Rethinking Data Security & Enterprise Data Storage for 2016
by Jaap van Duijvenbode on June 15, 2016
As the midpoint of 2016 closes in, it's a good time to stop and consider where data security and enterprise data storage stand. The past couple of years have proven brutal for the enterprise, as data breach after data breach made the headlines and rocked the management, IT departments, and PR in countless companies.
But every cloud indeed has a silver lining, and the clouds of these costly and damaging breaches have delivered a silver lining: IT departments are no longer having to beg on hands and needs for the tools and funding they need to adequately address data security and enterprise storage. The C-suite is now approaching their IT managers, ready to deliver whatever is necessary to keep such a thing from happening to them (or, in many cases, happening again).
Back to Basics
It isn't always about having the latest and greatest storage and security tools. Sometimes it's about doing all the basics correctly and consistently.
One way that enterprises are addressing their storage and security issues is to get back to basics. Yes, all of the advanced protective methods and technologies are incredibly useful. But the heartbeat of data storage and security remain in the basics -- doing those well, thoroughly, and consistently. Basic issues like keeping software and firmware patched, utilizing solid monitoring tools and techniques, and keeping employees well-trained in safe use of email and the Internet are still the backbone of good security. More advanced tools and methods can only serve their purpose on top of a solidly based security plan.
Assume a Breach Will Occur
When you look at the data breaches that have made headlines over the past couple of years, one thing is evident: many of those organizations were already doing a lot right. The problem is, when security gets better, so do hackers and cyber criminals. That means that for 2016 and beyond, the focus on data security and enterprise data storage is shifting towards having a plan in place and an IT staff ready and able to face a breach in progress. The fact is, today's software, combined with the incredible number of devices in play on enterprise networks, is just too complex. Vulnerabilities are there -- whether there are intentional backdoors left for the software developer or some government snooping agency, or just undiscovered gaps in security. Today's IT security motto is: be ready and prepared.
Finding Enough Qualified Security Pros will Become More of an Issue
Companies have to decide whether to hire their own storage and security pros or partner with an outside firm to handle those needs.
Unfortunately, there seems to be no immediate relief for the growing shortage in qualified specialists in both enterprise data storage and data security. When those professionals are available, they're expensive. For instance, enterprises interested in migrating to software-defined storage will find few workers ready to walk in and get such a program underway. Similarly, security pros are hard to find and even harder to keep. Many businesses are addressing the shortage by partnering with outside vendors. It's not only less expensive, but it's also very practical, because then the company doesn't become a training ground for storage and security pros that are easily lured away to greener pastures with the competition.
Train. Then Re-Train. Then Train Some More
No discussion of enterprise data storage is complete without a discussion about training workers on security issues. The majority of breaches are traced back to a careless or untrained worker who opened a phishing email, visited an unsafe website, or did something else that can only be described in hindsight as silly. A lot of enterprise IT security managers have begun sending out their own phony phishing emails, just to keep workers well aware of the issues. The phishing emails direct the user to a landing page where they are advised of how they should have responded to the suspicious email. Train workers, but never stop there. How much do you remember from a training session you attended last year, or three years ago? Make training regular, and supplement that training with practical everyday reminders of how to work safely with corporate data, customer data, regulated data, and other sensitive information.
Whether your storage solution includes an on-premises private cloud or one of the enterprise-grade public clouds available (such as Azure), Talon can help empower secure file sharing for a safer and more productive future. You can see exactly how this works when you view our Talon FAST video.