It is increasingly difficult to navigate the ever-changing security landscape. When this is coupled with the increased dependency on technology and access to electronic data, the potential for significant business interruption and even failure can seem daunting. Palitto Consulting Services provides the experience and expertise required to navigate through the challenges and craft solutions to utilize technology while managing the risks.
One key aspect of a security plan is considering the protection of and access to electronic data. PCS has compiled the following list of items to consider with regard to electronic data protection:
- Most experts agree that a properly implemented and regularly tested backup and business continuity plan is the single most important aspect of a data protection strategy. This typically includes: documenting processes for checking backup logs, testing failover systems, determining what an acceptable recovery time is for critical processes and verifying those processes do in fact have a documented recovery methodology established.
- Cyber-crime, defined as crime committed over the internet or computer network, has increased significantly over the past few years. Cryptolocker, the much-publicized data-encrypting malware which prevents users from accessing network data, is one noted example of a threat causing significant loss of productivity to businesses.
- Software which is not regularly patched or updated has been described as, “leaving your doors unlocked and windows open 24 hours a day.” Adobe software, Java and Windows-based desktop operating systems are common examples of software that are particularly vulnerable to compromise if not updated and patched regularly.
- The traditional method of protecting computers against malware activity, desktop antivirus software, is considered just one layer of a multi-tiered security approach. Most experts now recommend implementing additional solutions to protect networks from being compromised.
- Depending on the industry or type of data stored on their computers, many businesses are subject to security standards imposed by regulatory bodies. Some examples include: HIPAA, PCI and SAS 70. Many standards are set to help companies ensure they take proper measures to protect their data from compromise or loss and impose severe penalties for non-compliance.
- Many businesses are facing the reality of having to replace server hardware soon and decide whether to make another significant capital investment in new equipment or migrate their data to the cloud. As this decision relates to data protection, the factors to consider are bordering innumerable. The question companies are asking is, “Which solution is right for us?”
The system and data security experts at PCS routinely help small and medium-sized businesses consider these and many other aspects of system security and implement strategies to safely make intelligent use of technology.