Local firms admit to inadequate data protection
While data security remains a top concern among company decision-makers, over a quarter of local organisations admit to only having a partially defined data protection strategy in place.
This is according to an online Data Protection Survey conducted by ITWeb and Puleng Technologies, in partnership with Dell EMC.
The respondents were largely IT professionals and senior executives from a variety South African public and private sector organisations.
According to the survey, only 41% of respondents said they were satisfied that their backup data is adequately protected from malware or ransomware attacks.
Cyber attacks have increased in frequency, severity and sophistication, therefore adequate data protection is needed wherever data resides within an organisation - and this applies to all areas across the business.
According to a report by the Ponemon Institute, South African organisations are more exposed to data breach incidents than their counterparts across the globe, having scored the highest probability of experiencing a data breach in the next 24 months.
While over half of the survey respondents (57%) do have a defined data protection strategy in place, more than a third (35%) said they were unsure if their data protection strategy met industry compliance regulations such as the Protection of Personal Information Act (POPIA) and the General Data Protection Regulation (GDPR), which comes into effect from 25 May 2018. Furthermore around 28% said they do not have aclearly defined archiving strategy that deals with compliance and cost containment.
POPI and GDPR are new regulations that will significantly impact how security operators can collect, use, store, update, retrieve, use; disseminate data by means of transmission, distribution or making it available in any other form. Apart from reputational costs, there will be fines of up to R10 million for firms that don't comply with POPI.
Experts point out that not only will individuals and organisations benefit through data privacy legislation but the regulations are also important for international trade, as concerns around information privacy can create barriers to trading beyond the country's borders.
Another 48% of respondents said they currently support their data protection environment through in-house skills, while 30% use a blended delivery which consists of both vendor and in-house, with 5% opting to fully outsource.
When it comes to the type of applications their organisations are moving to the cloud versus keeping their data on the premises, 28% of respondents are using software-as-a service, while 23% said they are focusing on only moving back office applications. Sixteen percent reported that they have no intention to migrate to the cloud, while 13% said they prefer to move only mission critical data to the cloud.
Mark Baatjies, executive account manager at Puleng Technolgies, explains: "Considering that business is innovating and bringing new services to the market faster than ever before through agile methodologies, a simplified and modernised data protection strategy enables the business to adopt new applications and move to the cloud (or beyond) knowing that its data is secure and recoverable."
Research firm International Data Corporation (IDC) predicts worldwide spending on public cloud services and infrastructure is forecast to reach $160 billion in 2018, an increase of 23.2% over 2017.
When asked if data sovereignty is a key concern when it comes to their cloud adoption strategy, over half (54%) answered yes, and 24% answered no.
In terms of their expected data growth over the next 12 months, 13% of companies surveyed are expecting it to double. A further 37% said they expect a 25% increase in data and around 40% said they expect their data volumes to increase by 50%.
In order to control the cost of data protection, almost a half of respondents are considering using managed services or backup-as-a-service, while almost 40% are in favour of using utility based pricing (pay as you go).
According to Baatjies, backup solutions are expensive, so he advises that maximising on their output is imperative.