Voluntary hostages – a contradiction in terms and yet perfectly normal. This is the situation most businesses are in – all the time. With their data. A ransomware situation if we ever saw one.
I’m not joking – and here’s the setting: Most business people I talk to will accept and applaud the following statement: ‘Data is the foundation of your business.’ In other words, no data, no business. Which is what ransomware situations are all about. Block or lock up some important data, release for money. Quite obvious really.
Nevertheless, most of those same businesses and business people still treat their data as if it was something easily available and accessible, cheap, plentiful, even replaceable. Not all data, but most. And not necessarily by (conscious) choice, more often by negligence. Like ‘yes, it’s taken care of in system X and service Y’, which sounds fine, but rarely is. ‘Locked in’ is more like it. In fact, ERP, CRM, accounting/ledger and countless other systems have held businesses’ data for ransom since the 1980s, quite possibly longer. And possibly even worse: The market has accepted it as a fact of life, paid up and moved on, then paid again – and so on.
The situation, and some ideas about how to deal with it were discussed in the post You Need a Business Prenup: Exit Strategy recently. It’s actually quite ironic. On the one hand, the world is – and should be – scrambling to protect themselves from ransomware – for obvious reasons: The situation is acute, some times even life threatening, and almost always life threatening in a business sense. On the other, we continue to ignore a ‘plague’ that has haunted businesses since the dawn of the digital age, and has contributed to the creation of digital monsters completely out of control.
Of course I am exaggerating, but not much. Think about it: First your business pays millions to get a state of the art ERP/CRM/whatever solution/service to handle growing business and a more complicated reality. Then, after paying a steep price to get started, you need expensive consultants, maintenance and updates – not every once in a while, but all the time. And finally, when it’s time to move on because you’ve realized that the product or service you got was yesterday’s solution to yesteryear’s problems, your data are locked up. Getting access to your own data in a format that is usable outside the vendor’s realm ‘is not in the contract’.
So you pay – again. This is nothing less than ‘slow ransomware’. And unfortunately, it’s voluntary because we weren’t thinking. We had trust, we expected decency and didn’t realize that we got the opposite until it was too late.
Time to fix it. Again a new attitude, a new mindset is required in order to get in sync with reality. And get our digital bloodstream released from hostage. The potential savings will surprise any business person are sorely needed to improve our protection against ransomware situation. Not only the monetary savings, but the agility that comes with the release. Exactly what we need.
Another reminder that the mindset challenge is hitting most of us from all angles these days.