Data is the lifeblood of any modern digital business. Without it, organisations can\u2019t do the analysis they need to inform their thinking about new products and services that will provide them with an advantage in a competitive global marketplace.\nThese days, companies are looking to their data to power new insights, many of which are driven by artificial intelligence platforms.\nBut there\u2019s a problem. As organisations move more and more services to the cloud, data management can become a messy affair. Distributed, dynamic and diverse data requires effective and efficient management.\nSenior tech execs gathered in Sydney recently to discuss the strategies they're using to make better use of and protect their information, particularly in a hybrid cloud world where systems and services exist on premise in companies\u2019 datacentres and the cloud.\nPaul Reilly, storage specialist at Lenovo Australia and New Zealand, says organisations today have digital transformation front and centre in their growth and profitability strategies. Data is a vital part of these transformations, he says.\n\u201cOur customers are under pressure to use this wealth of data, to apply it to create new value across their entire organisation and to do so within limited time and budget. Additionally, their data is out there \u2013 it\u2019s distributed, dynamic and diverse and it\u2019s overwhelmingly difficult to manage,\u201d he says.\nReilly says organisations are having great difficulty overcoming these issues and now require intelligent data storage platforms that support fast and easy access to data, optimised data management and security, as well as mobility that spans the edge, core and cloud.\nDaniel McGarry, IT director at WSP Australia, says the engineering firm\u2019s biggest challenge, related to managing and protecting information in a hybrid cloud world, comes from the number of vendor offerings available to engineers and consultants. This will continue to grow as smaller software and solution vendors offer software-as-a-service and cloud storage.\n\u201cIt\u2019s easy to control my own hybrid cloud but I have less control over project and enterprise information hosted elsewhere,\u201d he says.\nMcGarry says his organisation\u2019s strategy, first and foremost, is to ensure it has solid contractual agreements with its major vendors that protect ownership and the location of hosted data.\n\u201cSecondly, governing the procurement of cloud-based solutions [is a challenge]. It\u2019s very easy today to procure software as a service instantly without understanding where the data resides or is copied, what the retention policy looks like and or how you can get that data back up if needed,\u201d McGarry says.\nAndre Joubert, project director at Westpac, adds that working in a financial services environment and having to adhere to the guidelines and constraints imposed by ASIC and other regulatory bodies makes it easy to reject utilisation of key data in cloud environments.\n\u201cThis, however, limits the utility of cloud environments,\u201d he says.\nThe bank overcomes this issue by working with its security group to try and develop templates and patterns, which limits the need for individual security assessments.\nMeanwhile, Leon Gu, global director of information technology at Staywell Holdings, says his team has spent a lot of time and money to improve its on premise firewall and data protection capabilities.\n\u201cWe find that the public cloud does not give us the same level of visibility and it's a totally different ecosystem. A security weak point in the public cloud can easily reach on premise servers without leaving a log,\u201d he says.\nDealing with unexpected cloud costs\nDespite the cloud often being hailed as a computing model that will reduce infrastructure costs, some organisations are dealing with unexpected charges related to moving workloads in and out of the public cloud.\nLenovo\u2019s Reilly advises organisations do their research to understand what they\u2019re getting into when they select a public cloud service.\n\u201cThis is also the best time to decide whether using public cloud is appropriate and cost effective or whether it may be better to look at a hybrid or multi-cloud approach."\nIn general, costs associated with public cloud fall into three categories, Reilly says. The first category is ingress costs related to moving data to the cloud, which can be low cost but time consuming.\nThe second category is transactional costs. Every time, a company accesses its data in the cloud, a cost is incurred, he says.\n\u201cFees are low but the more you use your data, the more you pay. This is very expensive if you\u2019re running thousands of analytics jobs,\u201d he says.\nThe third category, he says, is egress costs which are \u201cprobably the biggest pain point for customers.\u201d\n\u201cMoving your data between public cloud providers or back on your premises is expensive for more reasons than just the associated fees. As an example, recreating new scripts takes a lot of time, which results in additional cost and lost productivity.\u201d\nWestpac\u2019s Joubert says the bank\u2019s cloud infrastructure costs have been expected but additional support and administrative costs were, in a number of cases, initially underestimated or not transparent.\nWSP Australia\u2019s McGarry says his organisation is not seeing unexpected costs from cloud services but he has spoken to other CIOs who \u201cwear the scars associated with a rapid move to the cloud.\u201d\nStriking a balance between performance and security\nTech execs also discussed how they ensure staff have access to all the information they need to make business decisions while maintaining the right level of security for data across multiple platforms and locations.\nCIOs need to strike the right balance between performance, agility and security, says Lenovo\u2019s Reilly.\n\u201cWhen evaluating storage infrastructure today, features such as encryption, data locking\/legal hold for regulatory compliance and multi-factor authentication should be mandatory but should not come at a cost to performance or agility,\u201d he says.\nWestpac takes the \u2018safety first\u2019 approach so staff access is limited to only the \u2018absolutely essentially users\u2019, which reduces the value that can be gained from these environments, says Joubert.\nFocus on data privacy\nFinally, new data privacy in Australia and overseas have changed the way organisations view their data management policies and procedures.\n\u201cWe are seeing a shift in mindset from our customers since these new laws have come into effect,\u201d says Lenovo\u2019s Reilly.\n\u201cData protection strategies are being built into every project, upgrade or deployment because customers understand that prevention is better than cure when it comes to data breaches. There is also a strong economic case for having a robust data privacy strategy in place \u2013 phishing, hacking and ransomware attacks can cost companies millions of dollars in fines and loss of reputation,\u201d he says.\nWSP\u2019s McGarry says his organisation has developed policies and procedures for managing potential data breaches that comply with the new mandatory data breach notification laws.\n\u201cWe have a senior team of IT and information security specialists and legal counsel that are ready to initiate the procedure at a moment\u2019s notice. We are now extremely cautious and conservative in how we manage client and employee data,\u201d he says.