Data storage
Data storage is one of the fast growing sectors in the world since it accompanies informational innovations. Handling of data in soft copies is rising in the organizational world because organizations are still undergoing transition from handling of documents in hard copies to the recent information handling methods that allow faster sharing and exchange of data that even do not wait for physical contact between the involved individuals. Data in an organization may be very sensitive. Consider such information as the Intellectual Property information, financial information, personal credit card data in banks and patient information at the hospital. Although many providers of emailing services today make sure emails are scanned, for example, there is need to prevent other avenues of data loss and insecurity such as IM-Instant Messages, HTTP, FTTP Communications and Webmail, as well as content filtering. Some organizations have realized the need to store information in a system of computer network that allows data storage. Unfortunately, much as data has become easier to handle, manipulate and store, so has it become easier to lose. Reportedly, organizations have a keen interest in preventing data loss from the outside and neglect data loss from within since it may contribute to loss of personal information and confidential information being sent to a competitor. Loss of data may be expensive as a result of the existing regulation. For example, where a company has detected loss of personal data, the law in the U.S. in about 35 states, the individuals should be informed by the company on breaching their personal identifiable information. An example is the Apple Computer case where an employee unleashed on the website images of the products before release of them and caused a drop in the share value. Trade secret theft could contribute annual loss of $250 billion for the U.S. businesses according to United States Trade Representatives (USTR) (Hunter, 2007; 7). It may now be clear that there is a need for organizations to prevent internal data loss in addition to preventing external hacking and protection from outsiders.
Data loss
The most causes of loss of data today is; computer hardware damages and failure, failure of the operating systems and logical errors. The first represent about 44% of data losses (Walsh, 2008) according to recent studies. Mechanical failures due to relocations, mechanical shocks that may cause hard disk motor failure and failure of stylus reader and writer’s head or crush, electrical failures as a result of power outages and failures that may cause damage of the controller board in the hard disk causing its inaccessibility to the BIOS, overheating due to malfunctioning of fans, completely full hard disk, writing to a bad area of the disk, hardware incompatibility, represent some of the explanations of the loss of data in a computer. With increase in the emphasis on the usage of computer networks and computers in general to store information, a company may store much information in a limited space leading to a failure in the operation of the hardware. Logical errors resulting from the conflict between the software and the hardware may result to loss of data. Corrupted files and failure of software programs may also account for some losses of data. When the files of the operating system are deleted, or incase a computer is invaded by virus, such results of data loss may be experienced. In other cases, data may be lost if the company allows unqualified individuals to repair, maintain the storage systems resulting to mishandling and mechanical spoiling of the storage devices.
In addition, data loss can result from internal activities of the firm as a result of employees carrying away information, leaking information to potential or existing competitors, irresponsibly handling of data files and computers, hacking, and deletion. In fact, internal fraud contributed to 28 % of the 49% of the surveyed companies which (the said 49%) experienced an internal security breach in 2005 according to a Global Security Survey by Deloitte in 2006 and in this survey data loss accounted for 18%.
Protection of data losses
- Companies should make sure that all data stored in the computer networks, laptops, disks or drives have backups for example by uploading files in MyTrees.com (Carman, 2006).
- Care should be taken while moving the computers, handling the hard disks and other components while connected together to avoid mechanical shocks, avoid mishandling and dropping of the hard disk and whole laptops or computer in general.
- Use of security software to eliminate and avoid attack by viruses, use of proper software, and proper handling and running of software. A danger may result if the person handling the software has inadequate/little or no knowledge concerning the software and the computer hardware.
- Avoid damages due to power surges, outages and interruption by use of Uninterrupted Power Supply.
- Usage of a DLP-Data Loss Prevention system that blocks or gives alert incase of internal communications that contribute to loss of data, since internal fraud and other violations is a potential hole to loss of data. Use of P2P files sharing programs that prohibit distribution of play music and videos. Companies should prioritize focus on DLP through monitoring of data in motion, data at rest and data at endpoint (the last is that data in disks and storage media) in order to avoid damage of personal data through insecure internet systems that allow viruses and suspect programs (Hunter, 2007; 12). This applies to cases where the computer or system of them are connected (continuously or not) to the internet or other network like the local network.
- The company should adopt very strict measures to curb internal losses of data through employees through ignorance, irresponsibility or neglect of duty. Ensuring that a proper breed of DLP solution is in place to scrutinize electronic data in motion and compliance to regulations such as HIPAA-Health Insurance Portability and Accountability Act and PCI-Payment Card Industry to take care of the private data. An example of a DLP is Ironport systems that prevent loss of data in motion by delivering unparallel data in motion through anti-virus, anti-spyware and anti-spam tools. This is incase the computers are networked at any given time.
- The company should make sure that qualified individuals are allowed to continually and regularly maintain their computer storage devices and systems.
- The company should invest in retraining and training staff as necessary concerning handling of data, necessity of careful data maintenance, reading dangers and symptoms of data loss and handling them, reporting cases of data loss, accompanying challenges and benefits.
References
- Carman Cindy. Data Loss Causes and Prevention. 2006.
- Hunter Bradley. Data Loss Prevention: Best Practices. 2007.
- Walsh James. The Most Common Causes of Data Loss 2009.