The ongoing challenge of protecting data

Nigel Tozer examines the various difficulties both individuals and businesses face when protecting their data

Tags: CommVault Systems IncorporatedData leakageData protectionUnited Arab Emirates
  • E-Mail
The ongoing challenge of protecting data Nigel Tozer, solutions marketing director, EMEA, Commvault.
By  Nigel Tozer Published  June 25, 2017

Looking forward to 2017 to explore data protection challenges, whilst consumers concern themselves with personally identifiable information, business need to work within privacy laws and regulations and avoid the reputational or financial damage of non-compliance.

So, what are the emerging data protection challenges of 2017 and how can businesses deliver best practice?

Compliance

A key consideration in 2017 will be the ability to locate, protect and manage data regardless of the customer’s choice of storage infrastructure whether on-premises, in the Cloud or more frequently a hybrid of both. Furthermore, with data increasingly being created on mobile devices and being stored on media ranging from tape through disk and virtualisation to public and private cloud, companies will benefit from a solution that facilitates strategic migration and rationalisation.

GDPR

On data privacy day 2017, companies will be reminded that they need to be working towards the new General Data Protection Regulations which will come into effect as of May 2018. GDPR mandates that companies over a certain size (250 employees; smaller ones too in some circumstances) must employ a Data Protection Officer, and part of their role is to put in place a breach notification policy.

One of the biggest challenges for this person will be to classify unstructured data and the processes around it. Unstructured data is disparate; scattered over endpoints, hard drives and the cloud, and is therefore far more challenging to keep tabs on. Technology that can identify, manage and automate policies based on its content, will ensure that organisations can move swiftly towards meeting these new regulations in less time, with less stress, while gaining business benefits as bonus.

MiFiD II

MiFID II will be implemented in early 2018 and applies to the finance industry. Companies need to identify which datasets have been moved where, at what time and by whom. Data management companies have built multipurpose and secure systems that can handle the machine data created by transactions and people. This data can be indexed, made searchable and once the user has found what they are looking for, they can then see an overview of transactions and are able to export them. If a company is unable to comply with the required response period it could result in a major fine, impacting the business bottom line and reputation.

Your data, your responsibility

Your data, your responsibility is a clause embedded in the majority of, if not all, public cloud contracts. The big public cloud providers typically use snapshots and replication to reduce the risk of data loss, but neither of these offer the protection of an actual backup copy. This doesn’t present much of a problem for backup data, but for critical data that only resides in the cloud, Data Privacy Day is a great reminder to check exactly what protection is in place and take action to avoid undue risk. If there was ever a good argument for offsite backup, this is it; a backup on-site is just another copy, it’s not really a backup.

Many organisations are turning to cloud providers such as Azure and AWS as the modern way of getting data safely offsite, even if they run a service themselves, as in this case. Businesses should choose software that can securely send data into the cloud and also enables you to recover your systems there, converting to the right hypervisor at the same time. This means you have off-site protection and disaster recovery without the cost usually associated with duplicating infrastructure and premises.

Intelligent Data

Increasingly, enterprises are requiring more from their data solutions - whether that is increased interaction between various data lakes or the ability to transparently protect all their data to ensure compliance with new EU and other data governance regulations.

Only intelligent data management can automate access to, transfer and sync data between dozens of applications, databases and various other enterprise data lakes. Automation that is needed if enterprises do not want their IT administration costs to skyrocket and their business processes to slow to a crawl.

Finally, only intelligent data protection provides enterprises with the power and visibility they need to makes sure that all their data is governed in a manner that complies with new EU data privacy laws such as GDPR, which has ‘protected by default’ as a key principal. Given all these forces, 2017 will be the year when enterprises will be forced to finally wake up and realise that intelligent data management is not a luxury – it is a necessity.

Ransomware

In 2017, organisations will take ransomware more seriously and implement ways to rapidly identify compromised content and automate its recovery. Ransomware has proven to be one of the most effective ways to infiltrate an organisation, and cyber criminals are becoming better at embedding viruses into innocent-looking email attachments.

Organisations need to figure out how to classify, separate and wall off their data in order to reduce the risk of data being inappropriately accessed and permanently lost. Discussions need to take place at the board level about an organisation’s data recovery strategy and its intersection with its security and ransomware strategy in order to keep sensitive data out of the hands of the wrong people.

2017 is not full of new threats, but the challenges are increasing in urgency; ransomware is becoming more frequent, more common, the need for compliance is greater due to political changes and legislation deadlines approaching. Data is a business asset and a business risk. Ultimately it is your responsibility. But, through comprehensive data management that can automate, be thoroughly indexed, that is cloud agnostic, and able to recover lost data even after a ransomware attack, that is the strategy for successful data protection and IT best practice.

Nigel Tozer, solutions marketing director, EMEA, Commvault.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code