Protecting data for businesses

MANILA, Philippines - Information is the most important resource of any business. Without it, any business would not run nor would it know what to do. But just as how invaluable data is, it could also become a point of liability and the hardest for a company to protect.

Data loss is one of the main problems facing businesses with an IT infrastructure. Loss could mean having data accidentally or intentionally deleted, improperly organized and stored or stolen. Dependence on IT infrastructure for storing digital information would require just as much knowledge and responsibility in protecting it.

Myla Pilao, director for core technology marketing of Trend Micro, says there are basic facets in data management, storage and protection that companies must know to ensure that their precious data is kept intact and can be easily accessed when needed.

Enforcing these required habits of data management will also go a long way against data loss due to theft especially for critical information.

“How basic corporate data is protected also mirrors how a company would protect the rest of their data, including critical information,” says Pilao. “Knowing the key facts of data loss prevention can help a company formulate its own policies and processes on data management.”

Human error

Pilao identifies these five facts. The first fact is that human error is the leading cause of data loss. A 2010 study by Kroll Ontrack showed that 40 percent of home, business, government and channel users of IT think that human error causes the most amount of data loss. Instances of human error include accidentally deleting files and forgetting to back up critical office data. 

Many businesses also do not have a centralized storage facility. This means that employees and business partners are not able to access important data that could have streamlined their operations. Having no centralized repository also opens the system up for more human errors in data management.

The second fact is that data backups are a necessity and not a luxury. Backups ensure that there is still available information when data is deleted, be it accidentally or intentionally, from a corporate user’s PC. Unfortunately, many companies neglect this aspect of data management.

A 2007 study by AT&T showed that there are still companies, especially small ones, which do not back up their data at all because they do not see its necessity. Businesses may face financial liabilities if they lose sensitive data. They may, for instance, have to recreate lost data from scratch after a loss. Losing sensitive customer data can expose them to legal, apart from financial liabilities, as well.

The cost of notifying customers, partners, and/or stakeholders should a widespread hardware failure occur is also worth considering. Companies that are subject to regulations imposed by the government may also suffer from financial and/or legal sanctions if they do not adopt required data protection measures.

Even though 75 percent of the total number of small businesses use on-site data backup resources such as tape or external hard drives or CDs, their data is not completely safe from the risks natural disasters or break-ins pose. They should store backup file copies off-site or in the cloud.

Data leaks

Third fact is that data leaks can occur from even within a small company. Citing a study by Trend Micro, Pilao says small companies are increasingly becoming concerned about data leaks, both intentional and unintentional. Critical information includes personnel data files and financial performance.

Without proper data handling policies in place these data can be accessed by any employee. Data can be stored in a USB thumb drive and taken out of the office or the information can be e-mailed and accessed through unsecured computers.

“The company’s greatest asset can also be its worst liability - its manpower,” Pilao says.

The fourth important fact is that malicious software is a persistent cause for data loss. Pilao says businesses are prime targets of cybercriminals since they hold valuable employee and customer information.

Cybercriminals can steal several kinds of confidential corporate information ranging from employees’ social security numbers to their personal information and to the company’s online banking credentials. If these fall into the wrong hands, anyone within the company or the organization itself can succumb to information theft or, worse, identity fraud.

In-the-cloud storage

The fifth fact is the reality that in-the-cloud storage is becoming an evolutionary progression trend rather than a fad. Data storage facilities on cloud computing platforms are being developed and these allow companies to safely store their data in the cloud and remain operational in case of dire situations where data loss is inevitable due to disasters, both man-made and natural.

Cloud computing platforms also reduce capital and operational expenditures and in the case of data storage, perhaps millions in terms of purchasing storage hardware and the software to maintain them. Cloud-based data storage can be in the form of an internal system or through a third-party provider.

However, data loss can still happen in cloud computing due to hardware failure. Those using cloud computing services for data management and protection must install applications that ensure infrastructure reliability.

“Cloud computing is the next step in data storage especially for small offices that have mobile workers. More data will be created and these must be stored in secure and stable environments,” Pilao says.

Pilao says Trend Micro has a whole range of data management and protection suite for a variety of platforms, including cloud computing. Its flagship for datacenter protection is Trend Micro Deep Security.

Other data management and loss prevention products are SafeSync for Business, Worry-Free Business Security 7 Advanced and Worry-Free Business Security Services. Each one is tailor-fit to protect data from any point of entry whether for big enterprises or for small to medium businesses. They prevent data from being viewed, moved, modified, released, without the knowledge of network administrators.

“Trend Micro’s full data protection suite is born out of years of research and development. We are expecting more companies to become more familiar with the trends in data management and loss protection and to eventually take to the cloud. And when they do, Trend Micro would be there,” Pilao says.