By Robert Winter, Chief Engineer of Data Recovery, Kroll Ontrack
We live in an information age, where the volume of data processed by organizations increases exponentially.
According to IDC, the total amount of information worldwide will reach 35,000 exabytes in 2020. Businesses currently use approximately 1,200 exabytes, which means information processing will increase at least 29-fold over the next decade.
Managing this plethora of information is a complex task for businesses and it also leaves large corporations highly vulnerable. Only last year, electronics giant Sony was prey to computer attacks which led to the theft of over 77 million PlayStation users’ bank details. Online retailer Amazon suffered a drop in sales after it unintentionally deleted its own customers’ details. After unsuccessfully trying to recover the information, Amazon announced the data had been lost forever.
Data loss is a risk that is frequently overlooked by businesses. It is important for companies to know what processes to follow should data loss occur. It is a risk that is both external, as demonstrated by the Sony hacking incident, and internal, as Amazon’s experience shows. Studies show that potential threats lie within every company. Human error, employee negligence and theft are all likely risk factors.
Every organization, whether public or private, needs to review its systems and data management processes regularly. As volume and value of information grows, an up-to-date data protection and recovery plan becomes increasingly important.
The difficulty is that IT infrastructures are increasingly complex. There are multiple outlets used by companies: data centers, storage areas, servers, applications, computers, mobile devices, and thousands of files. In the case of public organizations, interoperability issues between various administrations can further increase the risk of data loss.
Designing appropriate security procedures, while crucial, is not sufficient to safeguard a business. Each procedure should be checked regularly to confirm they are fit for purpose. It is crucial to make backups and store data correctly, but there are certain practices that may hinder data recovery. It is often these unnoticed flaws in a data protection system where data loss actually occurs.
Here are some recommendations to help reduce the risk of data loss, protect confidential information and ensure business continuity:
1) Document and maintain procedures for backing up the organization’s data
2) Test procedures and backups regularly to ensure they work
3) Include the details of a trusted data recovery provider in a contingency plan, who can provide advice and help should data loss occur
4) Create a map showing the location of the data, file names, where it is stored, and the individual that is responsible for the information
5) Establish a mindset that promotes information security within the organization. Human error is the leading cause of data loss
6) Know when to delete. Keeping unnecessary data is poor management of the IT department’s budget, so make sure the data in storage is there for good reason
No matter what the cause of data loss, all organizations would benefit from the creation of a thorough and up-to-date data management plan.
Additional resources and information relating to this subject provided by Dell are available here.