For almost as long as there has been the World Wide Web, there has been data theft. In the beginning, when the majority of people using computers didn’t have large amounts of data to steal, there was a limited reward to these kinds of thefts. However, in the 21st century the internet has grown enormously, and the majority of businesses now have an online presence which connects directly to their company network, providing easy access to malware and hackers. Data protection is now one of the most important elements of any company’s strategy. What has been revealed by research is that large numbers of smaller companies are not protecting themselves efficiently enough to defend their own data, and the data of their clients is also possibly compromised. Finding a solution is essential.
What is missing from small businesses?
Surveys among small and medium enterprises have revealed that most of the companies do not have sufficient protections in place to secure their data, or defend it from loss. More than 32% of companies have only a passive strategy, 13% are ‘developing’ their data recovery strategy, and a whole 8% have no strategy in place in case of data loss. Companies could be exposed to litigation if they lose customer and staff data, so this is a serious issue. Companies are also facing challenges due to failure to improve their back-up targets through consolidation. Nearly three-quarters of all companies said that meeting their back-up targets is a serious issue.
What action is being taken?
Many companies said that they are taking steps to manage their data protection, but many do not know where to start. If you need help with Enterprise data protection issues, then the first place to start looking may be at data classification software. This is a program that can designate your data into high risk and low risk categories which require different types of protection, helping to minimise exposure of sensitive information.
Other forms of protection involve the creation of a data-architecture model which can be used to help companies build a strategy. Many companies are not sure about how their data moves through their network, and running a program to reveal that data movement can be a shock. Even sensitive data such as credit details may pass through 6 different departments before it is secured. This is where data protection controls need to be put into place and that PCI security requirements are fulfilled.
Another essential Enterprise data protection is encryption. A number of companies do not protect their data until after it has passed through several departments, and this is again exposing the company to risk. Rather than run into problems like this, the business needs to create data protection policies which enforce encryption at the transaction point.