Pop quiz for IT: How long does your organization retain emails, even those in the Deleted folder? How long are business invoices archived, and how are they organized while in storage?
Many organizations are taking a proactive approach in answering these questions, and writing specific retention guidelines as data archiving becomes a business priority. These new policies are often established before new server rollouts or migrations, with IT now in charge of archiving emails, applications, and full data portfolios. The market is filled with solutions that feature fast response times, customized installations, and accurate search and retention capabilities.
But implementing data archiving tools and retention policies is a challenge for most organizations. I’ve partnered with many of them to accelerate the process, and one solution I’ve worked with more than 100 times, at companies large and small, is Enterprise Vault. This experience has taught me a lot about data archiving. Here’s what I’ve learned, boiled down to four nuggets of advice for any organization. (more…)
You sit down, ready to save a file to a USB drive so you can finish up a project over the weekend. You’ve experienced the dreaded security lock that prevented access to a web page, but now you get a similar message for your download – access denied. The immediate reaction morphs from “Who do I need to authorize this?” to “Get out of my way, I don’t have time for this.” Then comes either a heated phone call to IT, a nasty email, or a face-to-face expression of displeasure at the person who locked you out the file. It’s a waste of time — the indignity of it all.
This scenario plays out at many companies after they deploy Data Loss Prevention (DLP) solutions with file-blocking capabilities. Hard-working employees may attempt to bring work home over a weekend to plan for an upcoming meeting or catch up on important work, but DLP systems stop sensitive data from leaving the server. These roadblocks trade employee productivity for data security — something no company should have to choose.
Most well-meaning employees don’t think twice about copying or sending company files to external media or personal email accounts, but it presents a risk for the company, either as leaked data or noncompliance with certain laws and regulations. DLP solutions halt this movement no matter what employees attempt. (more…)
Most of the highly publicized data breaches involve credit card or bank account numbers, but other sensitive data is also at risk, including Social Security numbers, medical records, personal information like your mother’s maiden name, and more. Sensitive data can also be trade secrets or any other type of intellectual property that, if stolen, could damage a company’s ability to compete in the marketplace.
Enterprise companies are responding to this threat by choosing specialized data loss prevention (DLP) solutions that use policy rules to detect, classify, manage, and protect confidential and critical information. Complete DLP solutions integrate deeply into an organization’s network, file storage, SharePoint, databases, and endpoint PCs, and they offer incredibly detailed reporting and tight security controls, but only when implemented and configured correctly.
Interestingly enough, the biggest challenges to most DLP deployments involve integrating business processes, not technology. To understand the underlying problems organizations often face with DLP implementations, we must examine the three questions every DLP solution must answer. (more…)
IT administrators have plenty of perimeter security tools at their disposal, from firewalls to spam filters to intrusion detection solutions. But despite all the preventative measures, most organizations still have gaps in their security controls or processes, which could lead to cracks in their system. A coordinated attack from an outside threat could penetrate these seemingly thick walls of perimeter security due to poor security management and overlooked system vulnerabilities.
Securing a network’s perimeter, defined as the demarcation point for exchanges among data, assets, employees, and partners, is a struggle for many organizations because of its complexity. IT departments can be easily overwhelmed by operating a complete perimeter security system because individual solutions are often stitched together, and therefore require multiple management controls, protocols, and licenses.
Companies with fewer than 2,000 users experience the most significant challenges, because the laundry list of best practices that includes firewalls, VPNs, web and mail proxies, and intrusion prevention systems (IPSs) is typically expensive and arduous. In response to individual threats, the piecemeal approach of perimeter security is often deployed over many years.
The threats don’t stop, and with infrastructure constantly under attack, the risk of a breach remains high. Here are three common challenges mid-size businesses are facing with regard to perimeter security, and how organizations are solving them. (more…)
Consumers are evolving. Mobile devices, social media, and always-on Internet access have set new expectations for their shopping experience. And the speed of this shift has left some retailers struggling to find the best way to connect with this new generation of shoppers in store and online.
Traditionally, retailers have found ways to engage with their customers using historical data, but this is like looking at a photo: It reflects the past, but not necessarily the present. While retailers may be analyzing data and marketing to their consumers, if they are strictly using historical data, they may not be meeting their customers’ current needs. In order to compete, retailers must be able to answer “now” questions: What are customers doing now? Where are they now? What are their intentions now?
Retailers must look beyond historical data and bring in new data sources — social, mobile, and clickstream – to have a relevant and valued interaction with customers in real time. (more…)
Network security is critical for any organization, but in the health care space, with the personal and medical details of millions of individuals in the balance, the stakes are even higher. Out-of-date software, unimplemented patches, or even outdated passwords could be the vulnerability that exposes the sensitive information of an innocent and unsuspecting patient base. Two recent security breaches suffered by prominent U.S. health insurers highlight these vulnerabilities.
In February, Anthem Inc., the second-largest health insurer in the U.S, revealed that a previously-disclosed hacker attack compromised the health care records of as many as 80 million individuals. A few weeks later, Premera Blue Cross reported that the personal, bank, and health data of an estimated 11 million individuals was exposed when hackers penetrated its system in a similar assault.
These two high-profile security breaches have intensified the spotlight on data security, and raised several important questions for health care organizations (what HIPAA calls “connected entities”) and groups that provide supporting services to health care entities (called “business associates”). These groups should be asking the following questions: (more…)
Organizations sit on mountains of data, and losing that content because of faulty or inadequate backup solutions can be catastrophic. No matter the size of your business, data backup is often necessary to protecting your bottom line. But not all solutions or methods will achieve this objective – at least not easily.
Technology firms like Arcserve, CommVault, Symantec, and others are working to fix that. They manufacture purpose-built backup appliances (PBBAs) that solely conduct data backups and restorations. And as more organizations demand the retention and protection of data, PBBAs are adding processing power and storage capabilities, and continue to leverage the cloud for backup storage.
We recently participated in the beta testing of the Arcserve UDP 7000 Series appliance, one of the newest available. What we experienced reaffirmed our beliefs about the PBBA space – it has solutions for organizations of all sizes, no matter what field.
Here are four takeaways about PBBAs from our beta test, and why these solutions might be right for your organization. (more…)
Data breaches seem to make headlines every week. And as of late 2014, 43 percent of 567 U.S. executives surveyed said their companies experienced a data breach in the past year.
But what’s shocking is how unprepared U.S. companies are for these hacks: 80 percent of the executives said employee negligence was a root cause, and 27 percent of companies didn’t have a response plan in place.
Still, the threat of a hack has pushed network security to the top of the IT priorities list, and organizations are locking down servers and networks. But there are a number of less obvious targets that could still expose sensitive data. Printers are just one example of the ancillary devices that could leave your security strategy vulnerable. (more…)
Imagine you had one cell phone to make phone calls and another to send text messages. And what if you had to tote around a third device solely to send email, and then yet another tool to access your daily calendar?
It’s easy to realize the absurdity of that scenario, but many IT environments are divided in a similar way. Modern technology is built to avoid fragmentation, and just as a single phone consolidates a wide range of functions, it should be similarly easy to realize a more commonsense approach to the critical IT integration infrastructure in your organization.
Efficient communication means the reliable exchange of documents, files, and messages among customers, employees, suppliers, and contract workers, but it’s not always present. The constant movement of inventory, payroll, and invoice documents, and various other internal and external exchanges, drive business so having a slew of separate, disconnected processes should sound a very loud alarm.
Ask your nearest system admin if the design of his organization’s IT integration infrastructure is ideal; chances are the network is composed of disparate systems “glued together” with years of custom code. This dysfunction entangles IT, which has to invest time and energy in the maintenance, monitoring, and management of each singular piece of the network.
A pointed and efficient data environment should be a goal for every IT department. That’s where the consolidation of data integration can work wonders for a business. (more…)
The National Retail Federation’s Big Show was the biggest one yet, as 35,000 retail professionals flooded the Javits Center in New York City to see the newest retail technology and to stay up on industry trends. From digital signage to same-day delivery to mobile payments, the many breeds of technologies for bricks-and-mortar stores dominated conversation at the Big Show. But one key question remained unanswered: How do retailers accomplish it all?
Over the next eight months or so, retailers large and small will be planning, buying, and installing new technologies in anticipation of the 2015 holiday rush. But some organizations are better prepared than others to take the reins and lead the charge. Is your organization ready to start a major tech push, from planning and buying to rollout and support?
The health of your IT environment stems from your IT infrastructure, professionals, and policies. Ask yourself the following questions to check up on whether your IT department is fit enough to start implementing the newest retail technology. (more…)