Threats to data security and integrity in business are both constant, and evolving. There are so many shifting parametres and emerging threats, that keeping your data online and available 24/7, can feel like a daunting and relentless task.
And when it all goes wrong, whether malicious or unintentional, the outcome is the same. Downtime.
IT downtime costs businesses in the UK an average of £3.6 million every year, or between an average of £4300 and £258,000 per hour. Companies lose a massive 545 hours of staff productivity per year due to downtime.
So when you’re entrusting somebody else to play a part in keeping your data secure and accessible, whether through a cloud platform or colocation, then what are the key threats to data security and integrity?
Threat 1 - People
Without a doubt, people are your weakest link. All the IT security in the world won’t help you if someone opens the door and lets in the bogie man. From end users to data centre staff, the risk here is very real. So what can you do?
Well education is key here. Regular employee training will help minimise the risk of error at an end user level. How to spot phishing emails, password security… you know the drill. But your end users might not, so train them, and remind them - regularly.
Employees are also an important part of data centre security. Data centre staff should be background checked and fully trained on rigorous physical security procedures. Find out what these procedures are, and make sure the processes meet your expectations. Any of your own staff accessing the data centre need to go through similar checks from your side, and they need to be on the lookout for any flaws or scope for breach whilst on-site.
“I forgot my badge”, should NEVER gain anybody entry. Teach employees at all levels, to stay alert.
Threat 2 - Cybercrime
This is the threat we’re most aware of. It gets the most air time, with most major news outlets focusing on it regularly. It’s a threat that takes on many forms, and one which you need to be protected against from desktop, through to data centre.
And the consequences to business can be quite simply, devastating. The WannaCry ransomware attack of 2017 is reported to have affected over 200,000 computers across 150 countries in just four days, with total damages ranging from hundreds of millions to billions of dollars - the NHS, Nissan and Renault, just some of the big names that suffered.
We’ve talked about end user education, and this is critical here too. When it comes to the increasing issue of social engineering and phishing threats, your staff at the front line can sometimes be your first line of defence. But firewalls, anti-virus, malware protection and up-to-date software are of course, still crucial ways to protect your network.
Many data centres are now using smart monitoring features including Relentless Intrusion Detection which quickly alerts if human attackers, network worms or bots are attacking the system. Only by ensuring data centres are well protected and by incorporating best in class features and technologies can you be assured that your data, and that of your customers, is safe from attack.
Threat 3 - Physical security
Often overlooked, physical security is just as important as cyber security. Consider using a mobile device management (MDM) tool to keep track of what data is accessible by which devices, and force end users to implement secure passwords and PINs. Have a strict computer usage policy that dictates the locking and storage of machines and the use of external drives.
Your data centre should boast optimum security across the board - round the clock surveillance, on-site security personnel, fingerprint, voice or biometric control systems, physical intrusion detection, and state of the art fire suppression. Any data centre should be designed, built and maintained to withstand everything from corporate espionage and petty thieves, to terror attacks and natural disasters.
Threat 4 - Outage
Whether it’s a power cut at the office, or a data centre outage, these things happen. But whatever the cause, you’re potentially looking at some serious downtime. So it’s important to have procedures in place that minimise the impact when the unexpected happens. Workplace Recovery offerings give you the option of shifting your staff to an alternative location in the event your offices become unusable. This could be something as simple as a power cut, or something as devastating as a fire, but it gives you peace of mind. And most providers offer the service at a fair and affordable rate. Think of it as backup for your office space.
Speaking of backup, system failures and data corruption are another reason for outage. So make sure you have a robust backup solution in place that you can invoke quickly and easily. And test it regularly. If you’re using a data centre for cloud or colo, it needs to be resilient and redundant. Some data centre providers are now offering active-active platforms which offer dual-site cloud hosting with automatic failover. Check out our new CloudActiv offering to find out more about the benefits of this service.
When it comes to data security and integrity, failure to plan, is planning to fail. And when it comes to cloud hosting, whether for your own business data or that of your customers, you need to do your homework and make sure that you’ve chosen the safest possible environment.
For help choosing the right data centre for you, download our data centre security checklist here.