Data loss impacts businesses financially in terms of productivity, down time and possibly client loss. Often lost data is not recoverable, requiring hundreds, if not thousands, of hours of work to be recreated.
Losing data can also put an organisation at risk, whether it be from a lost or stolen device that puts company data in the hands of potentially malicious parties, or data that is accessible by competitors.
On that note, ITWeb, in partnership with Cibecs, is conducting a Data Loss Survey that aims to better understand how data loss protection is approached by South African companies and how they are impacted by it.
According to Ilze Dewing, chief financial officer and chief operations officer of Cibecs, typically data loss prevention in businesses is not looked at holistically. Often the data on the server is protected or the end user data of key individuals is protected, and while these tactics are a good starting point, they leave a significant portion of business data at risk, she says.
A significant amount of business data is stored solely on endpoint devices like laptops and desktop computers and this data is often not backed up or protected against theft or malicious access in any way, she explains. The theft, loss or crashing of even just one device could lead to a major data loss, resulting in productivity, time and financial losses, adds Dewing.
Getting user data protection right
User data protection projects often fail because users are expected to manually back up their data and this naturally leads to data not being backed up as users either forget to do it or are mistrustful of storing data on a server, she continues.
Implementation failures can also occur when a comprehensive implementation plan is not put in place or the system needs to be manually deployed, leading to systems and software only being partially implemented, notes Dewing.
This is why a strategic plan is crucial in these projects. A complete data loss prevention strategy ensures the security of data and the continuity of work within a business, says Dewing, adding that strategy takes away the responsibility of backup and data security from the end user.
Instead, it focuses on a comprehensive endpoint data protection that places control of endpoint data backup and protection in IT's hands, she explains.
"A complete data protection strategy should not only use software that automates the process, ensuring that backups are happening regularly and do not depend on users remembering to do them; it should also include endpoint loss protection in the form of data loss prevention technologies like encryption and remote wipe."
The disadvantage of not having a data loss prevention strategy in place is that it risks not only the loss of data and trust but also poses the possibility of legal penalties, says Dewing.
"A good strategy puts in place systems and tools that not only back up data so that it is easy to recover, it also protects data through encryption so that data is only accessible by the authorised users."
"With a data protection strategy that integrates data loss prevention, IT is in complete control of data, and they are able to quantify how much data is being stored on end users' devices and are able to protect it and monitor it."
The added benefit of this is that closely protecting and monitoring endpoint data aids in adherence to data protection and privacy laws and in doing so, achieving corporate governance compliance, says Dewing.
Click here to complete the survey and you can win a Samsung Galaxy E 9.6" 3G Tablet.
Share