Data Security & Data Loss

Encryption continues to be the topic on every CIO and IT person’s lips nowadays. No one wants to end up in the news as the next victim of a privacy breach or the next company that didn’t protect its customers’ information. If you conduct a news search using the words “personal data breach,” you’ll be alarmed at the number of instances where personal information such as social security and credit-card numbers have been exposed to possible theft. In a recent breach, a state government site allowed access to hundreds of thousands of records, including names, addresses, social security numbers and documents with signatures.

Whether it’s government agencies, research facilities, banking institutions, credit card processing companies, hospitals–or your company’s computers – the risk of compromising private information is very high.  At the recent “CEO-CIO Symposium,” speaker Erik Phelps from the law firm Michael Best & Friedrich described the relationship business has with technology. In his presentation, he stated that since “business relies so heavily on technology today, business risk becomes technology dependent.” The possibility of litigation is part of business. It has always been a risk of doing business, but because technology and today’s business are so intertwined, business risk has a higher threat level. This has prompted many to encrypt workstations and mobile computers in order to protect critical business data.

If you have rolled out encryption, how do you maintain your IT service quality when the hard disk drive fails? How do you plan and prepare for a data loss when the user’s computer is encrypted?  These are all issues that should be considered when putting together a data disaster plan. In addition, data recovery, one of the more common missing elements of a disaster recovery plan, should also be factored in because it can serve as the “Hail Mary” attempt when all other options have been exhausted