Member Article

Data Protection Day 2017: What can we learn?

If there’s one thing that 2016 has proved, it’s that cyber threats are constantly and persistently evolving; organisations, both large and small, still have a lot to learn when it comes to protecting their data. Data Protection Day aims to educate and bring awareness to the importance of cyber security, data privacy and data protection. In reflection of the day, we spoke to five experts to get their take on what organisations and businesses can do to enhance and protect their key asset – data.

Big-name data breaches

Last year, it seemed that big name data breaches were constantly hitting the headlines; social media giants Tumblr and LinkedIn were hit, as well as Yahoo – which infamously saw hackers steal over one billion customer accounts. This shows that businesses are vulnerable.

As data becomes the world’s most valuable commodity, it is imperative that organisations guarantee data privacy for their customers. More organisations are moving data to the public cloud in order to reduce costs, increase capacity and deliver on access demands.

However, as Victoria Grey, CMO of Nexsan suggests, “organisations could be risking highly confidential data and this is a huge concern.” This is where the importance of Data Protection day comes in. Grey goes on to say that “Data Protection Day should act as a reminder that the public cloud can not provide the enhanced security and data protection measures required for critical information. Fundamentally, the only way to absolutely guarantee data privacy is by ensuring it remains on-site through an on-premises solution.”

Getting a Plan B in place

Coming off a year of numerous high profile data breaches and with ransomware still running wild, businesses need to not just prepare for an attack, but ensure they can maintain critical business operations in such an event. Rob Strechay, VP of Product at Zerto, reminds us that “while IT security efforts largely focus on defending the perimeter fence, there are too many opportunities for hackers to get past these defences to not have a well-constructed and easily implemented “plan B” in place.

“That plan B must include being able to quickly and as completely as possible recover critical data using proper tools and processes to help significantly reduce, if not nullify the impact of the intrusions.”

Strechay goes on to clarify that, “traditional backup is nice, but it is critical to implement and successfully test a rigorous business continuity and disaster recovery strategy.”

Mandatory data privacy

It is important to note that data privacy is not optional. Mandatory standards and controls should be in place across all businesses. Data Protection Day serves as a reminder that personal and company data is critical and should be given the utmost protection.

“Organisations of all shapes and sizes need to realise that business-critical data is being generated on a daily basis and if this becomes inaccessible, they no longer have a business,” says Gary Quinn, CEO of Falconstor, “this is why deploying safeguards such as software that enables disaster recovery, data migration and the ability to backup is fundamental.”

All organisations, from small businesses to large enterprises, need to be taking steps towards making data safer.

Risks in the cloud

As companies look for ways to save cost by moving business processes to the cloud, the data backup process is a likely candidate for cloud migration. Privacy becomes a concern, however, when sensitive information is moved off-site.

Jon Toor, CMO of Cloudian believes that “hybrid cloud offers the best of both worlds as it enables companies to retain control over sensitive or regulated data by storing it on-premises, whilst still being able to utilise public cloud scalability and cost for less-sensitive information.” Data privacy is fundamentally about being prepared.

“One key element of your privacy strategy has to be how to recover from a breakdown—establishing recovery point and recovery time objectives. For example, you can speed up the recovery of data with online and nearline snapshots (modern data privacy doesn’t depend on traditional backup tapes),” says David Griffiths, VP EMEA, Tintri. “Leading organizations need to be using storage that allows them to review snapshots quickly and enhance protection with multi-site replication, whether it is to another location or a public cloud.”

Raising awareness of data protection, privacy and cyber security is more important than ever, as the threats against businesses and organisations continue to grow. The significance of Data Protection Day is becoming more and more prominent, and organisations needs to realise that some of the biggest threats that could pose against them are actually online.

This was posted in Bdaily's Members' News section by Technology Experts .