The thing to remember concerning what you hear about data breaches is that you’re hearing only about what gets reported — and plenty of data breaches never get reported.
Even so, the numbers we do have are plenty scary. A study on data breaches — 2010 Annual Study: U.S. Cost of a Data Breach, published last March — conducted for Symantec by the Ponemon Institute tells us that in 2010 (the most recent info we have), the average data breach cost $7.2 million, up from $6.6 million in 2009.
Categories: Business Continuity | Business Resumption | Data Access | Information Security | Intrusion Detection
As I see it, there are 10 best practices that can make the difference between backups that really do keep you in business and backups that seem to work okay — until you actually try to use them. Here are the first two:
#1 Understand your data so you can decide what needs to be backed up and how often.
Base your decisions on the cost of loss, which you can get a sense of by noting the types of data your business relies on — emails, spreadsheets, databases, line-of-business apps, etc. — and determining the impact of losing that information for good and having to recreate it (if you can). Add in the cost of unhappy customers and potential regulatory/compliance violations — and do the math.
Categories: Backup | Business Resumption | Business-critical Data | CEO to CEO | Disaster Recovery | Recovery
Thanksgiving is a time for giving thanks, eating turkey, and enjoying the fellowship of family and friends. And no one wants the holiday ruined by a call like this...
“All our customer files have evaporated. As have everyone’s email messages, all pending customer orders, and the accounts receivables database.”
Would you be able to reconstruct that data from scratch? Or, worse, try to move on without it?
Categories: Business Resumption | CEO to CEO | Disaster Recovery | Information Security | Managing Risk
I can’t emphasize this enough: All of the technology products and services an organization devotes to securing its data, applications, systems, and networks have but one aim — to protect the value of the business.
Conversely, every data breach reduces the value of the business — and there are more data breaches every year.
Categories: Business Resumption | Business-critical Data | CEO to CEO | Disaster Recovery | General Business | Information Security | Malware | Security | SPAM | Virus Detection
Our Chief Technical Officer, Mike Dillon, estimates that the number of infected sites is growing by 20% to 25% a year. “If your company is shifting more toward cloud services and hasn’t addressed security, you will be attacked,” he says.
So here are the (non-technical) questions you need to ask and get answered to protect your business:
Categories: Business Continuity | Business Resumption | CEO to CEO | Cloud Computing | Data Access | Disaster Recovery | Encryption | General Business | Information Security | Monitoring | Technology Management
It’s easy to tumble backwards into information security, to let yourself get sidetracked into arcane, hard-to-follow discussions about the innards of technologies and products when in fact you need to be thinking through higher-level strategy and policy.
If, for instance, you don’t actually know yet whether your business would benefit from using encryption, listening to the sales pitches of competing encryption product vendors is a waste of time.
So start with straightforward non-technical questions that your IT people should answer in a straightforward, non-technical way. When they backslide into techno-babble make them translate (they can use the practice).
You’ll also want to pose questions about the security of your information infrastructure as well as how to cope with cloud computing and social networks. Check my next post for those 9 questions.
Categories: Business Continuity | Business Resumption | CEO to CEO | Disaster Recovery | Managed Services | Security | Encryption | Information Security | Business-critical Data | Data Access | Authentication
It happened during a stormy Wednesday morning commute. A driver lost control of his car and caused eight utility poles to fall. The power went out, the road was blocked by live wires and downed transformers, and everyone already in our offices got trapped in the building.
So we began to execute our disaster recovery plan. Initially, battery and generator backup provided phone and Internet capability. We utilized resources at several other locations to function until we got the all-clear to evacuate the building.
That’s when our disaster recovery efforts began in full — and by three o’clock that afternoon, we had everyone out of the building, the facility shut down, and we were operating completely remotely, with some of our folks at our McClellan Business Resumption Center and others working from home. Customer service calls, billing, email, phones — everything — was operational.
Why did it work out so well for us? One reason is our ongoing DR planning. Another reason: We conduct quarterly disaster recovery drills. As our CTO, Mike Dillon, says, every drill we do teaches us something.
We learned first-hand that even little disasters can have big impacts. And they can teach you things, too. For instance, we forgot about feeding the fish, which won’t happen again.
Nobody stays in business long if their business-critical data and apps are lost. So pardon me if I sound like my replay button got stuck, but I’ll say it again: make sure your critical data and apps are replicated to a secure remote environment that’s always accessible from anywhere.
You’re at least halfway there if you’re using a cloud-based backup replication service — but, of course, you need to make sure you’re dealing with a provider with a secure, scalable, fail-safe environment and plenty of flexibility when it comes to service options.
Combining virtualized data replication, secure data storage, and disaster recovery capabilities in a resilient cloud environment makes data recovery smoother and less costly, since data replicas and data backups can be managed with the same software. Your provider should be able to ensure the safety, security, and integrity of your data whether it’s replicated to a shared environment or a discrete, dedicated one.
And don’t forget about what you’ll need to communicate with employees and customers. Using cellphones, web-based email, instant messaging, Facebook, etc., can enable you to stay in touch with employees. To interact with customers when your facilities are compromised, your best bet is hosted voice-over-IP (VoIP), which allows your office phones to easily be forwarded to other numbers.
Categories: Application Performance | Business Continuity | Business Resumption | Cloud Computing | Disaster Recovery
Quest © 2011. Quest® is a registered trademark of Quest Media & Supplies, Inc.
Subscribe