Tuesday, June 2, 2009

10 Imperatives to Prevent Data Loss

How do you keep your valuable data, documents, spreadsheets, customers list, from walking out the door? If you are like a lot of small business security is vital to your business. So what approach do you take? There are probably a lot of different technologies you have look at. Different methods, maybe you tried to lock down documents, used different physical devices, or memory cards there are a lot of different ways. What's the best way? Well maybe all of them. A multilayer approach is probably the best way to go.

Thanks to the folks at Varonis I found a white paper on some really good tips in regards to what they call the 10 Imperative tips on how to prevent data loss. I wanted to share these tips with you today because there are some very good points. Varonis operates under the assumption that 80% or 90% of companies unstructured data live on your file server, so they tend to focus on data governance. Things like network file shares on your file server tend to be over subscribing about 70% to 80%. This is based on user roles, what groups they belong to, organization are dynamic. People's roles change as their need to access information changes. Yet we don't change their permissions to those shares. You may be at risk of your data walking out the door, via email, print out or USB drive. So with that in mind here are the 10 imperative tips on how to prevent data loss.

Visibility - a clear visual representation of the access settings on you network including users group, memberships, folders, sub folders, NTFS permissions including filters views etc.

Control - What every solutions you use must include mechanisms to define, test, enact and even reverse file and folder permissions on your network

Auditing - All aspects of your date use should be audited, including file touches, for given active director users, things such as access by type of file or activity such as open, delete, rename. Activity by folder, access to sensitive folders, All inactive users, All inactive data sets, All administrative changes including security configuration, changes by administrators. So auditing is very important for whatever solution you decide to use.

Security - A system for unstructured data governance needs to provide an automated means for the revocation of data permissions. Specifically the system should identify by name all users whose access to a given data set should be revoked. Re-compute revocations as changes to Active Directory and file servers occur. Provide the means to test the recommended revocations prior to enacting on the servers and provide revocations with accuracy greater than 3 nines which is 99.9%.

Performance - Any proposed solution for unstructured data management should not impede the performance of file servers, user access experience or business work flow. Specifically, the system should not require Windows auditing in order to deliver its core functionality.

Scale - Because most organizations add additional file servers over time, rather virtual or physical file server is a file server, this data can grow rather quickly. So the solution needs to scale up as well to accommodate unstructured data maybe doubling in volume every 12 months.

Ease of Installation - A practical solution has to be easy to implement, shouldn't tie up you IIT staff, shouldn't take any more then 4 or 5 business days fully implement. .Shouldn't require a dedicated person or the vendor come on site. Should be something you can do yourself, without paying for professional coming to your business.

Ease of Use - Great it is easy to install, but is it easy to use? A solution should not require a specialized staff member in order to use it. It really should be easy to understand and easy to use.

Ease of Integration - Data protection solutions do need to support a wide range of servers and storage devices including Windows Server 2003, 2008 and including network attached storage devices or NAS from leading NAS vendors.

Low Total Cost of Ownership - A solution for data protection has to demonstrate quantifiable benefits in time and resource savings. Be sure to look for automation in the following areas, which are often the most manually intensive: Data permission revocations, Data audit report generation, Data entitlement review, Stale data identification, Data business owner identification and Data migration.

There you have the 10 Imperatives for data governance. Things to consider when looking for a solution or a series of solutions, while securing your data on your network. Making sure your valuable information does not walk out the door, keeping your customers safe your business safe and staying our legal hot water.

FrugalBrothers.com
Phone: (260)724-2748
Cell: (260)414-5317
E-mail: bruce.naylor@frugalbrothers.com
http://www.frugalbrothers.com
Video Link - http://www.frugalbrothers.com/frugaltech-blog/47-the-frugaltech-blog/222-10-imperatives-to-prevent-data-loss-

Bruce Naylor has been a CRM and IT specialist since 1985. Bruce and his wife Cindee founded Sales Automation Group in 1997 as a GoldMine VAR. They quickly grew the business to platinum level status. Bruce sold the company in 2001. In 2006 Again, Bruce and Cindee opened a new IT firm called FrugalBrothers.com. The company currently works to provide Microsoft small business solutions, as well as GFI network, and fax based products.

No comments:

Post a Comment