sb-as logo
Story image

Organisations lack holistic approach to data protection

01 Nov 2018

Article by Commvault Australia and New Zealand area vice president Robert Malkin

Until recently, many organisations have been collecting data for the sake of it—without a clear understanding of exactly what data they collect and why, the role that data serves and where it lives.

With new privacy legislation in place, including the General Data Protection Regulation and Notifiable Data Breaches scheme, and increasing talk about big data and analytics, organisations are now scrambling to understand their data, how to protect it and when to leverage it effectively.

Data is more than an asset; it is a catalyst to many initiatives.

Accordingly, it is time organisations rethink their data strategies, recognising that data is core to the success of new initiatives—and it must be protected.

By now, all organisations should have an integrated approach to cybersecurity that is tailored to the business and addresses technology, people and processes to keep the organisation safe.

Data protection needs to be at the very top of the cybersecurity agenda.

The cybersecurity industry has done a good job at raising awareness of the importance of securing an organisation from outside threats.

Organisations are also cognisant that they need to be prepared for data loss scenarios for when they experience it and are increasingly developing recovery plans.

While both of these are important conversations to have, prevention and recovery do not equate to protection.

What is absent for many organisations is a holistic approach to data protection.

It is paramount for organisations to have a clear understanding of what data protection is and close the gaps in their protection strategies.

Yes, data protection means ensuring data is safe and secure, but it also entails making certain that same data is always available and always online. 

Organisations struggle with three key areas when it comes to data protection.  

  1. Cybercrime is going nuclear. Threats are becoming more complex, more organised and more effective. According to the Notifiable Data Breaches Quarterly Statistics Report, between 1 April and 30 June 2018, Australian organisations reported 242 data breaches. 59% of these were a result of a malicious or criminal attack.  
  2. Data is rarely found in one place. Businesses have multiple places to store data, as do individuals, making it a challenge to protect. With many organisations seeking to modernise their infrastructure and leverage the cloud, this is only going to get worse.  
  3. Data volumes are growing, exponentially. The amount of data produced is doubling every two years; a 50-fold growth from 2010 to 2020. And 70% of data is secondary data, but most businesses are only investing in protecting primary, or live, data. With such a tremendous amount of data, organisations are struggling with understanding exactly what data they have and where it lives.

Fortunately, there are practical steps organisations can take to overcome these challenges.

First and foremost, if data protection is not part of an organisation’s cybersecurity strategy, it should be.

Data protection is as related to cyber as it is a storage play.

In addition, data risk and loss can come from various sources: internal, external, malware, system failure, human error, fire or flood.

Organisations need to have a management and recovery plan for each of these scenarios.

In saying that, it’s impossible to protect what organisations can’t see. Data no longer lives within an organisation—it might also exist within the cloud, applications and other third parties.

Unfortunately, many organisations assume these third-party vendors are responsible for their data.

Some, mistakenly, believe migrating data to the cloud will provide advanced security.

This is simply not the case.

Organisations are responsible for their data and information, irrespective of where it lives.

Despite this, two-thirds of businesses have access to less than half of their data when making key decisions.

These organisations are missing out on the opportunity to put data to work for their business.

This demonstrates the importance of knowing where data is stored in order to drive value across the business. 

The final, critical piece of the data protection puzzle is ensuring your organisation has access to its data, all the time.

Businesses today are extremely susceptible to data loss and breaches.

Considering the critical role data plays in all businesses, protecting it should be at the top of cyber agenda.

Story image
BYOD security in remote work era still riddled with issues
Bitglass’ 2020 BYOD Report suggests that BYOD and personal device security in organisations still leave much to be desired, even as more organisations adopt flexible BYOD arrangements.More
Story image
Former Salesforce, Microsoft security exec to lead Zoom security team
Zoom has announced the appointment of former Microsoft and Salesforce executive Jason Lee as its new chief information security officer. More
Story image
Businesses move to cloud-based security solutions in a bid to support remote working
Cloud-based security tools are becoming increasingly popular following the rise in remote working during COVID-19, including a marked increase in businesses using such tools to protect of corporate financial information.More
Story image
The 5 most common multi-factor authentication (MFA) methods
While MFA is ubiquitous, it’s far from perfect – whether you’re the business or the end-user. Here are the 5 most common MFA methods, and where each of them falls short. More
Story image
Cyber attacks keeping business leaders up at night, new research finds
Data breaches and insider threats are keeping organisations up at night, according to new research from KnowBe4, the security awareness training and simulated phishing platform.More
Link image
Enterprises require a new approach to data-driven transformation
Organisations need a new approach. An enterprise data cloud unlocks the power of your data to serve customers better, operate with greater efficiency, and strengthen security to protect your businessMore