Companies need to look ahead to make sure that the data they are storing today can be accessed tomorrow, and that it remains secure over the long term, says Cliff Saran
Data storage is something that needs to be considered not just for the short term. As a result of regulatory compliance IT directors are being asked to store data for the long term. But for how long and will the data survive?
As Danny Bradbury discovers in his article, degradation of storage media is something we must all take into account. End-users used to complain when they could not read documents from a five-year-old floppy disc they had in their desk draw, but everyone knows floppy discs lose data over time.
However, CD-Rom and tape back-ups are also prone to data degradation. Even if the tape has been stored in a carefully controlled environment, how many users really consider whether the tape format they use for back-up will still exist 100 years from now?
Tony Dearsely, a consultant at computer forensics specialist Vogon, has a collection of tape drives dating back 25 years, just in case he comes across a format he cannot read.
Access to legacy data goes beyond the problems associated with reading tapes on obsolete hardware. Users may find that they have no application capable of making sense of the data format that the information has been stored in.
Although IT directors need to consider such things in order to ensure data can be accessed well into the future, their most immediate concern is data security.
As Antony Adshead writes in his article, few cock-ups grab the headlines today like the case of a blue chip company or government department losing customer data.
Data is intrinsically valuable, and if it falls into the wrong hands, this can ruin an organisation’s reputation and damage its competitive edge. Moreover, companies risk infringing industry regulations or breaking the law if they cannot demonstrate they have put in place adequate measures to protect the privacy of customer data. There is therefore a lot of emphasis on data security.
IT directors need to assess the security of their storage area networks. But security is only as good as the weakest link. And here, the weakest link is often the back-up. How many people encrypt their back-up tapes? If an unencrypted tape falls into the wrong hands, it is only a matter of time before a determined hacker can figure out which data format the information has been stored in.
There have been several reported cases of back-up tapes going missing – banks have lost tapes containing customer details and credit card numbers. Encryption would render the backup tape useless if it fell into the wrong hands.
It is important to bear in mind that although we can throw technology at solving the data security problem, more often that not, better security can be achieved with little more than good, old-fashioned common sense.
For instance, it may not be a high-tech approach, but users can secure customer bank details by storing name and address details in a place separate to where they store credit card or social security numbers, according to Guy Bunker, chief scientist at Symantec.
Read: Private life of data