Monday, February 4, 2013

The Triple Face Palm…

Whether they acknowledge it or not, one of the greatest challenges facing IT professionals is effectively protecting business data, particularly the growing amount of data stored on distributed desktops, remote and laptop computers.

Most storage management and backup software products lack the critical features required for the complete protection of all information stored on these machines. Specifically, users need comprehensive recovery tools to help them easily find and restore lost data and quickly bring idle computers back to full operation.

A new approach to data storage management and protection is essential. The ideal solution should allow quick and easy recovery from any type of information loss, including simple user errors, failed software installations, hardware failures and lost or stolen laptops. It should also address local storage on desktops and laptops as well as distributed server storage.

Understanding the Risk
The effects on IT environments are outlined in what Gartner calls, “the emergence of the nexus of four forces” - the
  • convergence of cloud
  • information growth
  • mobile
  • social
It is these forces will undoubtedly influencing almost every IT-related decision.
  • Data creation is growing at a rapid pace, with a single business’s daily data growth reaching Terabytes and being accessed and edited on various devices.
  • Our exposure to social channels and new technologies has resulted in a cultural shift. It means that Users manage and share their data differently, leaving business critical information increasingly vulnerable to loss, theft and corruption.
  • Business stakeholders often recognize the value of (and begin using) new technologies in the workplace before IT departments can harness and implement controls, resulting in multi-device proliferation and increasingly mobilized and shared data.
  • The massive increase in mobile workers (60% of those surveyed this year use laptops as their primary device) has meant that IT can’t assume that user-managed, server-focused data protection is a secure data protection strategy.
To keep all the data reasonably resilient, it is becoming abundantly clear that data protection, it must begin with endpoint devices, which will mean to completely remove users from the data backup process.

The results of the 2012 Data Loss Survey Results: The State of Business Data Protection 2012 was just released.  

The participants of the 2012 Data Loss Survey are mostly employed by companies with over 100 users, 37% of respondents work for enterprise organizations of over 1000 users.

In total, over 200 (mostly enterprise) organizations were represented, with respondents’ geographical locations split as follows:

27.2% North American, 
18% EU and 
48.7% African, with 
5.6% of respondents spanning the globe.

Remote is Here to Stay

With more than half of executives utilizing laptops (60-%) as their primary device with another 2% using tablets, we have seen the IT mindset change from server data protection to an outside, inwards approach – looking at endpoint devices as the start of an organizations data protection strategy.

BYOD

Today, BYOD has become a commonplace business IT challenge as more companies need to cater for a large number of users, including C-level execs, who want to access email and other company data on the device of their choice.

40% of respondents reported that their companies allow BYOD – and another 8% are planning to. Which still leaves the majority of 52% who do not allow BYOD in the workplace; however, few realize that it’s happening anyway. You know what they say, “Just because you’re paranoid, doesn’t mean they still aren’t out to get you…”

We’ve seen a significant increase in user mobility and technology independence. This in turn increases company risk of data loss if backups are not automated and centrally managed. Every year we report the same result – companies who employ user-managed data backup end up losing their data.

Almost every single survey respondent (who stated that their company expects users to follow a data backup policy) reported users not following policy as their biggest data protection challenge.

Do you believe that your Business Data is effectively protected?

37% have no real protection against unauthorized access to their data if they had to lose their laptop, meaning that their companies are not compliant with Corporate Governance and that company and customer data is severely at risk.  If these Executives were to lose their business data only 69% could recover their files.

Do you feel secure in the knowledge that your endpoint data is 100% protected from data theft, data loss and data breaches?

57.1 said No; 42.9 said yes. 

Can your company recover all your critical data for any and all users, the next time there is an incident?

69.4 said yes; while 30.6 said no. 

Now, anyone in this space knows the shape of the majority of the current backup technologies, tapes, and cartridges aren’t going to cut it.  They are fraught with errors due to aged media, poor storage, magnetic interference, and dilapidating technology; hence, recovery is a roll of the dice.

Where does the Buck Stop?

Only 63% of our respondents are aware of the personal liability attached to protecting their data, the other 37% did not know that they may be held personally responsible for lost confidential company data.

It Stops at the Head of IT, Hello...

Most companies have given ownership of data protection to a specific employee, who is then responsible for formulating a data protection strategy, for implementing the appropriate solutions and procedures – and understands the required Compliance regulations and legalities.   Which is an odd phenomenon, for those very same people say that the responsibility of a failure falls on the head of IT.?  



So the people expected to perform the duty have no accountability for their performance.

Of the companies we surveyed, it is most often (58%) the responsibility of the Head of IT to ensure effective business data protection.

• 11% stated that it is the CEO’s responsibility, and 7% said the responsibility lies with the Head of Risk.
• 16% were unsure of who in their organization is responsible for protecting business data.

Hmmmmm, no surprise there, unless you’re the Head of IT.  In short, the Head of IT better wrangle up those cows, unless they are comfortable with the cows securing the cabbage, and we all know the end of that story.

So what can you do?  Automate the management, backup, and security of all your endpoints. incidentally  this doesn't just mean Mobile device Management, but it's a start, for even though it's only 2%, it's rising faster than flood waters during a hurricane.  Remember, you still have to address the other 60% of laptops.  This is where a good enterprise endpoint management strategy will come in handy. 


Source(s):
  • http://cibecs.com/wp-content/uploads/2012/05/Cibecs-IDG-2012-Data-Loss-Survey.pdf

 So “Once more unto the breach, dear friends, once more;”
____________________________________________________________
About Rick Ricker

An IT professional with over 21 years experience in Information Security, wireless broadband, network and Infrastructure design, development, and support.

For more information, contact Rick at (800) 399-6085

at

No comments:

Post a Comment

Thanks for your input, your ideas, critiques, suggestions are always welcome...

- Wasabi Roll Staff