Blog

Posts Tagged ‘secure data storage’

Admins Spending More on Data Protection in 2011

Wednesday, January 12th, 2011

The economy is far from fully recovered, but at least there are some positive signs that it is still heading in the right direction. A recent CommVault survey of IT storage spending plans for 2011 indicates that many budgets are increasing, and that spending specifically on data protection tools and technologies could be as much as double the norm for some companies.

An eWeek.com post regarding the survey reports, “In this survey, nearly 80 percent of storage administrators reported that their IT spending budgets would either be increased slightly or maintained at 2010 levels. About 80 percent of those polled reported that they will allocate as much as 20 percent of their budgets on data-protection hardware, software, services/support and media.”

The news is partially an indicator of renewed confidence in the economy, but it also demonstrates that data protection is a high priority. Many aspects of information security–fighting malware, blocking spam, etc.–have reached a level of equilibrium with the threats they protect against, and have become part of the mundane routine, enabling admins to focus more effort on protecting confidential and sensitive data from being leaked–whether intentionally or inadvertently.

Those 80 percent that plan to allocate significant budget to data protection tools should spend some time exploring what Zecurion has to offer with the Zserver Suite, Zlock, and Zgate.

Tags: , , ,
Posted in Data Storage Security | 2 Comments »

A Safe Isn’t Safe When it Comes to Protecting Data

Tuesday, January 19th, 2010

It sounds like a good idea to provide some extra security for your backup data by storing the media in a locked safe. It is certainly better than storing the media in an unlocked drawer or on a shelf somewhere. But, if a thief simply takes the whole safe, as happened to Goodwill of Greater Grand Rapids in Michigan, the data is not really protected any more.

While it seems fair to assume that the thief expected to find money inside, the safe actually contained names, addresses, dates of birth, and Social Security numbers from thousands of Goodwill workers. Since the thief took the whole safe, it also seems fair to assume he or she had a plan for how to open it and extract its contents.

After that, it gets a little more difficult to speculate. According to Jill Wallace, VP of Community Relations for Goodwill, the official stance seems to be based on an assumption that the thief is simply too dumb to know what a backup tape is or how to find out what is stored on it. “Basically it would be impossible for an individual to even know what to do with that data or even how to open it up.”

I’ve worked with backup tapes. While they may not be your standard audio cassette tape, it is obvious that it is a tape. Contrary to Wallace’s sentiment that the data must be safe because the thief would be too clueless to use it, I think its reasonable to believe that the thief *would* know that its a data tape, and–especially after the disappointment of realizing there is no money in the safe–the thief would do everything possible to determine what *is* on the tapes and try to make lemonade from lemons by capitalizing on the data they contain.

According to the article from the Grand Rapids News Channel 3 Web site, “Goodwill of Greater Grand Rapids thought that personal data would be more secure if those tapes were not in a corporate office, but inside one of its stores. The organization has decided not to do that anymore.”

I think Goodwill missed the point and learned the wrong lesson. The location of the safe is not the problem–thieves are just as likely to break into the Goodwill corporate office and take the safe. The issue is that the data stored on the backup tapes–or any other media you might store your backup data on–should be encrypted so that the data is protected even if the storage container is breached.

Tags: , , , ,
Posted in Security Breaches & Data Loss Incidents | 2 Comments »