The Value of Data: What is your data worth to your Organization
Filed under: Business & Management, Email, Hosted Services, Managed ServicesIn my opinion, the key incite to glean from Pete’s article is that your data is probably worth WAY more than you think. In fact, it is likely the very life blood driving your organization.
Many of Endsight’s clients operate a service business. They count on the intellectual property locked in their email and business applications to meet their customers’ needs. For them, data is the business.
As Pete’s article notes, “The Department of Commerce has determined that 90% of companies which do not have access to data for more than 5 days go out of business within 1 year.”
By itself, that statistic is alarming, but in the Bay Area it’s further exasperated by this one:
On April 15 2008, the San Francisco Chronicle reported that The US Geological Survey believes “A strong and deadly earthquake is virtually certain to strike on one of California’s major seismic faults within the next 30 years”
I’ve reposted Pete’s article below and invite you to consider what kind of impact a “day without computers” might have on your business. If you find the impact as alarming as Pete, contact us and let’s talk about how we can help mitigate that risk.
I’ve embedded a slide deck to a free seminar Endsight has provided about disaster preparedness. If you belong to a professional association or business / community group that might have an interest in the topic, let me know and I’d be happy to present it. If you’d like more information about the presentation, Email me and I’ll send you a topic abstract.
The Value of Data: What is your data worth to your Organization
By Pete Heles, Founder/CEO Framework IT, LLC
What is your data worth?
This question is one that will have a unique answer to each and every entity in existence. There is no easy answer. This is obvious in the fact that this very question has been asked many times without a quantitative foundation for the answer. It is the objective of this document to assist you in better determining the value of your firm’s data, how to increase its value and ensure the ongoing retention of value.
In researching this question, there are several current themes for determining the value of an organization’s data. The most basic formula is the data of an organization is equal to one times annual revenue. This theory is supported by the fact that if a company’s data is lost or handed over to a competitor, the firm is worthless without it. This is a rather simple formula that points out a fundamental flaw in attempting to establish a universal formula for determining the value of data: The value of data has much to do with the type of organization.
A flower shop, a paint manufacturer and a not-for-profit cannot use the same formula. Think about a dental office: new data is established on each visit and the data collected from prior visits is mostly negated. In the dentist’s case, the security of the new data is far more important than the “old data” with the establishment of HIPAA Guidelines.
A flower shop has names, addresses, credit card information and transaction history. The credit card data is again important from a security risk stand point, but to say the value of a flower shop’s data is 1 times annual revenue seems to be grossly overstated, as the majority of the information can be collected from a variety of sources and the confirmation of credit card information can and should be done with each transaction.
The paint manufacturer on the other hand is very different. In the recent past, a specialty paint manufacturer was purchased by a sizable competing firm. Within 6 months of the acquisition over 90% of the acquired firm’s employees were terminated and all but 2 plants shut down. The data was the only thing of true value. The purchase price was 4 times annual revenue. Formulas and client data in the sole possession of the acquiring firm were deemed to have that significant value.
In today’s business environment Certified Public Accountants and the Federal Government determine the value of tangible assets. Merriam Webster defines tangible as “capable of being appraised at an actual or approximate value <tangible assets>.”
If a firm buys a list of names and addresses it is a business expense and the initial value is easily determined. That list becomes valuable data with use and definition by the firm for its profitable use. The additional data that is built along with the name that was purchased is of significant value. In theory, it is no longer an expense, but becomes an asset. Only the tangibility of value is at question.
There are other considerations that must be realized in determining the value of data. A basic factor in value is the cost to maintain and collect data. What is the budget for computers, software, support, and people in the data systems group at a firm. This is a statement, not a question, as this is a cost of data for any firm. If, in fact, that amount is treated as an expense, it must diminish the value of data by the same amount.
On the other hand, it has been determined by the management of the firm that the value of data will increase in an amount greater than the expense; otherwise it would be a bad business decision to incur that expense. Conclusion: the data processing staff at a firm is critical in increasing the value of the firm’s data. Unfortunately the value of data is too often determined by the purchase price of technology which is used to house the data. That is like telling someone the $1 bill in the $100,000 vault is worth a hundred thousand dollars! In 1978 when a 73mb disk drive was $38,000, was the data more valuable than today when a 300 GB disk drive is about $250? Be careful not to get caught in this determination of data value.
Issues for consideration
1. Is it goodwill? What is that in accounting terms?
2. Is a patent an asset, and how is the value determined?
3. Is data the same as intellectual property?
4. Increasing the value of Data
5. Protecting Data
6. Handling, use, and availability of Data
7. Misuse of Data
8. Where is the Data?
9. Role of individuals and Data
10. Assault on Data
11. Treating Data as an investment
The topics noted above are best answered by the key management of your firm with needed participation from both accounting professionals and lawyers. A strategy for the proper collection, use, protection, and ability to compound data and its value can be an eye opening project that WILL increase the awareness of and value to your firm’s data.
Before starting the process of determining the management of your firm’s data, take a minute to answer the following questions. If an employee took (embezzled) all of your company’s key client, vendor, and financial data to his new employer (a prime competitor of yours), what could the financial affect be to your firm?
If there were a fire (or other situation) that destroyed all the file servers in your data center, how long would it take for your firm to recover from this calamity?
What is the cost/loss per day to your firm if corporate data is not accessible?
What would the financial impact be to your firm if the data that was backedup could not be restored and had to be rebuilt from scratch? These numbers are actually larger than you initially estimate. The Department of Commerce has determined that 90% of companies which do not have access to data for more than 5 days go out of business within 1 year. Does this fact change the way you think about the value of your firm’s data? The protection and assured availability of your company data?
A thorough Business Continuity and Disaster Recovery Plan is a key part of ensuring the “Survivability” of your company in the event of a business interruption or serious data loss. It is estimated that less than 5% of unregulated* businesses have a current and thorough Business Continuity and Disaster Recovery Plan.* (Banks, financial institutions, and publicly held firms are some of the business types that are federally required to have a BC/DR Plan.)
As a business professional it is essential (and possibly legally required) that you protect your firm’s assets. After reading this article and answering a few simple (maybe complex) questions you should have a new appreciation for the value of your firm’s data and understand the need to be more proactive in the protection and assured availability of your data. Start the BC/DR Plan development process today.
No Comments »“Exchange” your POP mail solution
Filed under: EmailWhen I first started in the IT services business back in the late 90’s, e-mail was starting to become pretty important to most business. Still the prevailing opinion back then was that when comparing importance of availability, e-mail was a distant second to the company phone system. In fact, people would continual say authoritatively “The phone systems CAN NOT go down!”
Today, pretty much every worker has a cellular phone, and while still very inconvenient, if the corporate phone system does go down, business still functions. E-mail on the other hand has become such a mission critical component of the way we do business, the importance of a reliable, available, and secure system is a huge priority of businesses of all size.
As CEO of a company who acts as the outsourced IT department for dozens of small business, you can imagine we are in a position to make recommendations for e-mail solutions frequently. There are basically two options when it comes to managing e-mail. On one hand you have server based e-mail solutions and on the other you have desktop (POP) e-mail. In the case of the desktop solutions, e-mail is routed from a server on the internet, usually owned by your ISP, to the desktops in your environment where your e-mail will ultimately reside on the PC of the user. A server based solution, all the e-mail for the corporation is funneled to a server on the network and the users access the local server to see their mail.
The desktop solutions are very inexpensive (in many cases free), but are very unadvisable for an organization that values security, reliable, ease of access, or availability to e-mail. A much better idea is to spend the money on an e-mail server. By centrally managing all e-mail boxes in your company, you can now back-up email, control access, and offer a wide range of connectivity options such as remote locations, handheld devices, or web-consol access. Furthermore, since all of the e-mail boxes are centrally located a variety of enhanced collaborative features are available to your team such as shared contacts or the ability to view other workers calendars.
Of the server based e-mail options out there, by far the most popular for small businesses is Microsoft Exchange Server. It is extremely feature rich and because it is so popular, it is much easier to find good IT support than other options such as Novell Groupwise, Lotus Notes, or free software built on Linux. If you haven’t yet moved your business to a server based e-mail platform….there is no time like the present. You won’t regret your decision.
No Comments »Free Yourself From SPAM
Filed under: EmailHas wading through your inbox become as tedious as waiting in line at the DMV? Do you find yourself wondering what type of person would buy Viagra or trade stocks from random emails?
It’s hard to fathom that SPAM is the problem that it is, but disbelief won’t clear your inbox from this pesky problem.
The good news is that a solution is possible. There are basically three types of SPAM filtering technology:
- RBLs (real-time black lists)
- Heuristics (computer instructions)
- Firgerprinting (third party approach)
First, a RBL is simply a list of domains (web-sites) that are known for sending spam. The idea is that if you are caught sending SPAM you get put on the RBL and are thus blocked from anyone using the list. Unfortunately, spammers have figured out clever ways to outsmart the filters, such as constantly changing their domain names. In some cases, they will actually breach the security of your domain and hijack your own mail server to send out their SPAM.
Heuristics is a computer science term. In the context of blocking SPAM, it refers to an algorithm, or complex set of computer instructions, that decides what is legitimate e-mail and what is SPAM. For example, an algorithm might flag words, phrases, or character strings like “Mortgage, Viagra, $$$$, HOT STOCK, etc.” There are many more colorful examples, but I think you get the point. The problem with this approach is that algorithms aren’t perfect and oftentimes good e-mail gets categorized as SPAM. We call this a “false positive.” When that happens, you either lose out on important information or have to dig through your spam folder looking for miscategorized messages.
The third approach, and in my opinion the best, is the use of “fingerprinting.” With this approach a third party sets itself up to receive as much SPAM as possible. The third party receives, identifies, and takes a “fingerprint” of hundreds of thousands of SPAM messages. This works because SPAM messages are not unique. The sender crafts a message that they will send to millions of recipients, over and over and over again. Once the message has been identified as SPAM, it can be filtered by everyone subscribing to the fingerprinting service. The key advantage of this methodology is that no unique message will ever get blocked - thus eliminating the problem of false positives. My own company has had great success with a product called Cloudmark
No Comments »