon

April 01, 2008CSO

I am fortunate in my position to have the opportunity to speak with many of our market's thought leaders. I've recently had some conversations about the value of data with a number of such folks, including Rena Mears from Deloitte. That discussion has me thinking in a whole new way about data, its value and the risk associated with it.

Assigning monetary value to data is a concept that few businesses seem to be embracing, although, even from a cursory examination, it would seem to make a great deal of sense to do. We treat everything else in our organizations as assets with measurable financial value: inventory, people, property, etc. But when was the last time you sat down and calculated a dollar value for your customer database? My guess is that it has never been done.

So what would go into such a calculation? You should certainly consider past, current and future earnings per record in the database. Most organizations can tell you, with a fair degree of certainty, how much revenue they can expect an account to spend with them in the future based on past performance. Over the years, certain industries have been very successful at this type of forecasting based on a variety of sales and performance metrics that they track. Those metrics are usually maintained by the finance and/or sales departments.

Now that you have assigned a monetary value to your data, it's time to take a look at risk. The loss of any data that you maintain, particularly if that data contains information subject to regulatory control (Social Security numbers, etc.), carries a certain amount of risk if that data were to be lost, damaged or stolen. It's the same as if you had inventory lost, damaged or stolen. As you accumulate more of that data, the risk of loss goes up as well.

While businesses have aggregated data over the years, with little regard to the quality or value of that data, they have often failed to ask whether they are getting any kind of an ROI from it. As a critical component in determining the value of data, ROI would be a significant contributor to an evaluation of relative risk. This analysis allows you to answer questions of risk versus return: If you're not getting a good ROI on your data but it presents you with significant risk, should you hold on to it? If the data is valuable and has a good ROI but the risk is too high, should you get rid of it? At the end of the day, these answers will be unique to your specific organization and its willingness to accept--or its desire to avoid--risk.

RESOURCE CENTER
Loading...
VIRTUAL CONFERENCE
Data Center Directions Virtual Conference

Data Center VCAttend this free, 100% online event exploring tools and techniques for making your data center deliver for today and tomorrow.

» Learn more and register here

WHITE PAPER
Maximizing Site Visitor Trust Using Extended Validation SSL

VeriSignNow with Extended Validation (EV) SSL available from VeriSign, you can show your customers that they can trust your site. Learn about EV SSL benefits in the free VeriSign white paper.

» Read the Paper

Featured Sponsors
Sponsored Links

E-LOAN Maintains Reputation as a Privacy Leader with Symantec

Data Loss Prevention: Keeping Sensitive Data Out of the Wrong Hands

Prudential Financial Protects its Brand with Symantec

Efficient - Flexible - Compliant

Envision Identity-Based Access Control for the Datacenter

Using Likewise to Comply with PCI Data Security Standard

When Customer Relationship is Everything, Businesses Bank on SSL Solutions

The Case for Business Software Assurance ~ Securing Your Applications

Maximizing Site Visitor Trust Using Extended Validation SSL

Solving Online Credit Fraud Using Device Reputation

Understanding Data Location is Imperative for Data Loss Prevention

Secure your virtual and physical environments with the same software

Manage your IT more effectively

IDC Defines an Identity and Access Management Submarket

IDC Defines an Identity and Access Management Submarket for Managing Privileged User Accounts and Meeting GRC Requirements

Everything Today's CISO Needs to Know About Using SSO to Succeed in the Web 2.0 Era

7 Requirements of Data Loss Prevention

Information Security: Data Drains and How to Prevent Loss

CA's IT Security centralizes your identity management to turn security into a proactive, business-building tool

How Are Open Source Development Communities Embracing Security Best Practices?

Digital Identity Protection and Data Security Get Personal

Simplify your data center with Juniper Networks. View the webcast

Managing SSL Security in Multi-Server Environments

The Latest Advancements in SSL Technology

How to Offer the Strongest SSL Encryption

Forrester Total Economic Impact (TEI) report: Save Millions in Fraud Losses.

Get in Compliance With Government Data Regulations

Taking the Botnet Threat Seriously

Any company can promise identity protection. Only Debix can prove it

Welcome to the age of Service-Oriented Security (SOS)

Enabling Compliance with Converged Mainframe Security and Storage

5 Steps to Secure Outsourced Application Development