Secure Data Recovery Mythbusting

October 9, 2012

According to a 2011 report from IT analyst firm IDC, the world’s information is doubling every two years. In 2011 the world was expected to create a staggering 1.8 zettabytes of data. By 2020 the world is expected to generate 50 times the amount of information and 75 times the number of "information containers" while IT staff to manage it will grow less than 1.5 times.

From a natural disaster ruining your corporate servers to an employee accidently deleting files to a security breach of your customer files, without the right support both from IT and an outside contractor, a data disaster could wreak havoc on your organization and its ever-growing, ever-important data

However, even the most advanced IT and security professionals can be unprepared to handle a major data disaster. Myths about working with a data recovery provider abound, but you don’t need to fear data disasters any longer.

Myth: Every data recovery provider offers the same trustworthy service, so I know my data is always in good hands.

Fact: Many data recovery providers claim to have a strong commitment to trustworthy service and sound security, but do your homework ahead of time to protect yourself and your most valuable assets. Additionally, find an authorized service provider that can handle highly sensitive information and adhere to U.S. government protocols. Maintaining an SAS 70 Type II Certification, a widely recognized auditing standard developed by the American Institute of Certified Public Accountants (AICPA), for data recovery services ensures security protocols and processes are in place to protect your data while it is being handled by a recovery provider.

Myth: Our data is password protected so my enterprise doesn’t need to worry about its information being compromised.

Fact: Don’t assume that your data is safe just because you have a password installed. Choose a data recovery provider that can ensure the safety of your sensitive information and returns it in an encrypted format. Moreover, your provider should employ a comprehensive Information Security Policy that covers all data handling and data security protocols/standards.

Myth: Data recovery providers do not adhere to my organizations’ security requirements, so I’m not comfortable shipping a damaged or corrupt hard drive to a data recovery facility.

Fact: Your chosen provider should adhere to your organizations’ security requirements through all steps of the recovery process, not just during the actual recovery phase. Make sure the provider has ongoing security education for employees, exacting internal controls, sound physical security requirements and a strong commitment from senior management to maintain its security program.

Myth: I don’t trust my data going to a third party because I have no visibility into where my data is actually going.

Fact: After the headaches of data loss, the last thing you need to worry about is where your data is going and if your enterprise will get it back. An expert provider understands the urgency of rapidly responding to all data loss incidents and will give you a deep understanding of where your data is and where it’s going. Consider a provider that offers remote, in-lab and on-site recovery services, among others, to provide you with the right solution for your specific data loss situation. Also ask for regular status updates on your recovery.

Evaluating a respected data recovery provider in advance of a data disaster is the best way to ensure that you are not debunking a recovery myth in the midst of a problem. Working with senior management, IT and security professionals need to begin planning for a disaster now so a plan is in place if a problem should arise. Additionally, you should never fear asking your data recovery provider for more insight into their process and security protocols.

At the end of the day, your corporate information is the lifeline of your organization. Placing it in the wrong hands could create problems for your business larger than your original data disaster.

Todd Johnson, Vice President, Operations, Data Recovery Services and Software, Kroll Ontrack

You must login or register in order to post a comment.

ON DEMAND: DevSecOps creates an environment of shared responsibility for security, where AppSec and development teams become more collaborative. With the right training and tools, developers can become more hands-on with security and, with that upskilling, stand out among their peers... however, they need the security specialists on-side, factoring them into securing code from the start and championing this mindset across the company.

ON DEMAND: The insider threat—consisting of scores of different types of crimes and incidents—is a scourge even during the best of times. But the chaos, instability and desperation that characterize crises also catalyze both intentional and unwitting insider attacks. Learn how your workers, contractors, volunteers and partners are exploiting the dislocation caused by today's climate of Coronavirus, unemployment, disinformation and social unrest.

Security Magazine

2020 September

This month in Security magazine, we bring you our 2020 Most Influential People in Security annual report, where we highlight 22 industry leaders, their path to security, careers, goals and guidance for future security professionals. Industry experts discuss the evolution of ransomware, houses of worship security, cybersecurity standards, security careers in investigations and the unifying power of security. Diane Ritchey, past Editor-in-Chief, says goodbye and thank you to our readers.

View More Create Account

Secure Data Recovery Mythbusting

Related Articles

Related Events

Report Abusive Comment