Why a strong data management and protection strategy is non-negotiable – TechEconomy.ng

With businesses in today’s digital economy having access to more data than ever before, a good data management and data protection strategy is essential.

Not only does good data management enable intelligent and informed decision-making, but it also reduces the risk of data loss and, most importantly, ensures that valuable data is secure and protected from theft and attack.

We’ve seen many examples recently, both global and local, of what can happen when your data falls into the wrong hands.

Unfortunately, South African businesses are increasingly being targeted by cybercriminals, a point that has become increasingly apparent over the past couple of years as companies have had to rapidly change their remote working environments.

Ransomware is a particular challenge locally, with Mimecast reported earlier this year in its 2022 State of Email Security Report that 60% of South African businesses had experienced a ransomware attack in the previous 12 months, a statistic that had risen from 47% in 2020.

The truth is, it’s about when an organization will be affected by a ransomware attack, not if, and so, as with physical home security, it must have measures in place that make it more difficult to access for potential criminals. .

Best practices for data security

Three best practices are required for data management, namely: protection, detection and recovery.

1. One protection From this perspective, organizations should ensure that they have at least three copies of the data – two copies on different types of storage and a third copy kept offsite on immutable storage.

2. For detection, it is important that any data backup and recovery solution implemented include malware scanning and anomaly detection. Since there are usually few changes from save to save, your solution should be able to flag an unusual increase in change rates, for example, as this could indicate an anomaly and will allow you to act quickly.

3. When it comes to recoverythe rule of thumb is that the sooner you know there’s a problem, the sooner you can get over it – by the time you receive this ransom note, it’s too late.

Systems and solutions need to be tested regularly, and it’s also important to make sure employees know how to use the solution and are comfortable with it, as there’s a big human element to data management. .

Encryption is also more important than ever, because even if data is taken, then it is more difficult for the cybercriminal to decrypt without the correct keys.

How do you go about implementing a data management and protection strategy?

A solid data management and protection strategy requires several considerations.

First, the company must apprehend and understand its data.

About 14-17% of people’s data is “clean” data, which is important and valuable information, and about 35% is redundant, outdated, and insignificant (ROT) data, or information that no longer or has little of value to an organization. , although it is still preserved.

The balance is made up of dark data, which is usually unstructured data that is unused, unknown, and untapped.

There are obvious risks in not knowing your data, especially in light of the Personal Information Protection Act (POPI), both from a security and regulatory perspective, and so this is the one of the biggest challenges for data protection and management.

Other important elements of the strategy include data risk management, data access management and control, protection policies and procedures, standards and regulatory compliance, and data backup and recovery procedures.

Ultimately, a business must remember that a data management and protection strategy cannot work in isolation – it must be part of a larger protection approach that includes other security measures. , from firewalls, spam filters and email protection, to anti-malware software and spot protection software.

Ramon J. Espinoza