Companies need to look ahead to make sure that the data
they are storing today can be accessed tomorrow, and that it
remains secure over the long term, says Cliff Saran
Data storage is something that needs to be considered not just
for the short term. As a result of regulatory compliance IT
directors are being asked to store data for the long term. But for
how long and will the data survive?
As Danny Bradbury discovers in his article, degradation of
storage media is something we must all take into account. End-users
used to complain when they could not read documents from a
five-year-old floppy disc they had in their desk draw, but everyone
knows floppy discs lose data over time.
However, CD-Rom and tape back-ups are also prone to data
degradation. Even if the tape has been stored in a carefully
controlled environment, how many users really consider whether the
tape format they use for back-up will still exist 100 years from
now?
Tony Dearsely, a consultant at computer forensics specialist
Vogon, has a collection of tape drives dating back 25 years, just
in case he comes across a format he cannot read.
Access to legacy data goes beyond the problems associated with
reading tapes on obsolete hardware. Users may find that they have
no application capable of making sense of the data format that the
information has been stored in.
Although IT directors need to consider such things in order to
ensure data can be accessed well into the future, their most
immediate concern is data security.
As Antony Adshead writes in his article, few cock-ups grab the
headlines today like the case of a blue chip company or government
department losing customer data.
Data is intrinsically valuable, and if it falls into the wrong
hands, this can ruin an organisation’s reputation and damage its
competitive edge. Moreover, companies risk infringing industry
regulations or breaking the law if they cannot demonstrate they
have put in place adequate measures to protect the privacy of
customer data. There is therefore a lot of emphasis on data
security.
IT directors need to assess the security of their storage area
networks. But security is only as good as the weakest link. And
here, the weakest link is often the back-up. How many people
encrypt their back-up tapes? If an unencrypted tape falls into the
wrong hands, it is only a matter of time before a determined hacker
can figure out which data format the information has been stored
in.
There have been several reported cases of back-up tapes going
missing – banks have lost tapes containing customer details and
credit card numbers. Encryption would render the backup tape
useless if it fell into the wrong hands.
It is important to bear in mind that although we can throw
technology at solving the data security problem, more often that
not, better security can be achieved with little more than good,
old-fashioned common sense.
For instance, it may not be a high-tech approach, but users can
secure customer bank details by storing name and address details in
a place separate to where they store credit card or social security
numbers, according to Guy Bunker, chief scientist at Symantec.
Read:
Private life of data
Read:
Is your company data well preserved?