Protecting Stored Data
An effective data security policy is critical now more than ever, as data is increasingly stored in a variety of devices. But even though IT decision-makers put stringent security strategies in place to patch operating systems, secure the perimeters of the network and protect data, breaches are everyday news.
The potential harm involved, in terms of negative press and financial losses, when companies lose laptops, backup tapes and other devices containing private information can be staggering.
To prevent theft of sensitive assets, it’s critical to follow security best practices and adhere to a set data security policy. Here’s what to consider when creating one for your company.
Use the Right Technologies
As the Yankee Group has observed, storage networks are becoming more complex and have matured to the point of requiring additional perimeter and internal security services to ensure data integrity. In addition to encryption, IT decision-makers should consider implementing the following:
Corporations must institute data security policies regarding who can access databases. Monitoring software is also key -- it helps track who has accessed data.
Tools from various vendors help you watch the way content is accessed -- via email, instant message and file transfer protocol (FTP), for example -- and inspect the content for policy violations. Some tools block or quarantine violations, and others offer the ability to block outbound email.
Put a Strategy in Place
To protect corporate data, your strategy should focus on physical access controls, data network transport protection, host defenses, and system and application authorization, says Rich Mogull, director of research for the Gartner Group.
In addition, you should perform regular audits of your security practices. You should also establish a specific policy for protecting data, data management, backup and audit frequency. It is important too to consider internal access to corporate data: Gartner estimates that 70 percent of security incidents that cause loss involve insiders.
Determine How the Data Should Be Protected
Extremely sensitive data, such as confidential customer information and credit card numbers, should be encrypted before being designated for storage. Not all data must be encrypted, however, according to Mogull. “Use encryption to protect only data that moves physically or electronically, or to enforce segregation of duties for administrators -- for example, encrypting credit card numbers in a database to prevent database administrators from seeing them," he says.
Companies in certain industries, such as health care, must ensure that their data backup, storage and recovery policies comply with government regulations. The Gramm-Leach-Billey Act and the Health Insurance Portability and Accountability Act (HIPAA) require more stringent corporate governance and controls. The Sarbanes-Oxley Act requires corporations to be financially accountable; it doesn't specify the amount of time specific data should be stored or how, but because it does require integrity of data, it motivates IT executives to determine their own policies and be more vigilant about backing up and storing corporate information.
IT Insider is a daily editorial resource offering innovative insights and strategies for building an integrated, secure and resilient IT infrastructure.
Available at Amazon.com:
- The Great E-reader Roundup
- The NFL's Highest-scoring Apps
- New Gadgets Straight From the Big Screen
- A Game Plan for Protecting Stored Data
- The Drive for Real-time Collaboration
- Hang Onto People Who'll Help You Advance
- Leading New Developments in Visual Computing
- Meet Mr. Industrial: Justin Lassen's Music Machine
- Must-see TV on the Internet
- Share Safely on Social Networks
- 6 Essential Rules for Safe Online Shopping
- Five Steps to Kid-friendly Surfing
- High-tech Help for Weight Loss
- Create a Web Site or Blog for Your Family
- Video Eyewear for Sunglass Cinema
- Smart Phone Apps Help Stop Distracted Driving
- Online Computer Backup Services Remove Hassle
- Cut Your Carbon Footprint and Save Money With New Gadgets
- The 25 Best Apps for iPads, iPhones and Droids
- Government Takes a Step Toward Cloud Computing
- Is Our Obsession With Internet-Based Media Veering Into Addiction?
- Stop Information Overload
- Cool Technology Tools for a Carefree Life
- Apple iPhone versus Google Android
- Apple Enters Rental Biz
- Cool Technology and Gadgets for Hot Summer Fun
- Smart Tools For a Paperless Home
- Formspring.me - Teens' Ugly Scrawlings Go High Tech
- Guide to Great Educational Websites for Kids
- 5 Social Media Tools for College Students
- 5 Do's and Don'ts for College Students Using Social Media
- Is Facebook Killing Your Mojo?
- Internet Safety Tips for Teens
- 10 Cool Gadget Gifts for Grads
- New DVR Recorders Do More Than Record TV
- 4G Networks Promise True Wireless Broadband
- Tools That Make it Easy to Network Home PCs
- GPS: Cool Devices That Know Where They Are
- Ultimate HDTV HD Television Buying Guide
- How to Save With Cutting-Edge Tech
- Suddenly Instant Photos Are Everywhere
- Technology Opens Doors for Investors
- The Art of Self-Marketing Online
- Is Your Next Job a Click Away?
- Archiving Twitter Tweets: Dumbing Down Journalism
- These Financial Blogs Are Worth Your Time
- iPad Launch: Perils of the iPad
- iPad Launch: What Buyers Need to Know
- Apple's iPad: 5 Reasons Why the Apple Tablet Will Flop
- Apple's iPad: The Good, the Bad and the Ugly
- 'Dotcom' Turns 25: Predictions for What Comes Next
- Costly Incompatible Glasses Threaten 3D TV Sales
- Mobile Tech That Stole the Decade
- The Biggest Technology Flops of the Decade
- M.B.A. Programs Are Biting Apple's iPad
- Democracy in Cyberspace
- The Digital Disruption
- Bashing Bosses on Social Media
- New Applications Turning Cell Phones Into Medical Devices
- Job Hunting With Smart Phones
- Nobel Winner Right About Risks of e-Books
Copyright © 2010 Studio One Networks. All rights reserved.