The simplest data backup & recovery softwareFor laptops and desktops in your business
First exposed by leading data security blog, KrebsonSecurity, this data breach at Atlanta-based Global Payments (a credit and debit card processor) is currently believed to be confined to North-America account holders.
Gidani (licensed operator of the South Africa national lottery) recently came perilously close to losing its R400 million a year contract.
The reason for this near-miss was its failure to secure its business critical data (a requirement of their contract with the National Lotteries Board) – with two independent audits questioning existing measures to protect confidential data.
The much publicized data breach that led to fraudulent activity at Gidani, of course, played a crucial part in highlighting the failings of the technology and processes in place at the operator.
According to Wikipedia “there were 380 major data breaches in the United States in 2011, involving 500 or more patients’ records listed on the website kept by the United States Department of Health and Human Services (HHS) Office for Civil Rights.
So far there have been 18,059,831 “individuals affected,” and even that massive number is an under-count of the breach problem.”
The recent theft of laptops and desktops from the South African State Security Agency’s top offices – including the theft of intelligence Minister, Siyabong Cwele’s, laptop containing extremely sensitive information, has created massive public concern around the agency’s data protection practices.
The burglary happened a few weeks ago in Pretoria, when the Bogare building in Menlyn (which houses top State Security Agency offices) was infiltrated, resulting in the theft of confidential data.
Intelligence spokesperson, Brian Dube, confirmed the break-in, stating that the Security Agency and police were investigating the incident and that the Agency would prefer not to speculate on the motive(s) behind the crime. He refused to disclose further details at the time.
Compliance & Legalities around Data Protection for Businesses
Corporate Governance Compliance and the requirements around Data Protection have become increasingly important to businesses globally due to the consequences of being non-compliant, as well as the often devastating results of data loss, data theft or unauthorized access to confidential files.
Often data protection and effective data management is interpreted as an insurance policy, however, as enterprises become aware of the multiple productivity and cost-savings benefits of employing an effective data protection solution- this perception is shifting.
Data loss in organizations is also becoming an increasingly prevalent problem, with over 50% of companies losing data in 2011.
Data protection and Corporate Governance Acts and Requirements can be long and difficult to digest and complicated to drill down to actionable items, and to see immediate business benefits. However, without securing & protecting your company data and – the personal and organizational consequences can be detrimental.
There are certain requirements & guidelines that all companies must follow:
Failings highlighted include:
In short, the auditor-general (AG) found that practically none of South Africa’s national government departments and public sector entities have sufficient IT systems in place.
The Data Risk Assessment App is an easy solution to planning around multiple data protection challenges facing IT today.” says Cibecs Marketing Manager, Brandon Faber.
“The tool gives businesses insight into what data resides on endpoint devices. in 15 minutes it runs an audit showing how much data resides on laptops & desktops, what types of files users are storing, the average amount of data by file type and the average amount of data each user has on their machine.”
Companies worried about the security of their files need not worry, the App is completely secure and runs in their environment – it doesn’t report on individual users or their data details. “We are vigilant when it comes to protecting business data.” Says Faber, “One of our first considerations was ensuring that the App poses no risk to the security of organizations’ information- as an endpoint data protection company this is something we are very familiar with.”
Once the App has done a quick data audit on a sample group of PCs, businesses can pull their data report which details the following:
Compliance & Legalities around business Data Protection in South Africa
Protecting data correctly and effectively is a paramount business continuity imperative. Not only do organizations with ineffective data protection strategies face the immediate costs and productivity interruption of data loss, they leave themselves vulnerable to data theft, unauthorised access to confidential files and are liable for legal penalties and criminal consequences due to failed corporate governance compliance.
Responsibility for protection of data cannot be left as IT’s problem- stewardship and buy-in is required at an executive level to avoid negligence, prevent reputational damage and to implement a solution that addresses areas of vulnerability.
The reality of data mismanagement is increasingly consequential. Failure to address your organization’s risks with urgency only increases exposure and the probability of suffering financial and legal penalties.
Often however, Acts and Reports are long-winded, making them difficult to digest and complicated to drill down to tangible and actionable items. However, without securing your data and ensuring that your data protection covers all the bases- the personal and organizational consequences can be detrimental.
We’ve broken down the main Acts and Reports pertaining to data protection in enterprise environments and placed them in the table above as an easy reference, there are certain guidelines & requirements that all companies must follow:
Names and Social Security numbers of 1,200 individuals seeking Job and Family Sevice assistance lost
The recent loss of a USB thumb drive which resulted in the 1,200 social security numbers of people seeking assistance from the Montgomery County Department of Job and Family Services going missing has once again brought to light the importance of effective business data protection.
The drive contained the names and social security numbers of people who were serviced at the Transition Center between 2005 and 2010.The incident prompted an internal review of the way the department handles and stores sensitive information, including additional training for employees.
The question remains- why are companies slow on ensuring that their business data is effectively protected? Especially individual’s data that requires protection under Corporate Governance compliance regulations?
The business challenge of protecting user data
One of the key challenges of enterprise end user data protection is how to effectively backup branch user data and ensure that protecting remote office data is securely protected.
Backing up remote office data (branch data backup) can result in increased bandwidth costs and create a challenge for IT. There are significant considerations required to prevent effecting the business’ ability to backup their branches data (the branch user data) without incurring increased costs, wasting IT’s time and unnecessarily exhausting resources.
So what should IT be looking for?
Tuesday, April 17, 2012
PPI Readiness & Business Compliance: 7 Key areas for consideration
Wednesday, March 28, 2012
Best practice for addressing 3 common Data Management challenges
Thursday, February 9, 2012
Best practice for addressing 3 common Data Management challenges
