Data protection can be a surprisingly complex subject and frequently means very different thing to the people discussing it. To business owners, data protection is important for protecting proprietary information, including sensitive customer information; the costs and benefits of protection must be carefully weighed in order to maximize the value of money spent on this infrastructure. Recognizing the many priorities that data protection encompasses can help decision makers select the right security and storage solutions.
What Security Measures Are Adequate?
Networks and backup servers have to have security solutions that work together and become stronger as a result. Security must also carry through all levels of a network and not be heavily weighted at any one point if that emphasis comes at the expense of other necessary forms of security.
As an example, imagine a data network that has these security measures already in place:
- Rights access control
- Finds access
- Encrypted storage device
This network has a reasonably comprehensive level of security at all levels. If any one of these four security solutions were not in place then a fundamental security vulnerability would be introduced. Unfortunately, the use of encrypted storage devices is not as widespread as it should be. Data storage has to be thought about from a security perspective. Otherwise you risk introducing fundamental vulnerabilities into your security system.
Authorization and Access
Encryption is a form of security that transforms data into a format that is only visible to intended users. Only users with the right security credentials will have the key required to unencrypt the data. This strategy is typically used in environments where it is not possible to prevent every instance of unauthorized access. For instance, if information is being sent through a public network then unencrypted information could be visible to anyone who cares to look. Encrypting valuable and sensitive data protects users as well as customers who expect their information will be protected. Additionally, encryption protocols can be placed on portable data storage items such as USB drives so that network users can securely transport information that would otherwise be vulnerable to physical theft or tampering.
Encryption is a relatively low cost security strategy and will result in a much stronger core network without a lot of effort. Organizations seeking to implement encryption should choose a standards-based product with Common Criteria, FIPS, or other third party validation. These protocols are industry standard and recognized by the government as providing effective data security.
Implementing encryption protocols into your organization is easy if you work with a knowledgeable and experienced vendor. Our consultants can help you determine your organization’s encryption needs.