Consulting with a Conscience™

A cruciallogics blog

Written by Nim Nadarajah
on June 12, 2018

Protecting your data and understanding how you recover from a data loss event is key for any IT department. Even the best security practices can’t anticipate every possibility. Here are four it’s hard to protect your data against.

Hard Drive Error 

HDDs are sophisticated mechanical pieces of hardware. They’re jammed full of moving parts, and while they’re reliable day-to-day, on the long term, there’s a chance of failure you can’t ignore. Even SSDs have a limit on how much they can write, so if you perform heavy writing operations on a daily basis, you should be ready for this event.

Accidental loss by human error or physical damage

All kinds of things can happen when data’s exposed to a user. They might accidentally spill liquid on or otherwise damage a computer, or they could accidentally delete something important. Personal computer use may lead a user to consider the recycle bin a safety net, but they might also accidentally empty it, or delete the data in one of many situations where the recycle bin doesn’t apply.

Data loss by Cyberattack

Whether it’s an active, targeted attack where someone assaults and breaks into your system, or a passive instance of an accidental malware infection, cyberattack is responsible for a huge amount of data loss. These attacks could do everything from stealing and deleting your data, to encrypting it and holding it to ransom.

Physical Theft 

The thief who swipes your laptop from the coffee shop as you go to the counter to pay probably isn’t interested in your data so much as they want the value of the hardware. But your data’s gone nonetheless, and you can't take the chance they won't scrape your passwords. Losing a computer to theft, targeted or opportunistic, means everything on that local hard drive is gone and all passwords must be changed.

How to Protect Your Data From These Threats

Many data protection tactics have broad applicability. Whether you’re taking a step to prevent the loss occurring or easing the pain if it does, you do have to make and execute your plan now.

Top Prevention Tips

Take care of your hardware

Encourage users to treat their workstations like they’re their own and report unusual clicking, overheating, and other concerns. If they work remotely, they have to handle their laptop like they would any kind of sensitive information. If it is stolen, they should change all their passwords as quickly as possible, as none of them can be considered safe.

If some data is particularly sensitive, also consider hard drive encryption as an additional security measure. This will help protect your data even if you do lose it, giving the attacker another, tough layer of security to break.

Send Regular Security Reminders 

Users can fall into bad habits. Remind them that password safety is paramount and keep them abreast of common cyberattack methods that try to trick them. You may want to run some tests to see how they respond to suspicious emails.

Use Surge Protectors and Backup Power Supplies

Power surges and unexpected outages can interfere with the integrity of the hardware. You can take strong steps to preventing these problems by putting contingencies in place and educating users on what to do.

Prepare to Protect your Data through a Data Loss Event 

Recovering from data loss generally comes down to one core thing: having the backup. There are different levels of sophistication available all the way up to completely restoring the old environment effortlessly in a new one, but to recover from a data loss, you need the data.

If you’re using cloud services, you will want to understand what your service provider does to ensure seamless service in the event that there’s an issue on their end. When it comes to your local data, you’ll need to evaluate what gets backed up, how often, and in what formats, based upon your own risk factors.

Do you set up automated cloud backups for all your workstations, or just the laptops? Do you keep physical backups at the same location?

Besides ensuring you have those backups running and protecting your data, you should have a clear process outlined for what to do in the case of a crisis. Having that done in advance, even going through some drills, will allow you to act calmly and confidently when the worst happens. Make sure you account for several different scenarios. Restoring to a new laptop after a theft will require different action compared to dealing with ransomware holding a hard drive hostage.

Need a little help planning your data protection plan? Our site is full of resources to help you learn more.

If you’d like to find out how we help companies prevent and recover from disaster, you may also want to check out our page just for CSOs.

You may also like: