Master Data Management

Brandon Faber (South Africa) - How to Avoid Those 'Smack Your Forehead with a Plank' IT Moments

Results from the New Cibecs/IDG Connect 2012 Business Data Loss Survey show that 60% of respondents are not confident that company data is secure.

One of the key reasons for this uncertainty is the Catch 22 that many companies find themselves in.

Meet John

John is your average enterprise user with too few hours in the day, too much to do and too little regard for his company’s data backup policy.

Reasons for this insubordination?

John has no time, forgets to backup, or he doesn’t know what to do . . . and, if truth be told, John doesn’t want to store sensitive information on the company server where it could be open to unauthorised access. (A no-no in terms of Governance, Risk and Compliance – by the way)

IT’s problem? If John and his two thousand colleagues all decide to follow policy one sunny Thursday afternoon and backup their files to the company server, two things are guaranteed to happen:

1.    A lot of the wrong kinds of data will be backed up, placing severe pressure on the company’s bandwidth and storage infrastructure.

2.    The network will fall over like varsity students on New Year’s Eve.

Damned if you do. Damned if you don’t.

The net result?

John and his colleagues’ data remain on their endpoint devices, where any number of normal daily occurrences could lead to critical data being lost, stolen, or compromised.

The fact is that over 40% of companies still rely on a user-data backup policy (instructing users to backup to a file on the server or an external device) to protect business critical data – as shown by the mentioned Cibecs/IDG Connect Business Data Loss Report.

Knowing this fact it is then safe to say that the ultimate whopper, smack your forehead with a plank moment of madness, comes in the form of the following survey statistic: Of the companies that rely on a data backup policy as their core method of securing business critical information, a staggering 94% also rate “users not following company policy” as the main cause of data loss in their organisation.

Well slap me silly and call me Sony

Just to highlight the debilitating effect compromised data can have on a company we need to look no further than the Japanese electronics giant.
Believe this gentle souls: The Ponemon Institute estimates that last year’s data breach at Sony will cost the company an absolute minimum of 5.6 billion dollars – with the majority of cost attributed to “expense outlays for detection, escalation, notification, and after-the-fact response” as well as “economic impact of lost or diminished customer trust and confidence, measured by customer turnover, or churn, rates.”

In fact there is research to suggest that 84% of consumers would no longer deal with a company if they were informed that the company had lost their Personal Information.

Would you? Probably not and it is because we all expect companies to guard our personal information with the utmost of care and attention . . . if they fail, we leave.

Bossed on Legal

Apart from the possibility of customers leaving in droves, a (data) compromised organisation also needs to keep the legal implications of its negligence in mind.
For both public and private institutions the penalties are severe on both a personal and organisational level.

•    In the US, for example, BlueCross Blueshield was recently slapped with a $1.5 million penalty by the federal government for non-compliance with that country’s HIPAA legislation (governing the security of health records). They also spent a further $17 million since on investigation, analysis, notification and improved data protection efforts.

•    In South Africa the first half of 2012 has been littered with reports of gaping holes in state data security, starting with the damning Auditor General’s report in February, the Gidani and State Security laptop theft  incidents (to name but a few). All having far-reaching implications on government agencies’ ability to deliver on their mandate.
The fact is this: Legislation around the world from the US, UK, EMEA and other regions are being aligned to guarantee the protection of critical information and hold company board members responsible for doing so. Notable legislation includes Sarbanes Oxley (SOX) and HIPAA in the USA, the new Directive on Privacy and Electronic Communication in the EU (including the UK) and the incoming Protection of Personal Information Bill (PPI) in South Africa.

So, what to expect in 2012’s Data Loss Survey Report?

The Report focuses on data mobility (and sharing), the increased popularity of Bring your own Device (BYOD) and the importance of Governance, Risk and Compliance, and IT’s role in GRC, as it relates to data security in business today.
You will also find the latest trends and statistics as provided by 200+ (mostly enterprise) companies from around the world.

In the end there’s no denying these simple facts of life:

Data loss is costly.

Data loss can (and will) have severe legal implications for persons and businesses alike.

Data loss can (and will) damage any organisation that is not prepared for the new, mobile, world.

All round this report should aid IT professionals and Business Executives alike to attach a monetary value to the risks that they, and their organisations, are exposed to . . . and, hopefully, usher in a plank-free decade of user data protection.

More About the Report

Cibecs is a South African enterprise-class data backup and recovery solution developer for data on laptops and desktops. The 2012 edition of their annual Business Data Loss Survey is published in conjunction with IDG Connect. The free report highlights the move to mobile devices and the rise in importance of governance, risk and compliance (GRC) to businesses and enterprises the world over. The report draws on a respondent base of over 200 organisations geographical split into 48.7% African, 27.2% North American, 18% EU and 5.6% in Asia. Nearly 40% of survey participants worked for organisations with over 1000 PC users.

By Brandon Faber, Marketing Manager for Cibecs.


« Dan Swinhoe (India)- India's Youth: Connected & Mobile


Bob Scott (Europe) - Smart Leaders Identify Opportunities from Within »


Do you think your smartphone is making you a workaholic?