Protecting an Organization’s Most Valuable Asset: Why a Strong Data Management and Protection Strategy Is Non-Negotiable

With businesses in today’s digital economy having access to more data than ever before, a good data management and data protection strategy is essential. Not only does good data management enable smart and informed decision-making, but it also reduces the risk of data loss and, most importantly, ensures that valuable data is secure and protected from theft and attacks.

We’ve seen many examples recently, both global and local, of what can happen when your data falls into the wrong hands. Unfortunately, South African businesses are increasingly being targeted by cybercriminals, a point that has become increasingly apparent over the past couple of years as companies have had to rapidly change their remote working environments.

Ransomware is a particular challenge locally, with Mimecast reported earlier this year in its 2022 State of Email Security Report that 60% of South African businesses had suffered a ransomware attack in the last 12 months, a statistic that had risen from 47% in 2020.

The truth is, it’s about when an organization will be affected by a ransomware attack, not if, and so, as with physical home security, it must have measures in place that make it more difficult to access for potential criminals. .

Best practices for data security

There are three best practices required for data management, namely: protection, detection and recovery.

  1. Of protection From this perspective, organizations should ensure that they have at least three copies of the data – two copies on different types of storage and a third copy kept offsite on immutable storage.
  2. For detection, it is important that any data backup and recovery solution implemented include malware scanning and anomaly detection. Since there are usually few changes from save to save, your solution should be able to flag an unusual increase in change rates, for example, as this could indicate an anomaly and will allow you to act quickly.
  3. When it comes to recovery, the rule of thumb is that the sooner you know there’s a problem, the sooner you can get over it – by the time you receive this ransom note, it’s too late. Systems and solutions should be tested on a regular basis, and it’s also important to ensure that employees know how to use the solution and are comfortable with it, as there is an important human element when it comes to data management .

Encryption is also more important than ever, because even if data is taken, then it is more difficult for the cybercriminal to decrypt without the correct keys.

How do you go about implementing a data management and protection strategy?

A solid data management and protection strategy requires several considerations.

First, the company must apprehend and understand its data. About 14% to 17% of people’s data is “clean” data, which is important and valuable information, and about 35% is redundant, outdated, and insignificant (ROT) data, or information that has little or no value to an organization. longer, although it is still preserved. The balance is made up of dark data, which is usually unstructured data that is unused, unknown, and untapped.

There are obvious risks in not knowing your data, especially in light of the Personal Information Protection Act (POPI), both from a security and regulatory perspective, and so this is the one of the biggest challenges for data protection and management.

Other important elements of the strategy include data risk management, data access management and control, protection policies and procedures, standards and regulatory compliance, and backup and data recovery.

Ultimately, however, a business must remember that a data management and protection strategy cannot work in isolation – it must be part of a larger protection approach that includes other measures. from security, firewalls, spam filters, and email protection to anti-malware software and point-in-time protection software.

For more information on Datacentrix’s data management offering, please visit

Ramon J. Espinoza