The Importance of Data Security

There’s no silver bullet when it comes to securing your data but there are strategies to minimize the damage if your company is ever attacked. Since data is one of the most crucial resources a company has – driving the global economy and keeping organizations running – you’d better get involved in the data security discussion now!

  • 707.5 million data records were stolen in 2015[1]
  • 62% of IT professionals have no clear idea where their company stores confidential security data[2]
  • 27% of companies say that data protection policies and procedures are informal or that ad hoc policies are in place, compared to 34% in 2014[3]

Data is the lifeblood of most businesses today and the volume of data continues to grow by 50% per year alongside an increase in the number of servers at 20% per year. And as your data centre scales, so does your backup centre – and at the end of the day, recovery isn’t agile anymore. The skyrocketing growth in data is one of the main reasons why IT environments are so complex and why the job of backing up data is one of the least loved but still the most important processes in IT.

Back up, back up, back up!
Ransomware attacks, for instance, increased by 165% in 2015 compared to previous years. Ransomware is a malicious code that uses advanced encryption algorithms to block system files and demand payment in return for the key that can decrypt the blocked content – your data is held to “ransom”. But without backup there’s no recovery from ransomware. Your backup copy enables you to erase the drive, reinstall the operating system, restore the backup copy and then start fresh.

Where to store your data
Backups save costs and management time. There are various ways to back up your data, for example:

  • Locally by installing software on your PC: With this solution, you need to have an IT manager who takes care of this and a strong connections to the server, which results in extra costs.
  • In a public cloud: By storing your data here, you don’t need to invest in hardware or software and you are more flexible when it comes to increasing or reducing your cloud capacities. It’s the least expensive solution, but depending on your provider, you might never know in which country your data is stored.
  • In a private cloud: this is more expensive than the public cloud, because you get the advantage of a provider who takes care of the hardware, updates etc., and additionally you know exactly where your data is.

Each backup solution has its pros and cons. So when making the decision where to store and back up your data you need to take into consideration how securely it needs to be stored not only for your company but also for your customers.

Keep Business Continuity with a Disaster Recovery Strategy
If a significant negative event hits, companies need to have holistic IT disaster recovery plans in place. Those ensure that despite cyberattacks, equipment failures, hurricanes, earthquakes or other natural disasters critical business processes and procedures can be maintained or resumed quickly. Important steps of a disaster recovery plan include restoring servers or mainframes with backups, re-establishing private branch exchanges or provisioning local area networks to meet immediate business needs.

Data Lifecycle Management for the sake of the reputation
As a company you are the original user and owner of data and thus it’s your sole responsibility to properly manage information across its entire lifecycle. This entails ensuring data is secure, available on demand and able to provide value. The same applies to deleting data. By not monitoring how, when and where data is removed you put the long-term success and reputation of the organization at serious risk.

A good start is to follow these guidelines if you want to eliminate damage caused by data loss and breaches:

  1. Backup & redundancy: Without backup no protection. Some experts even say you need to have three forms of backup: real-time, daily incremental and weekly incremental. One of the three should be offsite with a cloud provider and the other two can be at different sites of your company, or at two separate locations. The backups should not be connected to a shared drive.
  1. Establish “least privilege” access: “Least privilege” access can be enforced throughout the entire IT ecosystem. This ensures that no individual, team, process (computer virus) or rogue client (hacker) can have access to everything. The authorized people only have access to appropriate information.
  1. Data encryption: Data is the new perimeter versus networks and systems. Sensitive information has to be encrypted at source before it goes to the cloud and that is paramount if you are going to have a secure posture in the cloud.
  1. Choose a trusted data centre provider: Your trusted provider should adhere to the highest security and stability requirements as defined by the Uptime Institute up to Tier 3 classification.

 

  • [1] Gemalto: “2015 – The Year Data Breaches Got Personal. Findings from breach level index”
  • [2] PWC: “2015 Information security breaches survey”
  • [3] EY’s “Global Information Security Survey 2015”

 

0 Comments, be the first to leave a reply Write a comment

Leave a comment

Your e-mail address will not be published. Required fields are marked *

We are not robots, therefore please choose which symbol does not fit.
Categories

Read more:

Managed Wi-Fi can take your restaurants to new heights

September 1, 2021

Keep your hospitality business thriving with Meraki Managed Wi-Fi

September 1, 2021

How you can simplify networking and security operations with Cisco Meraki

September 1, 2021
Schließen
Terms and conditions

The data provided by me can be used by Deutsche Telekom AG for general customer consultation, requirements-orientated design of the services I use, advertising and market research. Transferring this data for these purposes within the scope of my consent is to be done so solely within Deutsche Telekom AG. The use of my data for the above-listed purposes cannot be done so if I withdraw my consent. Withdrawing consent can be done so either in writing or electronically, e.g., via Email, at any time.