If you were thinking that you could get away with unstructured ways of storing data, think again

In a couple of months time, i.e. from April onwards we are going to witness stringent regulations of DPA i.e. Data Protection Act. The new rules would mean strict application towards the compliance of data storage and management:

1. If you don’t live upto the benchmark of data management/security, the monetary implications would scale up to 5,00,000 Euros in penalty.
2. In addition, there is also a possibility of 12 months of ban being handed out to those who fail to manage the data properly.

At Alertsec, we have been constantly focusing on data security and we think it is a fantastic move, especially considering the chain of events at ING, Ceridian and many other corporations where there has been tremendous data loss. Infact there was a case involving HSBC, where they were fined $3 million and it contained the personal information of thousands of customers.

According to an executive, ‘When a high profile company or government organization, looses some important data and gets penalised for it, that is when you will see other firms start to take notice.’

The key issue is the negligence shown on part of the organizations towards data security and management methods. While the organizations are aware of these standards, they were a bit careless about these incidents. But now, with penalties being imposed they would want to tread data security with caution.

Cost is a concern for variety of customers, but in the end they need to realize that there are variety of solutions available out there in the market to meet respective needs. In other words it doesn’t necessarily need to be a high end security solution. It has to be something that matches the checklist of meeting security compliance.

As proponents of Computer Security Software, we feel that a customer should always be educated about the correct choice of product. Not only that, if there are any changes in regulations and laws which govern the data storage techniques, the customer should be always made aware about the same.

If you read the Channel Web magazine’s latest article on this subject, you would agree that their suggestions are very well reflected in our approach:

• Keep yourself updated with new and old laws that create an impact on customer’s business or their data
• Always keep the customers in loop about the new penalties.
• Ensure the upgradation of your products to match the security standards
• Explore the domain experts and make appropriate recommendations to the customers for meeting security compliance

Primarily, organizations need to adopt a multi-pronged approach to manage their data security. Say for e.g. if you are talking about a USB disk, then you need to ensure that it is encrypted correctly. Having said that, encryption isn’t a complete firewall. While it would ensure  protection to some level, there needs to be an extra layer. That extra protection could simply be through the physical protection of your USB disk.

• Previous Entry: ING Compromises Customer Data
• Next Entry: Computer Systems at 2500 Companies Hacked