Servers are often used to store and process data, including data from other organizations. Processing can also be performed on desktop or laptop computers
The question is being asked because some servers are web servers, often with Internet exposure. This increases the attack surface and thus the risk that the server could be compromised, and the data accessed by the attacker.
Most data is processed on servers, so it is not expected that you do not do so. However, the servers that are used should be protected to the level of the sensitivity of the data. Do not put non-public information on external, public web servers. Also, limit the number of servers and access to those servers to the number needed for the business being conducted, and no more.