David Zimmerman is the CEO of LC Technology International.
Protecting vital company information with a formal plan often comes at a high cost but not having one could result in the crippling loss of data, trust from customers or partners, or reduced revenue due to a stoppage in business.
In recent years, much of the talk around data management has shifted toward the cloud as a low expense and highly scalable solution that can be accessed via any internet connection. However, there are some serious limitations to protecting data in the cloud:
- Managing files is your responsibility. Cloud providers typically won’t be much help if there is a glitch and you tell them, “We put our accounting files in this folder, and now they’re gone.” Even if you certainly did place them in the right folder, you likely don’t have any recourse against the cloud provider. It’s your responsibility to manage the files properly and ensure you have backups.
- Public clouds are multi-tenant, which means if your “neighbor” suffers a security breach, then your data can possibly be exposed. Public clouds are cheap and offer immediate scalability, but their shared component means very sensitive data should be kept in-house.
- The cloud is, of course, tied to internet connectivity. If you have an ISP outage, then you can’t access your cloud-based data. If some of your information is absolutely mission critical, then ensure you have physical media backups to help you run the business in the case of poor internet connections.
- Some cloud storage companies are simply not reputable. The market has evolved and pricing continues to drop, so there is not much of a benefit in going with a lesser known provider. Choose one of the big names in cloud storage for the best safeguards and customer service.
Knowing the cloud’s limitations, how should companies go about protecting their most valuable assets? Here are several best practices that can help brands manage and store their data (no matter where it’s held):
- Create a detailed protection plan. Similar to any marketing or sales endeavor, you need a plan in business in order to be successful. Data protection is no different and requires a set plan that offers step-by-step instructions. A plan also instills accountability as different staff members can be given their own tasks which contribute to the plan’s overall success. A sound plan takes time to develop, but it’s well worth it. Be sure it includes the schedule for data backups, who is responsible for managing physical or cloud-based assets, and who will communicate to customers if data is lost.
- Handle devices carefully. Hard drives and especially Secure Digital Cards (SD) should be handled with care. These portable storage media might be used by employees in the field, or those that take a considerable amount of photos or video content. SD cards can be very sensitive and should not be used as long-term storage options.
- Backup the backups. Redundancy is a simple yet effective tactic to protect your data. Storage is cheap. Whether it’s a 2 TB hard drive or storage through Google or Amazon, you can keep a massive amount of information at minimal cost. Given the low cost barrier, it’s wise to have multiple layers of backups for maximum protection, such as a private cloud along with some on-premises backups.
- Check the laws and adjust access accordingly. Many businesses need to hold to higher standards of data protection due to privacy and security laws. Make sure all of the company’s regulatory and legal requirements are exceeded in order to prevent disastrous lawsuits or fines. In addition, you want to restrict access to information among staff members. Not every employee needs to access sensitive customer or partner data. Smart access controls (with redundancies to cover absenteeism or resignations) are vital for reducing the incident of breaches or risking data exposure by disgruntled employees.
- Centralize data management for better security and simplicity. Today’s businesses are pulling in data from many different sources such as social sites, customer service, email, mobile marketing, and several others. It’s important to assess all of these sources and then put in place centralized management, which helps eliminate duplicated efforts. Staff will appreciate being able to grab info from one source, especially marketing departments that might uncover unexpected results from these combined data points.
- Analyze your metrics and test the plan. The sales managers will review performance after a big sales campaign, and IT managers should do the same with data protection. The formal protection plan should include various benchmarks and goals as well as data that can be reviewed on a schedule. The plan shouldn’t be set in stone but continually evolving based on the latest information. Institute procedures to track the trail that data follows to identify any breaches in protocol or sources of improvement. Testing the plan is another cost/benefit analysis where companies should look at the time spent testing versus the detriment of not having access to data.
Recovering Lost Data
A business that puts in place a great plan while using a mix of private clouds and on-premises storage can still find that it needs to recover lost data. Perhaps an employee dropped a crucial hard drive or hackers accessed a forgotten Dropbox account, data can still be breached. However, you can take steps to ensure that information can be retrieved and operations returned back to normal quickly. Just know that not all recovery tools are created equal.
Steer clear of any free data recovery utilities. There are many software programs that promise to extract lost data from USB or hard drives. These might work, but they are very risky due to the threat of malware and they very often have no customer support. Spending a small amount of money with a reputable recovery firm is the best option to retrieve data without any hiccups. You want a firm that is well reviewed, will gladly offer references, and offers technical reasons why their tactics and programs are industry leading.
Companies without formal plans for disaster recovery and protection are placing themselves at risk for legal problems, business interruptions, and perhaps the loss of patented information. By following data protection best practices that involve centralized management and smart storage choices, companies can greatly lower the odds of data loss and focus on more revenue-generating opportunities.
Industry Perspectives is a content channel at Data Center Knowledge highlighting thought leadership in the data center arena. See our guidelines and submission process for information on participating. View previously published Industry Perspectives in our Knowledge Library.