How to mitigate the growing risk of digital data loss

how to mitigate the growing risk of digital data loss.jpg

In London, 1.2 exabytes of data move through the city every day as people commute to and from work. When data moves from a controlled office environment to the external world it becomes vulnerable to loss.

Data continues to grow at an unprecedented rate. By 2020 it's projected that the digital universe (the data we copy and create annually) will reach 44 zettabytes.

Unfortunately, the risk of data loss will only increase as data grows in size and portability. This is somewhat worrying given that data loss already costs enterprises $1.7 trillion per year.

It’s clear that organisations need to safeguard their sensitive information. But what exactly can an organisation do to protect its data?

It all starts with understanding the top reasons for data loss. A company then needs to ensure they can access data, while external parties can’t.

While this sounds easier said than done, there are various tactics an organisation can employ. In this article we’ll explore how organisations can mitigate the growing risk of data loss and protect their assets.

The 6 top reasons for data loss

Recent media coverage would have one believe that hackers and cyber-attacks are the leading cause of data loss, but this is not the case.  

Research has revealed the top 6 causes of data loss are:

    • Storage failure
    • Lack of a backup copy
    • Human error
    • A data protection program malfunction
    • A data protection solution that's down for maintenance
    • Corrupt data

By understanding these factors an organisation can work to protect itself against them.

How to mitigate the risk of data loss

The following solutions will help secure a company’s information.

1. Data loss protection (DLP) software

DLP software uses business rules to classify and protect confidential and critical information. Through this, unauthorised users are restricted from sharing data – whether it be accidentally or maliciously.  

There are many reasons why a company should use DLP technology. It will help an organisation improve:

  • Data visibility. The software will reveal where data is stored, where it’s being sent and who is accessing it.
  • Internal security. DLP technology will identify files that contain sensitive information and restrict them from leaving the network. What’s more, it controls the applications employees can access enabling the performance of high risk activities to only a select few.
  • Cloud security. The technology automates data encryption while it’s in use, in motion and at rest.
2. Back it up

The rise of hybrid cloud environments has simplified the process of backing up data.

Most cloud storage solutions offer version history, in addition to real-time edits. These environments ensure data is constantly captured. And more importantly can be easily restored.

By storing information within the cloud an organisation can always access their data. Even when an employee’s device is lost or stolen.

3. Encrypt data

Encrypting data will ensure that no one can interpret content should a device get lost or stolen.  

There are some risks associated with data encryption, but there are ways to mitigate these risks. An organisation can ensure strong encryption by using modern encryption ciphers, long encryption keys and layered encryption (to name but a few).

4. Implement security policies and educate staff

Employees commonly share sensitive information, online and via email. While this is often done unwittingly, staff need to understand their responsibility when it comes to protecting company data.

If a security policy is to succeed it must be communicated. Staff training programs will help to enforce policies and limit the instances of accidental data leaks. These programs should highlight best practises around data protection and safety.

5. Create strong passwords

This one is a simple. Many employees create passwords that are easy to hack; from birthdays, pet names and grandma’s maiden name.

This needs to change. Passwords should always contain a string of numbers and letters in both upper and lowercase. They should also be changed regularly.

To encourage the use of strong passwords an organisation should install a password management tool such as LastPass. A password manager will automate a strong password system and help staff remember the complex passwords stored across sites. Some will even generate strong passwords for users.

CeBIT Australia CIO Summary Report