Every time business is disrupted, it creates serious risks and depletes the organization’s financial resources, which is why having data loss prevention solutions and a business continuity plan is essential. As businesses grow more and more reliant on technology, it’s critical to futureproof your IT department and its many components such as servers, networks, devices and enterprise software.As businesses grow more reliant on technology, it’s critical to futureproof your IT department, its servers, networks, devices and enterprise software. Click To Tweet
One of the first priorities when outlining your business continuity strategy is to detect potential causes of data loss and learn how to prevent them. So here are some examples of the impact of data loss on business as well as 5 actionable data loss prevention best practices that every organization should implement.
An overflowing inbox is a common cause of complaints and frustration in offices around the world. But there’s one thing that’s worse than that – an unavailable or empty inbox.
Imagine losing access to your entire email history and attachments detailing an important project that the whole company is currently focused on. Without an established business continuity and data loss protection plan, you’d waste money, manpower and time attempting to get everything back. Moreover, permanently losing access to corporate electronic records also means potential fines and sanctions for non-compliance.Permanently losing access to corporate electronic records also means potential fines and sanctions for non-compliance. Click To Tweet
It Won’t Happen to You…Until It Does
If you’re like the majority of companies, your organization could be guilty of “it won’t happen to me” mentality. A few years ago, Forrester Research and the Disaster Recovery Journal published a report on corporate IT resiliency and preparedness that yielded interesting results. Only one in five organizations was prepared for a data disaster, although 30% of respondents had major data loss issues in the previous five years.
On a more positive note, more than 50% used replication technology for mission critical systems and relied on the cloud for data loss protection. But the general conclusion remains – many organizations don’t take their data protection and backup as seriously as they should, even though losing business-critical data surely ranks as the worst nightmare for your IT team. Here are the top 5 reasons and ways to prevent data loss.
1. Hardware Failure and System Malfunction
There are many ways in which both consumer and enterprise-grade hardware can fail and it is hardware failure that accounts for more than 40% of data loss cases. Some of the most common causes of hardware failure include impact damage, electrical spikes, electrostatic discharge, dust, overheating, hard disk degradation and head crash.Hardware failure accounts for more than 40% of data loss cases. #ITSecurity #EmailArchiving #HardwareRedundancy Click To Tweet
In enterprise computing and information archiving, the best way to prevent hardware failure is to:
- invest into enterprise-grade hardware
- ensure hardware and network redundancy and
- pay attention to end-of-life for each piece of hardware your system contains.
As opposed to consumer hardware, server grade hardware offers additional reliability and is built to endure uninterrupted use and the heavy workload of enterprises.
In email archiving, losing data defies the whole purpose of retaining it, which is why companies that archive enterprise data on-premise need to ensure their archiving solutions are equipped with powerful components such as server-grade chipsets, ECC RAM and SAS hard drives.
Chipsets play a crucial role in determining system performance and, in enterprise computing, they need to support multiple processors with more cache memory.
ECC RAM is important because it’s immune to silent data corruption that can occur due to radiation, aging or wear of the storage device. For this reason, using ECC RAM is essential for data-sensitive tasks like archiving or data retrieval.
SAS hard drives are used where high speed and availability are crucial, as they are faster and more reliable than SATA drives (rotating speed 10-15K vs. 7.2K; MTBF 1.2M hours vs. 700K, respectively).
In computing and email archiving, redundancy refers to the practice of duplicating critical components (hardware or network) in order to provide backup in case of component failure and increase reliability and dependability.
A good example of hardware redundancy is RAID, the combination of multiple physical disk drive components in which data is distributed across the drives so that, in case of failure of one or more storage units, you can still retrieve your data from the remaining drives.
A redundant power supply contains two or more power units, so if one of them fails, the other can seamlessly take over and keep your servers or an archiving appliance going. A redundant PSU is a vital feature in enterprise computing because it minimizes the chance of appliance shutdown, failure or data loss.
All Jatheon’s email archiving appliances contain enterprise-grade hardware, redundancy features and ZFS, all of which provide additional protection from data corruption. Moreover, to keep the Jatheon customers firmly ahead of the technology curve, we provide a free-of-charge appliance replacement every four years.
2. The Human Factor
The human factor continues to play a prominent role in corporate data loss. Be it recklessness, inadvertent sharing of sensitive data, theft or corporate espionage, you can never be too careful with the data that’s at the core of your business. For IT personnel, especially CIOs and CTOs, there’s no worse horror story than finding out that a company laptop got stolen or lost, or having staff members accessing and sharing business-critical data on BYOD phones.
The extent of data loss due to computer theft is often difficult to measure, as only about 10% of such crimes ever get reported. A few years ago, several computers were stolen when the Radiation Control Bureau’s New Mexico facility was broken into. Without adequate data backup and data archives, the state agency would’ve had serious trouble getting back up and running.
The first step towards minimizing and prevention of data loss caused by employee negligence or misconduct is to create appropriate policies and guidelines and preach them among your staff.
With Jatheon, all email, social media and mobile exchanges are archived secure, latest-generation solutions. The software contains customizable user access, policies and message integrity verification features that prevent deletion, data tampering and evidence spoliation and allow admins to control who has access to the most critical and sensitive data.
According to Cybercrime Magazine, a business is attacked by a cybercriminal every 11 seconds and the costs of these attacks are expected to hit $20 billion by 2021”. In their article “The State of Ransomware un 2020”, Blackfog lists over 50 major ransomware attacks from January to May 2020, affecting numerous counties, hospitals and K-12 schools.@CybersecuritySF stats: A business is attacked by a cybercriminal every 11 seconds and the costs of these attacks are expected to hit $20 billion by 2021. Click To Tweet
The year didn’t start well for Michigan-based Richmond Community Schools. They had to put off reopening after the Christmas break because hackers demanded that the district pay $10,000 in bitcoin in order to regain access to its server.
In April, Parkview Medical Center in Colorado was hit by a ransomware attack that completely shut down their IT network amid the Covid-19 pandemic.
Finally, the City of Torrance in the LA area was attacked by the DoppelPaymer Ransomware, having their data stolen and devices encrypted. The hackers demanded that 100 bitcoin ($680,000) be paid in order for them to take down the files that have been leaked.
Such attacks are serious because hackers can delete the files unless the victim pays, which means that critical corporate information might be gone for good. Given that multiple laws and regulations mandate its retention and that ESI can be used as evidence, it’s clear how inaccessible data can suddenly cost your company thousands, even millions of dollars.
As cybersecurity remains a growing priority for organizations in all industries, prevention measures and IT security best practices stay the same:
- make sure you have up-to-date software patches
- change your passwords regularly
- monitor your systems and
- prevent physical access to devices.
And finally, don’t forget that data backup and archiving are vital parts of the IT protocol for both large enterprises and SMBs.
4. Natural Disasters
Although natural disasters account for less than 5% of all data loss horror stories, when they hit – they hit hard. With 24 major hurricanes since 2017, it’s no wonder that water damage is the dreaded word in offices across the south and east coast of the US. Together with fires and earthquakes, floods are the factor that can neither be predicted nor prevented.
What you can do is follow the standard best practice of backing up your critical data frequently and make sure you have all important data backed up on more than a single location.
5. Power Outages
They don’t happen often, but they can leave you without data. Both power cuts and sudden changes in voltage may easily damage hardware (hard drives are especially vulnerable).
In case it happens to your organization, your next steps will depend on what you’ve done to prepare. In case you had no backup and redundancy systems in place, you’ll probably have to contact data recovery professionals to get your data back.
Luckily, organizations typically use an uninterrupted power supply (UPS) as a safeguard from unexpected power disruptions. Having a redundant power supply, RAID and backing up your data regularly at various locations can greatly contribute to the safety of your data and safeguard your organization.
Data Archiving as the Key Piece of the Puzzle
Email archiving solutions are not just data loss prevention tools. They provide automated capture and interactive and secure long-term storage of electronic business communications such as email, social media, text messages or WhatsApp chats. They can also assist greatly with disaster recovery.
Think of it this way: how many different systems are storing email in your organization right now? It could be 5 different places: the main server, the backup server, the email archive itself, an archive backup, local user archives or server backups of those. There could be as many as 5 to 7 copies of each message, which makes it tough to follow the main data retention policy.
Even though organizations adopt compliant email practices to deal with litigation and FOIA requests more effectively, there’s not only demand for archiving, but also for complete disaster recovery. However, there is still a wide gap between email archiving and disaster recovery in many organizations, and this could throw a wrench in the works when an ediscovery request comes in.
It is essential to unify archiving and disaster recovery efforts – the email archive should contain every email so that it can be compliant with retention regulations and be able to return complete results in ediscovery. In addition, email messages have to be deleted from every storage medium when the data retention policy dictates so. The problem is that companies can inadvertently make some serious mistakes because of the gap between their archiving systems and disaster recovery processes. Those same mistakes can ruin a good ediscovery strategy since costly searches have to be carried out for messages stored outside the archive.
Here are some of the problems that can come up:
- Messages are sometimes deleted from a storage medium on time, but are allowed to stay in the primary email inbox beyond the retention period.
- The email messages stored in local archive files (such as Microsoft PST) are unmanaged and allow access to emails after the retention period expires.
- Backup tapes are often poorly managed and can retain data longer than the retention period states (even indefinitely!).
This causes a myriad of problems for companies when archiving and email disaster recovery cross paths in the wrong way. The best way to approach this problem is to simplify and consolidate the systems by using a proper, compliant email archiving solution while moving away from on-computer email archives.
The archival of corporate email and unstructured data empowers organizations to stay compliant with various regulations and guidelines, improves their litigation response, and provides a safe storage option for business-critical and sensitive data.
Finally, archiving solutions secure information in a long-term repository, allowing the possibility to easily restore data in the event of a disaster or during any planned or unplanned downtime. Many come with their own DR and backup capabilities.
All Jatheon’s data archiving appliances feature enterprise-grade hardware and come with optional disaster recovery and cloud backup plans. Learn more about our on-premise archiving solutions or contact us directly for more information.