Is Your Data Protected?
Barely a day goes by without a story breaking in global business news about some new cyberattack that is targeting sensitive information, from intellectual property to credit card information.
Data is the heart of any business, and losing it can seriously damage an organization of any size.
A 2013 report commissioned by security analytics company Solera Networks found that breaches on a company’s data were on the rise, increasing in both severity (54 percent) and frequency (52 percent) since 2011. The average cost on a business from such an attack ranged from $470,000 to $840,000.
Is your data protected? Whether a loss of data comes from an outside attack or from more benign, and much more common, occurrences — such as hardware and software failure, accidental deletion and viruses — the consequences on your business can be sobering and far reaching. And it happens more often than you may think.
A 2011 survey by Carbonite found that 48 percent of U.S. small businesses with up to 20 employees have experienced data loss, with most of that loss stemming from hardware/software failure or accidental deletion.
Backing up your company’s data can mitigate these types of losses, yet we commonly find unprotected databases throughout regional businesses. To be fair, when trying to understand backup processes, there are a lot of moving parts, and it’s difficult for system administrators to get it right.
To further complicate the issue, even if you have a solid backup system for your primary databases, you need to make sure that your backups are secure as well. While the vast majority of businesses today invest in improving the security of their critical databases, they often leave the backups of that data unprotected.
For example, when handling sensitive information about clients, order history, inventory or accounting records, organizations generally follow best practices, install needed patches and get rid of unnecessary software, etc.
This is especially true when companies house information that’s regulated by federal regulations such as HIPAA or Sarbanes-Oxley. Unfortunately, though the same regulated data lives on backups, businesses often leave those backups exposed.
Luckily, securing backup databases isn’t difficult. To protect your backup databases, follow these steps.
- Set file permissions on the backups: File permissions define which users or groups of users can access the data.
- Audit those permissions: Regularly check to make sure the list of users who can get into your backups is current and excludes all non-necessary personnel.
- Encrypt the files: A 2012 study conducted by the Independent Oracle Users Group found that less than a quarter of businesses encrypt all of their database backups. Your company’s data is your competitive advantage — make certain that even if sensitive information is stolen or compromised, it cannot be opened.
This post also appeared in The Tennessean, where Concept Technology has a bi-weekly feature in the Business section.
photo credit: Peter Forret via photopin cc
