The what, why and how of data security
17 September 2015
Data security is one of the most important issues facing modern enterprises today. Research from EMC in 2014 showed that 64 per cent of organisations view data protection as highly critical to their business. The research also reveals that 8.7 per cent of total company revenue is spent on IT, with 7.7 per cent of that segment being spent on data protection.
Recently, I hosted a webinar that asked the question: “Do you need backup, disaster recovery, or business continuity?” The webinar highlights the elements that create comprehensive data security and provide security recommendations for IT decision-makers.
Here are some of the key takeaways:
What do we mean by data security?
Lots of terms get thrown around in discussions about data security, but it’s not always clear if we’re all on the same page. The essentials points to consider are:
- High availability – how resilient is your system in terms of software and hardware components? High availability is built-in, automated protection that keeps systems running in the event of failure.
- Backup – do you have the right processes in place to protect data in the event of loss through, for example, accidental deletion or corruption of files? These can be scheduled and changed as required, but still require manual human implementation.
- Disaster recovery – ensuring that critical applications can be recovered timely and with minimal loss. Again, this needs to be manually set it up, but should subsequently run on an automated basis.
- Business continuity – do you have the ability to maintain critical operations during crisis – not just the IT department but also the entire organisation? This is your business’ plan B, ensuring that the organisation can continue with minimal disruption.
Why is data security important?
Research released by IBM in 2011 shows just how vital it is for businesses to continually assess data security. The report reveals that companies that suffer major data loss have trouble recovering: 43 per cent never reopen, 51 per cent close within two years, and only six per cent last long-term. In addition, Continuity Central reveals that even during outages of less than 15 minutes, 45 per cent of IT professionals experienced an impact to business.
Disruption has a number of possible causes including: hardware failure, loss of power, software failure, data corruption, and accidental user error and security breaches.
How is data security achieved?
* High availability can be ensured from the start at the design process. This lies in decisions about storage controllers, compute servers, and network access and storage switches.
* Regarding backup, IT decision-makers need to think about what their organisation needs in terms of data copies and retention. Which applications need the highest level of protection? What medium should they be copied onto? Should virtual and physical workloads be backed up in the same way?
* Effective disaster recovery requires offsite data copies. Many organisations rely on tapes as a storage medium, but tapes don’t last forever. Tapes also require continuous manual management and the recovery process can be very long. It’s also important to stress that replication be kept separate for both disaster recovery and backup.
* Ensure business continuity by automating your systems. The recovery process can be automated so that any authorised individual can initiate this process at the push of a button. The complexity that is sometimes involved in commencing the recovery process is often the biggest obstacle to fast recovery.
For more information on backup, disaster and business continuity, check out the full webinar.