There are a lot of difference between data and information. At its most basic level, data is just a collection of binary digits - a string of 1s and 0s that make little sense in themselves.
Information is gained through an understanding of what the data is - converting those 1s and 0s into recognisable entries in a database or into files containing text, images and so on.
When it comes to electronic security, it is the information that really matters - the data may not be so important. To many, this will be a heretical view. After all, a whole market has been built up around 'data security' - and here I am saying that it is completely wrong.
If we take information to be the most important, then the aim has to be to secure it, no matter where it ends up. Trying to take the same approach with data is unconstructive - it is impossible to secure those 1s and 0s, as they are the heart of the data itself.
What we can do is to make the 1s and 0s meaningless without the capability to turn them into information. This means avoiding information be stored 'in the clear'. By encrypting data, it becomes far harder to turn it back into information without the necessary tools - this presents a substantial barrier for those attempting to access the information.
This is not just to avoid the loss of data through malicious activity, however. Accidental information losses are far more prevalent, and as an organisation's intellectual property is held within that information, such incidents can have long-term repercussions both financially and in reputation.
By focussing on the information and ensuring that the data is encrypted, moving the data around becomes far less of an issue. The data can be stored in the cloud, made available to others in the value chain and used for collaboration - but only by those who have the requisite key. This is the best approach to open collaboration: your organisation can worry less about where the data is, as the information is hidden within it in plain sight.