DATA SECURITY BASICS

It's a crazy week at work. You're the last one out of the office, cranking out work until 11 p.m. The last thing you do before leaving is lock the doors. Without locking the doors, your entire business would be vulnerable.

Luckily, there are only a few sets of keys to your office, so it's well protected. But what if everyone in the neighborhood had a key? Or what if everyone knew that jiggling the handle would pop the door open? How safe would your business be then?

Now think about the other entrance to your office: the data systems network. Is it locked? Are you sure? Is there a detection alarm? Who is going to respond to it? If you don’t have a protection, detection, response security system, in place, your business is just as vulnerable as if you left the front door wide open every night.

Many small and midsize businesses cut security corners. A study by the Small Business Technology Institute, for example, found that one in five small companies (one to 100 employees) has inadequate malware protection, the majority have no security policies, and many create a response plan only after disaster strikes. Yet small and midsize businesses are just as likely as large organizations to be attacked or targeted by malware.

What are the threats to the security of your data?

• 3-5% - Natural Disasters (fires, floods, lightning)
• 15-20% - Hardware Failures (disk drives, system boards, power supplies)
• 80% and rising - Security Threats (viruses, malware, intruders, unauthorized surveillance software)

Security Violations:

Have you ever heard of these security risks?

• Spyware
• Trojan Horse
• Worm Viruses
• Key logger Infection
• Botnet (Robot Networks)
• Phishing Attack
• Hacker

Who are these intruders and what do they want?

These are well organized highly educated business people that want access to:

• Money (i.e. access to your bank account and wire money out of it)
• Something they can steal to make money with (Identity and Credit Card data)
• System Resources (Use compromised servers and systems to host things like spam engines, host images or music or use the compromised system to attack another system(s)

Learn More about these security risks (link to Hackers/Threats page)

Hardware/Software Failures

Device failure can happen when there is a corrupted area on the disk where your file is located. Your entire drive could fail. When this happens, you have to wipe the disk and reinstall the entire operating system. In the same vein, equipment failure is more complex. This includes a failure like memory corruption within your computer and requires defective equipment to be replaced and information recovered.

Data corruption also occurs when application software fails to correctly store information or accidentally overwrites existing information.

What kinds of failures can cause data loss?

• Disc drive failures
• Tape drive or backup system failures
• Internet equipment failure
• Network connectivity failure

Disasters - Natural or Man-Made

We all know this to be true - Accidents Happen.

Site destruction relates to a geographically localized event, such as fire or flood destruction. Recovery from site destruction is complicated as the equipment and the site must be replaced.

Natural disasters are the worst because of their scope and size. Equipment is lost, facilities are destroyed and personnel are unavailable. Recovering from a natural disaster is not as easy as simply relocating to a new building and installing equipment.

Most companies in areas that are vulnerable to natural disasters have disaster recovery plans in place. But every business is vulnerable to fires and other such accidents.

The Basics of Backup Protection

Having identified what can destroy your data, it is time to look at some of the basics of data protection.

Did you know that 75% of people who backup can’t restore?
What constitutes a successful backup? Automation, Retention (Offsite), Restoration & Testing

Automation
Is your backup completely automated?
Who is responsible for keeping track of the backup media, rotating the media and taking the media offsite?
If your backup process requires people, then it is not completely automated.

Retention
What is the restore point?
When a file is deleted from your systems that are getting backed up - at what point is that file gone forever?

Offsite
How often is backup media taken offsite? Who is responsible for this process?

Testing
When was the last time your backup process was tested? Were you able to completely restore? How long did it take?

Archive
Do you archive data from the server(s)? Where is it stored?

 

Copyright © 2008. Sklar Technology Partners All rights reserved.