COMMENT
4. Ensure policy driven data protection procedures
are in place
Implementing and following data protection policies will help to
identify and deal with breaches more quickly should they occur.
Using backup and disaster recovery planning
Having a secure, off-site backup of all data is a vital first step
to ensuring data is protected. Although a backup does not
have the ability to stop fraud, cyberattack or even human
error, it is often the quickest and best way to reduce and
resolve the effects of one of these scenarios.
Data backup is important to not only protect against data loss
or breach but is commonly required to comply with regulations
and compliance. In South Africa the promulgation of the
Protection of Personal Information (PoPI) legislation will have a
significant impact on data management, specifically how public
and private institutions process personal information.
Paul Evans, Founder and CEO of Redstor
Aside from the cyberthreats facing organisations, there
are also a multitude of physical threats and disasters that
could take place and also need to be accounted for. Having
a disaster recovery plan (DRP) in place that allows your
organisation to meet set recovery point and time objectives
(RPO, RTO) will not only save time and money but ultimately
could save your organisation. One of the further benefits of having this visibility is the
ability to tier data. Tiering data enables organisations to
increase the efficiency of their data storage by moving data
that is infrequently accessed or doesn't change to a cheaper
disk, thereby freeing up space on expensive tier 1 disk to
accommodate data growth.
A robust offsite backup solution should form a key part of
this. Depending on timeframes to recover critical data and
after considering the functionality of the backup solution in
place, a backup solution may by itself provide sufficient cover
against data loss, however this could differ depending on any
organisations’ unique requirements. Having a tool that provides visibility of and the ability to
analyse file metadata such as last accessed date, last modified
date, file owner, etc. also enables organisations to consider
archiving and long-term retention of data. However, deploying
a separate tool to scan all files across the network to centrally
collect this data securely likely seems onerous.
"Reducing the threat of
losing data or having a
serious network breach
should be a priority for all
organisations."
The importance of implementing a full data
management solution
Further to backing up all data, organisations can implement
solutions and strategies to help protect against threats to
data and decrease the chance of downtime occurring.
To do this, organisations first need to understand what
data they have and where it resides. They need a tool that
provides this visibility and insight quickly and easily, not least
of which to identify duplicate files and other data which
could be safely deleted.
24
INTELLIGENTCIO
Thankfully backup solutions already have a need to scan
files across the network to identify changes. Therefore,
forward-thinking backup solution providers have begun
incorporating this data analysis and insight capability into
their backup technologies.
Conclusion
There are new and old challenges and threats that face
modern organisations and they have the responsibility to
manage and protect data against these. Traditional methods
of data protection such as backup are still vital but they are
only part of the solution.
Cybercriminals are well resourced and well-funded and due
to this, the advancements and techniques used in hacking,
fraud and in the development and deployment of malware
have accelerated. Organisations now need comprehensive
data management to be able to cope with threats. This
need is beginning to define the South African business
landscape. Methods such as encryption, data tiering and
archiving can go some way to reducing threats but having
real insight and understanding of your data is vital to being
able to protect it. n
www.intelligentcio.com