Hackers, disgruntled employees, fraudsters, floods, earthquakes, terrorist attacks, hardware or system failure.
These are only eight ways in which your company’s invaluable data could get stolen or damaged. They are also eight very good reasons why you should invest in protecting your data. If you need more reasons, you only have to talk to privacy and data protection experts, many of whom think that the recession has aggravated the problem of data breaches and information theft.
If you still think data protection is no big deal and you can afford to be lax about customer privacy and other data protection practices, sample this. T.J. Maxx, one of the largest retailing giants in the US, was set back by billions when it announced in 2007 that hackers had stolen data from 45.7 million credit and debit cards of its customers. The company not only had to pay up to $24 million in a settlement with MasterCard, it also had to budget for the various litigation and claims that were made against it on behalf of customers, banks and card companies. According to a report released by IPLocks, a compliance agency, the losses could have been as huge as $4.5 billion, or $100 per stolen record.
Thanks to its size, however, T.J. Maxx was able to absorb the losses and still maintain its customer base.
Closer home, in 2005, the Mumbai floods ravaged not only the city, but they also put several businesses out of luck and out of work. Most of the banks and outsourcing outfits were affected, and only some were able to get back on track fast enough. Reason – they lost critical digital assets.
If nature does spare you, your own resources might not. In March 2009, BBC reporters posed as fraudsters to illegally buy credit card and other personal details of British citizens from a Delhi-based broker. Apparently, the broker got these details from agents working in BPOs, and sold them on for $10 a credit card.
Worse still, the machine themselves may let you down. No matter how fail-proof we might make our data storage devices, they just might fail. It already happens to hundreds of individuals, who lose their data due to hard-drive crashes. As a business, the machines acquire even more importance since they may be home to details of multiple projects, important mails or even worse, client data.
You probably cannot plan against all the above, but you can surely shield your network and data. Here are some possible channels of data theft and ways to prevent such loss.
Preventing Espionage
Corporate espionage is not always about high-tech crimes and slick computer hackers. It might be carried out even through the seemingly unthinkable trash bin or the coffee flask. Just keep in mind that a good spy will try to steal information through paths that throw up least resistance. Here are a few simple ways that have been successfully implemented by companies to reduce espionage.
Physical access control is restricted to areas where sensitive data is stored. Internet access is restricted from PCs through which internal data can be accessed. Use of USB-based storage devices or mobile phones is banned in zones where critical data is being handled.
Avoiding online threats
Make sure your computers, servers and networks are guarded by updated versions of antivirus and antispam tools. Treat it as hygiene. This is especially crucial for people who access the company’s network from their mobile phones or laptops.
With the advent of Wi-Fi, these machines are the easiest channels for a virus to reach a company’s system and cause enormous data loss. These systems can also be used by hackers to plant Trojans, giving the attacker unrestricted access to the data stored on the computer. Nowadays, there is also a growing need for anti-spyware since phishing has been identified as a rising concern for small and mid-sized businesses.
The first thing that you need to do is assess the security needs of your business. Depending on whether you need a basic or more sophisticated security product, try looking for vendors that offer bundled options, which cover several security concerns like anti-virus, anti-spyware, anti-phishing and firewall protections, as well as intrusion preventions and detections.
Have a data backup strategy
If you are a small company, backing your files on a simple DVD or an external hard drive may work. If you have a big business, you may want to opt for an external data center to host and manage your data.
Smaller organizations can also use online data backup services like Mozy
(www.mozy.com). Home users can also use this service for free back up of up to 2 GB of data. Organisations can back up their desktop computers for as low as $5 a month, depending on their usage. A similar service, iBackup (
www.ibackup.com), provides up to 10 GB of backup space for as low as $10 a month.
If you do not want to use an online backup service, ensure that you have a periodic backup process for your servers either on an external disk, DVDs or tapes, depending on your needs. Make sure you store the backed-up discs at a secure offsite location, in case of fire, theft or natural disasters.
Recovering from natural disasters
All organisations must have a disaster-recovery strategy. In the case of outsourcing outfits, it is a part of their service-level agreement. In other cases, where it is not enforced, the organisation must be self vigilant.
Start by creating a well-documented disaster recovery plan, which covers every aspect of the disaster recovery process. Also, make sure your employees are trained on that strategy.
The cornerstone of any disaster recovery is to have an offsite data centre, which should contain complete, constantly updated copies of all company information. In the event of a disaster, a backup site is where your data center will be recreated, and where you will operate from, for the length of the disaster.
A good business continuity plan will have detailed answers to every possible problem - how to deal with backup site staffing, how to establish connectivity with the data centre and methods of procuring the necessary hardware and software for operations at the backup site.
Remember, getting back to business after a disaster depends on the planning done today.
EMAIL THIS ARTICLE 
PRINT THIS PAGE