The Convergence of Data Protection and Security ...
It’s ironic really. We talk about better “protecting” our data against virus attacks, storage systems failures, or even devastating acts of nature like hurricanes, but we do comparatively little to “protect” the large volumes of data that are sitting “exposed” in the back of tape-vaulting trucks, on employee laptops, or on hard drives being re-tired or re-purposed, etc.
We know the risks -- heck, they are spotlighted in the news each week -- so why aren't we doing more to tackle this problem head-on? It's a very good question, especially when you consider that many of the companies making the headlines with security breaches have some of the most "state-of-the-art" data centers. And they're typically the "early adopters" of technologies. Bottom line: If they can't keep confidential data, well, confidential, who can?
Maybe it's an issue of responsibility? Under whose jurisdiction does information security fall? Who monitors what? Maybe it's an issue of budget? ESG's recent Research Report "Protecting Confidential Data" addresses these issues and a whole bunch of others, and, in doing so, identifies some of the potential gaps within organizations that ultimately can leave sensitive data "exposed."
I argue that one of the keys to closing the gap is to start thinking of data protection and security under the same umbrella. The two are clearly beginning to converge. That means you're going to see a lot more data protection companies not only talking about security but building security features (e.g., encryption, WORM, authentication, etc.) into their data protection products. It's inevitable ... It's necessary.
Comments