Data is the new buzz word. Big data, data mining, data protection, it’s being discussed, warned about and exploited all over the internet. If managing your company’s data falls to you, here’s what you need to consider.
Your company will hold various types of data, and it may be that different security considerations attach to them.
As a starting point, identify:
- which elements of your business data are the most critical to your day-to-day operations (eg user account details, web files, customer data, accounts and banking information, stock details) and review how that information is stored, protected, backed up and retrieved.
- which elements have data protection considerations
- which data is most valuable to you – this could be for R&D, marketing, reporting etc. Any data of value should not be tied to an individual user device. Turn data into a central resource and manage the core and the users’ interaction with it.
- how you would go about data recovery (this is as distinct from restoring from a back-up – usually it refers to retrieving unique data from a damaged machine)
- who has access to, and accesses, which elements of your data and through which programs, apps and devices. Is access reviewed, automatically tracked, and revoked for leaving staff? All of the services you use should have uniquely identified users, not group
passwords or device or shared access controls.
- your data lifecycle
- where all your data resides, ie which elements of your data are held by you on PCs, mobile devices and external storage systems such as USB sticks and DVDs, which are on your private hosted services (such as we supply), which are held by proprietary external services you rely on, which are in the hands of public third party companies such as Dropbox, and whether security is sufficient and appropriately applied in each setting
- how you can be sure your data is not already bad quality or being compromised without your knowledge
Determining how much time, effort and negative effect on the business any data loss or damage could have will help inform what level of budget should be associated to protecting it. Most businesses that suffer a loss of core operational data do not survive or thrive after
the event. It’s commonly quoted that 80% fail within 12 months of catastrophic data loss.
This is the $64,000 issue at the moment. Data is all very well, but if you can’t make use of it for your business processes then it’s not much use. Analysis tools abound, from application-specific proprietary services such as Google Analytics to open source standards such as Hadoop. Whatever the size and activities of your organisation, there will be an analytics program to suit you.
One suggested basis is to look at the cost of recreating or originating the data. It’s easy to
underestimate how many man-hours this sort of process would take, so once you have a
figure in mind consider doubling it. Think about the data in use every day and imagine how the business would operate if that disappeared or could not be relied upon. How much time would it take to validate data and check back to other sources and re-key information?