Every business has data that fits into various buckets: customer data, vendor data, business data, regulatory data. All of this data is both necessary and confidential. There can be disastrous consequences when this sort of data leaks out to the general public. But because businesses have websites, there is another, more public-facing data bucket. That is the data you want the general public to access.
But business websites offer a mix of special challenges. The biggest of those challenges is keeping those buckets from becoming mixed. Customers often have to enter sensitive, personal information into the site just to access basic information. That mix of personal information and public information presents a security nightmare that few businesses manage flawlessly. Here is a closer look at a few of those challenges, and what you can do to better manage them:
The simple fact is that any data that can be stored can be lost. Store data in your brain, and it is subject to deletion by forgetfulness. Store it on a computer, and it is subject to deletion by mechanical failure and malicious activity.
Storing data on the cloud is often presented as an alternative to storing things on a physical hard drive. People forget that there is no such thing as the cloud. What people think of as the cloud is just a series of physical hard drives located elsewhere. Those hard drives are still subject to corruption.
Whether it is a flash drive or a RAID configuration, when data loss occurs you need a specialist. Fortunately, Secure Data Recovery offers options for companies suffering from the result of failed hard drives. Doing business in the 21st century means having a strategy for recovering lost data.
The Dark Side of Backups
By now, everyone knows that the absolute best way to prevent data loss is to have some sort of backup. But backing up data is not all sunshine and roses. There is real work involved, and real decisions to be made that most people have not considered.
First, backups require additional hard drives that you have to purchase. It is hard to explain solutions like Drobo or Synology to the average person. Such solutions are bulky, complicated, and expensive.
Online backups are a simpler way to go. But they incur a monthly or annual bill. Stop paying the bill, lose your backups. You can always pick up a cheap external hard drive and manage backing up by yourself. But that usually results in backups that happen inconsistently before stopping altogether.
All of these backup challenges are well-documented. But perhaps the greatest challenge is the one that most often slips under the radar:
Securing Your Backups
As a business with sensitive data, you are doing the responsible thing by backing up. But the very act of backing up and preventing data loss opens the door to one of the easiest security breach vectors. All too often, when hackers can’t get into the well-secured front door, they crawl into the less secure side window of data backups.
Whenever there are iCloud breaches, it is not iCloud that has actually been compromised, but someone’s iCloud backup. The way Apple wanted to breach the iPhone of the San Bernardino killer was through unencrypted, iCloud backups. That strategy was inadvertently foiled by the FBI. iCloud backups can be encrypted using iTunes running on a Mac or PC.
One of the reasons backups are not encrypted by default is that if you need to restore your system, you want that process to be as painless as possible. Forget your password, and you are forever locked out of your data. Companies want to be able to help you restore your data when something goes wrong. That convenience opens security holes.
There is also the practical matter of numbers. The more copies of a thing you have laying about, the harder it is to secure the data. That said, you can’t have a business website without a responsible backup solution. Just understand that all solutions come with a cost.