Posts

Determining if your data protection plan needs a facelift

The data that a business holds is central to its operation. Data encompasses all information, from customer files and account folders to business applications and client information.  It’s imperative, then, that organizations of all shapes and sizes have a plan in place to protect that data in the event of a disaster, accident, cyberattack, or power outage. On top of that, you need to review your data protection plan to keep it relevant, up-to-date, and fit for purpose. Here’s what you need to know about data protection strategies and how to tell when it’s time to review them.

What is a data protection plan? 

Data protection strategies encompass data availability and data management. In other words, it’s the means by which a business stores, backs-up, moves, and protects its data and makes it available to relevant personnel in order to comply with the law. 

Data privacy laws and regulations vary from country to country and even from state to state. Not being compliant can mean steep fines and other penalties and could even mean that you have to stop doing business in the country or region in which the law or regulation is breached. 

A data protection plan will ensure that:

  • No data is lost in the event of a disaster, accident, or cyberattack
  • Data is protected from corruption, compromise, manipulation, malware, and loss.
  • Data can be restored quickly in the event of any damage, corruption, or loss. 
  • Data is available to users at all times, whatever the circumstances. 
  • Data is kept private and can only be accessed by authorized personnel. 

A data protection plan is essential to secure compliance with the law, safeguard information and records, and save a business from downtime and lost productivity that could prove disastrous. 

Do you need one?

CNBC.com reported that 40 percent of small businesses never recover from a disaster.  

When hurricanes, tornadoes, floods, or fires destroy customer records, invoices, contracts, tax returns, insurance policies, and so on, they lose customers, and the damage is irreparable.

Despite this, The Global State of Information Security Survey 2018 (GSISS) found that 33 percent of respondents do not have an IoT security strategy in place. Tech & Innovation reports that many organizations do not have sufficient plans in place to protect their data. Forty-four percent of respondents did not have an overall information security strategy, 48 percent did not have a security awareness training program for their employees, and 54 percent do not have an incident-response process in place. 

Determining if it’s time to update your data protection plan 

How often you update your data protection plan will depend on the nature of your business, the data that you hold, how many people have access to it, and the means by which they access and use it, both inside and outside the work environment. For example, you might need to review your data protection plan with staff changes and when new devices, such as laptops, are obtained. 

For data that must be kept private, you need to maintain strict control over who can access your data. A breach of privacy can lead to data security issues. Your employees must be fully trained in the nuances of data privacy and security to avoid any violations, and you need to keep firm control of BYOD devices and devices used outside the office environment. 

Remember to review: 

  • The security of passwords
  • The reporting of violations
  • Where rules are posted and who can and should read them
  • How data, files, paperwork, and printouts are destroyed when they are no longer needed 
  • How data is transmitted and shared between staff 

Also, assess whether you are you using your data in the most effective way for reporting, analytics, test and development enablement, and other purposes. If you’d like to know more about data protection plans or our suite of services for businesses in the New York Tri-State area, please get in touch with us.

Cyber Threats in 2019

What is your cyber threat response strategy?

The cyber threats the business community faces continue to grow, increasing the importance of having a multi-layered approach to protecting your data.

Find out more during our webinar presented via partnership with Datto and Barracuda.

Cyber Threats in 2019: Ransomware Continues to Evolve –

Don’t Let Your Guard Down

Thursday, May 9 | 12:00 – 12:45 p.m. ET

REGISTER NOW

In partnership with Datto and Barracuda.

3 Data Loss Horror Stories

You’ve likely heard about data loss and its potential impact. Unfortunately, the true costs of data loss often get covered up by the massive data breach stories that grab headlines.

Data breaches expose corporate and client data. And, when they affect major corporations like Sears, Delta Airlines and Best Buy, it’s easy to see why data day-to-day data loss stories don’t get as much coverage. The average total cost of a data breach is estimated to be $3.62 million.

Regardless, it’s important to keep in mind that disasters and accidents can cost you just as much as a data breach.

Did You Know? 43% of businesses that suffer massive data loss never reopen.

Here are a few examples of data loss and how it happens.

1. Toy Story 2 (Almost) Disaster

When looking at data loss horror stories, Pixar’s epic problems with “Toy Story 2,” definitely hit near the top of the list.

While working on the movie, one stray line of code managed to delete 90% of the film. All the Toy Story 2 backups were recorded on tapes.  But without regular testing (that never happened), the team never knew if the tapes would work until they tried to restore from them.

Unfortunately for the design studio, the tapes were not running good backups. That left the company with a months old version of the file tree and a rapidly approaching deadline for a release date.

However, Pixar got lucky.

One of their employees worked from home and happened to have a copy that was only a few weeks old. The film was back up and running after a massive week of overhauls, file checks and impossible man hours.

Related: 8 Business Benefits of Having Managed Services

One badly executed command almost cost Pixar their credibility and a film that eventually went on to gross nearly $500M and walked off with an Oscar nomination.

2. Government is Not Exempt

Data loss stories aren’t just reserved for olden time.

Even in 2014, well into the age of cloud computing and near-instant data recovery systems, the State Department showed exactly how bad things could get when you don’t have a recovery plan in place.

Rolling out a software patch managed to crash the State Department’s passport and visa system, affecting more than 200,000 travelers worldwide. Neither passports nor visas could be issued or verified while the system was down.

Related: You Can’t Plan for a Disaster, but You Can Have a Disaster Plan

The State Department actually had the data backed up already, but the system itself was not.

3. Ma.Gnolia Folds Due to Catastrophic Data Loss

Remember that 43% mentioned earlier?

You might not remember Ma.Gnolia, a bookmark sharing website, but it was doing quite well in early 2009.

Users could publicly or privately bookmark a site for later viewing, and all without a local save. That meant you could access your bookmarks from any device. The company suffered a major data loss that took the entire service offline. Faced with days of expensive recovery activities and a major reputation hit, the company never recovered and folded shortly thereafter.

Avoiding Data Loss

The longer your systems are down, the more money you’re paying your employees to sit and wait. Data loss also means you’ll bring in less money due to the downtime that accompanies it.

Data loss isn’t reserved for big companies. It’s common, and it can happen at any time. Avoid being a member of the data loss brigade with a disaster and recovery plan that includes continuous backups and regular checks to ensure data integrity and recoverability.

Where do you get one of those, you ask?

Turn to your friendly neighborhood MSP, AppSolute. We’ve got what it takes to protect your data and keep your business running through the thick and thin.