Why Archiving is (or should be) a Vital Part of Your Cyber-security Strategy
Data Archiving is a key aspect of data management and protection, the process involves identifying and transporting dormant data from primary storage into a secure secondary storage system. The dormant data may still be needed by the business and may be used for reference in the future, or may be needed to be kept for regulatory reasons; i.e. legal contracts. Archiving therefore, can be a process which quickly allows organizations to reduce the risk to primary data by moving it and, somewhat as a by-product, giving an audit of the data they have.
The main benefit of moving the dormant data from the primary storage to an archive storage system is that doing so will reduce the data volumes on the primary and storage; which in turn will help in reducing the direct costs associated with running the relatively more expensive primary storage systems; i.e. data backup costs associated with larger data volumes.
Threats and cyber-security
Cyber-security is a growing concern for many IT teams, within many industries and organizations and due to the speed at which cyber-threats are changing they can be difficult to protect against. Traditional anti-virus and blocking solutions can only go some way to protect against threats such as malware and virus attacks, especially when human error is a largely exploited avenue of attack.
Malware or Ransomware as it is most commonly referred to, is a virus that encrypts data on an infected system or network. Once data has been encrypted, cyber-criminals can demand a ransom payment to unencrypt and return the data.
Cyber-criminals are well-funded and technologically advanced enough to effectively combine methods of attack, such as malware and a worm programme, as was the case in the WannaCry attacks recently, which infected over 300,000 users in over 150 countries in just 3-days.
Data Breach and Loss
Cyber-threats and malwares are not the only threats that modern IT networks face. As well as having to abide by legislation, regulation and best practice, data breach is a very real threat that has to be mitigated. One reason that data breach or loss can be such a threat is due to the rate at which data grows within networks and becomes unstructured. Unstructured data is harder to protect as it may be stored in multiple locations unknown to administrators.
Unstructured data refers to data that is not stored or contained in a database or different type of data structure.
Archiving and security
Implemented in the wrong-way archiving could become more of an issue and an extra hassle for IT staff to manage, but if implemented correctly can save time and ensure processes are more efficient. How does archiving link in with cyber-security?
1. Data audit
To successfully implement archiving, you will have to have a full audit of data and understand the structures of data that are currently in place. This allows data to be tiered and protected in the way which is most suited to where that data is in its lifecycle.
2. Data cleansing
Archiving data will reduce the total data stored, on both primary and secondary storage, and ensures the data remaining has value to the organization. The cleaner the data, the more easily value and insight can be drawn from it. The less data there is, the easier it is to protect and keep control of.
3. Policy-driven protection
Automation or policy-driven approaches to data protection will speed up protection, reduce the risk of human error and allow for more regular and accurate reporting on the level of protection a network has. Implementing a successful archiving policy puts a structure in place that can be added to, creating a full data management and protection policy.