- Pooja Chopra, spokesperson for Spectranet (www.spectranet.in), says:
It
has been reported by the U.S. Bureau of Labor Statistics that the majority of
SMEs never recover from catastrophic data loss.
In
a recent research International Data Center reported that 58 percent of the companies
are doing just a local back-up.
Local backups are good and beneficial considering
the first step of protection they provide. These are very effective against
initial errors such as manual intervention with data, software or hardware
failures but these fail when it comes to protection against theft, disaster or
multiple software/hardware failure due to voltage.
Seeing the day-to-day growing dependence, it may not
be exaggerating that businesses thrive on data and Internet. Yet, it is
surprising to see that how businesses are taking risks without thinking much to
invest in a data protection plan. Enterprises need to understand that unlike
physical assets such as buildings and equipments which can be resurrected
quickly through insurance, data loss is practically incurable. It is the most
determining factor for the existence of a business. Hence, the need of the hour
is to think about enterprise data security plan.
Data security plan, in order to be completely
fortified, should meet the three ‘C’s of safe and reliable data center:
Comprehensive: The data plan for
enterprises should be universal and unique to fight the threats and challenges
ahead. One data plan should be able to work against all the odds such as manual
errors, application failures, natural and man-made disasters such as fire,
theft, floods etc.
Convenience: It should be plug-n-play
for your business and IT department. The maintenance of the servers and
security of data should be the worry of data center services
providers and not yours. Without changing much into your existing IT
architecture, they should be able to provide you the necessary or expanded
bandwidth whenever necessary without nudging you for constant care.
Costs: This is the most crucial part.
The data center services should fit into your budget. Your vendor should not be
increasing the amount of the package or bandwidth costs on monthly basis. The
SLA and contract should be with a focus on your business and computing needs.
So, to overcome the challenge of data protection,
data center backups are the best method to retain your data and ensure its well
being. The data
center services providers are offering increasing bandwidth and ubiquity at
any location. The data center is remotely monitored. Human involvement is
limited to IT engineers and expert maintenance team. The geographical location
of data centers also minimizes the risk of earthquake, floods and other natural
calamities. They are often situated at low risk zones.
Most of companies and enterprises are opting for the
data center solutions after imbibing the role of data in the growth of their
ventures. India clearly emerges as the winner seeing the advancements in
technology and cost effective trends in data center realms. Providers like Spectranet
offer tier- 3 infrastructure set up to equip the companies against any data
threat. In the times of disasters, data center India provides quick recovery
progress and help business continuity by retrieving the data in the shortest
turnaround time.
Q&A with Casey Burns,
product marketing manager of virtual solutions with Quantum (www.quantum.com):
DCP: Why
is DXi V1000 useful in today's enterprise data centers? Why should data center
and IT managers care about it? How can they benefit from it?
Burns:
The DXi V1000 is useful for any sized organization that is lacking a disaster
recovery solution at their main location or at their remote locations. Enterprise class data center managers can
appreciate the DXi V1000’s flexible deployment model. The DXi V1000 is a virtual appliance that works with an
existing VMware environment, retaining all of the features and functionality
that customers have come to expect from DXi-Series hardware appliances. If a customer has a number of remote sites
where they are currently utilizing an aging tape drive or maybe some old disk
array with insufficient capacity or functionality, the DXi V1000 would be a
great solution. Customers clearly
recognize the value of deduplication. With normal deduplication rates a single
virtual instance of the DXi V1000 can store upwards of 40TB, providing very
long retention periods and fast local restores of the data. All DXi’s have replication capabilities, so
it’s possible to replicate the data from a DXi V1000 at a remote location to a physical
DXi, or another instance of the DXi V1000 at the data center. This turns out to be a very viable disaster recovery solution, which can be an
overlooked value of deduplication.
DCP:
Where should DXi V1000 rank in terms of overall priority in the data center?
Burns: For those customers seeking
disaster recovery for their remote sites or data center, the DXi V1000 could
easily rank in the top 5. The inherent
value of utilizing the existing investment in infrastructure (servers, networking,
WAN connections, backup applications, etc) to deploy a virtual appliance
deduplication solution allows customers to make very quick, yet smart,
decisions on using the DXi V1000. At
$2250 per TB with built in replication, encryption and deduplication in a small
(4GB vRAM) virtual appliance, this can be a very compelling story for data
center managers, allowing them to move disaster recovery of their remote sites
and data center up the priority list.
Customers already have virtual environments deployed. Why not use those
resources to establish a disaster recovery solution?
For data center customers who are also in an
acquisition mode, the DXi V1000 could be a great fit as well. Perhaps a company has a data center with a
physical DXi appliance that has high-capacity scale, like the DXi8500 with up
to 320TB. Imagine that company acquires
a smaller company that isn’t tied into their IT infrastructure yet. That
company could easily deploy a DXi V1000 at the new location and start replication
immediately to the DXi8500 in the data center and bring that site into the
parent company’s policies and procedures quickly and easily.
DCP:
What are the biggest challenges for data center and IT managers when it comes
to DXi V1000?
Burns:
IT managers should keep in mind that performance for DXi V1000 is largely
determined by the virtual environment it is deployed in. We have seen really good performance from our
own testing and from our own customers, around 1TB/hr ingest (we still use the
same inline variable length deduplication process as our physical appliances),
and we have best practice guides available to help tune virtual environments
for optimal performance. This is not so
much a characteristic of the solution itself, but rather a challenge of being a
virtual appliance and being bound to external factors that are somewhat driven
by physical appliances. The features and
functionality are the primary selling factors for DXi V1000.
DCP:
How can data center and IT managers overcome those challenges?
Burns:
As I mentioned, there are not many challenges, really the performance which is
negated by the value and uniqueness of the DXi V1000, and we can address this
challenge with the best practice guide available from Quantum to help tune the
solution and optimize performance in a virtual environment.
DCP:
What advice can you give to IT and data center managers that have a plethora of
similar solutions to choose from?
Burns:
Customers should be looking into solutions that can provide them with scale and
deployment options for their data center, remote offices and any other offices
they may consume, and also how can the partner help them protect data today and
tomorrow, use of the cloud and protect both physical and virtual data sets in a
single solution. Quantum has been advancing deduplication for over six years
now. We provide customers with options for physical appliances and now offer a
virtual appliance in DXi V1000. The DXi Series can protect both physical and
virtual data sets, and provides a cloud connected architecture, whether that be
private, public or a hybrid cloud approach.
There are a number of deduplication options for customers to choose
from, but only Quantum holds the patent for variable length deduplication,
proven to be the most disk efficient process available. DXi offers an unmatched breadth of scalability,
going from 1TB to 320TB in a single software platform.
###
Casey Burns is Quantum’s Product Marketing
Manager, Virtual Solutions. Casey has
extensive experience and knowledge in the storage industry, and a professional
focus in the areas of data deduplication and virtualization.
- Christophe
Bertrand, senior director of corporate & product marketing at Hitachi Data
Systems (http://www.hds.com), says:
Data
center administrators are facing a myriad of challenges when it comes to managing
the explosive growth of data coming into and moving across organizations today.
Data capacity, applications and virtual servers are
all growing at exponential rates and IT departments are struggling to store and
manage all of that digital content, while keeping operational expenses in
check. Furthermore, the threat of failing to meet data- or content-based service
level objectives (SLO) for customers could result in financial and legal penalties
for an organization.
This means IT administrators
are bogged down and forced to deal with housekeeping tasks, to reign in all that data, reducing their
productivity and taking their focus away from higher level activities that
could advance the business, ensure compliance, or deliver new, value added
services and applications to employees.
Dissecting the
Data Problem
IDC
is predicting the biggest challenge for IT administrators will come from the
type of data expected to grow the most – unstructured data, which will come into
organizations over internet protocols as files or objects. These collections or
“stores” of unstructured data will grow into hundreds and thousands of
petabytes and billions of objects, requiring larger file systems and scalable
block storage systems. However, these systems will not be enough. The growth of
unstructured data will require the integration and management of file, block
and object data. This convergence will translate into greater storage
efficiencies by eliminating three major costs:
·backup
for data protection;
·extracting,
transforming, and loading (ETL) for data analysi;s; and,
· managing silos of file, block and object data.
Plotting a
Solution Among the Myriad of Options
To
address this, many in the storage industry are putting a renewed focus on
unified storage. While the idea of unified storage is not a new one, the market
requirements and customer challenges have intensified since the first wave of
unified storage products entered the market. What remains to be seen is how
effective the unified storage offerings of today will be at addressing the increasingly
more stringent SLA/SLO requirements of enterprise customers.
In
many ways, traditional unified storage is a bit of a “Jack of all trades…master
of none”, and typically targeted at the lower tiers of the market. Most unified
storage products today tend to be strong in one data type (either block or
file) and weak in another. Many mid-market and enterprise users today need less
complex and more unified infrastructures. What customers are really looking for
is a “no compromise” approach to unified storage with equal block and file
performance, scalability and reliability – with a single management framework. This
approach to unified storage will help businesses of all sizes effectively
address the many challenges related to managing data, including handling its growth,
managing costs, simplifying complexity and meeting service level objectives.
The
needs of the end user must come first. One of the top concerns of CIOs and IT
administrators when discussing unified storage is they want the ability to have
a unified view of their data center assets. This starts with the management of
those assets. A truly unified approach allows IT to view and manage block, file
and objects, all from a single place. This goes beyond unifying the management of
assets within a particular product suite or stack of products, but across an entire
suite of disparate solutions. By focusing on unified management, customers can
manage and deploy their storage in a single solution, access block, file and
object views, receive a unified dashboard, and access reporting tools across
their infrastructure.
End
users typically buy unified storage as a way to overcome the complexity of
their infrastructure. However, while most unified platforms can theoretically
handle large capacities of data, in reality scale creates tradeoffs: performance
degradation, inability to protect the data effectively, inability to handle
large files systems. Balanced scalability is critical, not just capacity
scalability.
Organizations
today want to simplify their acquisition models and gain new levels of
flexibility when it comes to their storage solutions. What’s important to keep
in mind when thinking about unified storage is whether or not the product is supported
by a single management software platform for all data types, and how well the
product integrates with the rest of the vendor’s portfolio. Is it part of a
shared management framework, or another silo that adds to complexity?
The world has changed
and re-examining what and where unified platforms fit is key. At the end of the
day, unified storage products should be designed to eliminate silos, not cause
more complexity and inefficiencies in the data center.
- Haseeb Budhani, chief product officer at Infineta Systems (www.infineta.com), says:
The “killer app” for WAN optimization ten years ago was file access and sharing. Businesses were tired of maintaining file servers and domain controllers in each branch, and began consolidating file server farms into regional data centers. As soon as file servers were removed from the branch, employee productivity began falling. This was a direct result of protocol (CIFS and TCP) inefficiencies, or a lack of bandwidth between the branch and the data center. Looking back, it was WAN optimization solutions from the likes of Riverbed, Bluecoat and Cisco that helped server consolidation strategies reach fruition.
WAN optimization is now a must-have component of branch infrastructure for verticals as diverse as financial services, semi-conductor and legal. Buying WAN optimization equipment is like buying a branch router for many businesses now – both are on the checklist when IT is bringing a new branch or a new application online.
Today, the “killer app” for WAN optimization is data protection. Out of sheer necessity, and because of information retention mandates, businesses are investing in out-of-region data centers where they can make periodic copies (through high-speed replication and backups) of all critical content to insure themselves against disasters:
Financial services companies are required to keep all customer records and trading information safe in a remote data center, which could be as far as 2,000 miles away.
Cloud providers are expected to guarantee strict data retention and availability SLAs to their customers by maintaining one or more copies of all customer data in remote locations.
Health care companies must store all medical record updates for patients (including large X-Ray or MRI files) in remote data centers to protect against disasters.
At the same time, businesses are trying to reduce costs by consolidating data centers. The U.S. federal government has announced a plan to close 800 data centers by 2015 (1) . A number of companies such as Microsoft have also announced data center consolidation plans. Unless organizations can ensure that the requisite WAN connectivity is complemented with WAN optimization designed to address inter-data center pain points, fewer, larger data centers will adversely impact data protection strategies because more data will now need to be moved, farther.
When it comes to a comprehensive strategy to protect data, many enterprise data centers just aren’t ready. Either they are too far apart for native transport and replication protocols to function at optimum levels, or there isn’t enough WAN capacity available between the sites to support the high replication/backup traffic rates.
So what options do businesses have?
Keep buying more bandwidth – Depending on the distance between data centers, this tactic sometimes ends up delivering little to no value.
Protect less data – With data storage requirements doubling every two years , this strategy increases the risk of major economic impact in case of a disaster.
Adopt next-generation WAN optimization solutions – High-capacity WAN optimization solutions virtually creates more bandwidth (through data reduction techniques) and mitigates the impact of WAN latency (through transport and protocol level optimization techniques).
WAN optimization technologies have had a transformative impact on businesses since their introduction almost a decade ago, when they helped simplify the branch IT infrastructure by enabling hub and spoke designs. Today, IT and network architects need to look at the next generation of WAN optimization solutions that are specifically designed to accelerate all traffic between a mesh of data centers at multi-Gigabit speeds. WAN optimization will be essential as businesses start building private clouds that span multiple data centers, and when they start carrying out VM migrations between data centers to better utilize resources in remote locations. Such levels of data mobility will require high-bandwidth, low-latency connectivity that is currently difficult, if not impossible, to guarantee between data centers.
Businesses that leverage next-generation WAN optimization solutions will succeed in transforming data centers from storage and compute silos into nodes in a larger network fabric where data is highly available and eminently mobile.
1. Forrester Research, Inc. May 2010. "The Future of Data Center Wide-Area Networking."
- David Gibson, director of strategy at Varonis (www.varonis.com) says:
Telecommunications service provider Matanuska Telephone Association (MTA) is one of many organizations benefiting from the insight we provide into day-to-day operations and data governance, compliance and auditing obligations. When trying to manage unstructured data, rather than manually searching for answers to common data management questions, the MTA team has found that Varonis saves them significant time and resources by instantly determining who has been accessing which folders, what data they have been accessing, who deleted a file and the location of missing files.
Employees would inadvertently move, rename, or accidentally delete files, and the team would have to try and locate or recover them. Having to do this manually meant too many hours were spent tracking things down and they couldn’t attend to other, more pressing matters.
MTA has now set up automated alerts and reports within Varonis DatAdvantage that identify both the sensitive files, folders and/or directories within the organization as well as the employees who should – and should not – have access to them. Using DatAdvantage provides MTA with invaluable insights into day-to-day operations that were virtually impossible before when they didn’t have the logging capacity or a way to search in an efficient manner. To satisfy internal compliance requirements, their team is able to verify who has access to which data and what files those individuals actually access.
How It Works
Varonis DatAdvantage automates access and permission management for unstructured and semi-structured data on file systems, NAS devices, SharePoint sites and Exchange mailboxes, providing visibility into data usage and recommendations for changes based on data access, usage and group membership.
By combining the permissions data, access activity, and sophisticated bi-directional cluster analysis, Varonis determines where users may have excessive permissions and makes recommendations on how access can be restricted without effecting normal business activity—which groups a user can be removed from/who can be removed from which groups. Varonis DatAdvantage also provides a complete audit trail of all file and folder access events (including “delete” events) in its Log Area. All events can be searched and sorted to pinpoint exactly who accessed, moved, modified, or deleted a file on any monitored server, and when.
DatAdvantage for Windows captures every file access event (open, create, delete, modify, move, etc.) by every person accessing the monitored infrastructure and calculates each individuals daily average number of access events, and their standard deviation for a configurable threshold of days. If, on a given day, a user exceeds their daily average by more than three times their standard deviation, Varonis generates an alert.
Finn Rye, information security officer for MTA told us, "Before DatAdvantage, the situation was very much like looking for information on the Internet without a sophisticated search engine. We simply weren’t able to do the investigation or incident responses we can now. We can generate detailed statistics and a searchable log of every file-touch, so we can rapidly identify excessive file opens, deletes or other such anomalous behaviors. As Varonis captures every file access event by every person accessing the monitored data, we can manage and monitor event anomalies around our sensitive data. And importantly, DatAdvantage gives us visibility into potential data risks by uncovering overly permissive access."
I realize that it’s nearly impossible to keep track of all the certifications, audits and acronyms in the IT world. However, the SSAE 16 audit, which was introduced in June 2011, has quickly become the gold standard, and “Good Housekeeping” seal of approval for customers seeking vendors who can demonstrate and offer consistent and reliable security protocols, software development standards, and operational standards necessary to support the needs of global customers.
First To File, an IP data management technology company based in San Mateo, CA, recently went through the process to complete an SSAE16 audit for the third time (SAS70 II for two of those times), passing without exception. Even though it’s a fairly arduous process, we have found it is the best way to demonstrate to large corporations and law firms that we maintain the most stringent controls needed to provide the highest levels of quality, security, and service.
Our clients have invested thousands to millions of dollars in their IP assets; often betting the company’s future on those assets. Since the associated IP documents represent huge value and risk if compromised, they are understandably concerned with obtaining assurances that their data will be managed securely. The SSAE16 audit plays an important role in our giving clients the peace of mind they need to trust our technology. The continued rapid growth of Software as a Service (“SaaS”) as a software delivery model (Gartner Group expects SaaS sales to again double from $10B in 2010 to $20B+ by 2015) is further evidence for the importance of independent security protocols and requirements such as the SSAE16 to ensure reliability to those purchasing SaaS technology. It’s particularly critical for those technologies managing intellectual property.
The SSAE16 Service Auditors’ Report includes a detailed description of First To File’s controls and an independent assessment of whether the controls are suitably designed, utilized in operation, and operating as described.
SSAE16 is the New, Improved Version of SAS70
How does the SSAE16 audit differ from the other service audit, SAS 70, and why should this be important to you as an IT manager? Basically, both the SAS 70 and SSAE16 are audits conducted by authorized independent accounting firms which are members of the AICPA – American Institute of CPAs. The assessments look at the internal controls of a service organization to verify and provide assurance that the vendor’s claims about services are actually true. The SSAE16 is the new improved version of what was formerly the SAS 70, carrying more stringent guidelines to ensure that the service organization’s policies and procedures were correctly designed and operating effectively enough throughout the period specified by the report.
Simply put, companies who complete an annual SSAE16 examination are able to demonstrate a substantially higher level of assurance and operational accountability than companies which do not. Specifically within the IP industry, clients want to know that their sensitive documents are secure. Entities that are able to provide an SSAE16 report allow their clients to decrease their risk to these incredibly important assets of any corporation or law firm. They do so without having to do an audit themselves, which saves both time and money.
For First To File, undergoing the SSAE16 audit process has been a tremendous investment, both in terms of time and money. By making it our critical mission to protect our clients and their data, it was a no-brainer to invest in having the third party audit conducted. From our standpoint, passing the SSAE16 audit is not optional – it’s mandatory.
About the Author
James P. Bergeron, is CEO at First to File, the leading provider of secure IP management services to corporations and law firms. He is a frequent speaker and writer on topics related to IP data management. Email him at jbergeron@firsttofile.com.
- David Gibson, director of strategy at Varonis (www.varonis.com) says:
The new one-terabyte Swiss Army Knife, one of the interesting new products unveiled at the 2012 Consumer Electronics Show in Las Vegas, is a popular reminder that organizations need to take extra care when defending their corporate data.
If employees can walk out of a building with such dizzying volumes of data in their pockets, physical security staff would have to be extraordinarily lucky to detect a rogue employee looking to steal what for many organizations would represent an image of their entire sales and customer database.
With this fast USB drive-equipped Swiss Army Knife being capable of 150 MB/s data write speeds, you really getting are into ‘Mission Impossible' territory when it comes to defending your data against such electronic heisting.
As we all know, however, many organizations must deal with the prospect of stale, excessive permissions, and the absence of an audit trail -- who is doing what with their data and when -- and comply with regulations that mandate that access controls are properly maintained, and use of data is monitored.
One of the problems with managing and protecting data on corporate IT systems is that around two-thirds of the information is typically stored in an unstructured format. This unstructured data is notoriously difficult to track, owing to the volume of data, the enormous number of files, the complexity of the hierarchies and the permissions structure, and the amount of access events that are generated each day.
The challenge facing IT security managers is that effective permissions analysis and auditing now require sophisticated automation. Manual authorization processes are simply too inefficient to keep up with the pace of change, and native audit functionality included with the unstructured platforms is resource intensive, difficult to store, and difficult to analyze.
USB drives are incredibly useful, and many companies are hesitant to lock them down altogether. But with the prospect of someone being able to transfer the many gigabytes of files onto a device they carry around in their pocket or purse - and which bears absolutely no resemblance to a portable hard drive - the chances of a rogue member of staff being detected with this data are close to zero without using automation to audit and analyze access activity.
Against this backdrop, the arrival of the one-terabyte Swiss Army Knife high-speed USB drive is really a wake-up call to any organization that stores large volumes of data on its IT systems, and does not have a comprehensive audit trail of activity on all their data.
With more than 4,500 installations worldwide, Varonis' patented technology and highly accurate analytics engine provide organizations with total visibility and control over their data, ensuring that only the right users have access to the right data at all times, all use of data is monitored, and probable abuse is flagged.
- David Gibson, director of strategy at Varonis (www.varonis.com) says:
As one of the world's top data governance solution providers, we are paying close attention to sweeping new data protection legislation that will soon be announced by the European Commission and we are advising U.S.-based companies to take a closer look at putting reliable, robust systems in place for protecting data and commit resources to protecting data in anticipation of these new laws, even if you're not doing business abroad.
We’re already seeing the UK regulator, the ICO, imposing its first major fines on public sector bodies, so it’s clear that regulators are recognizing the increasing value of digital assets, and the need to protect them. With penalties of five percent of global turnover, you just have to shape up, or face the consequences, as it's likely we'll see the U.S. following suit in the near future.
With over 23 million records containing personally identifiable information (PII) (source: privacyrights.org) leaked in 2011 alone, it is more important than ever for organizations to have proactive and repeatable processes in place for identifying and protecting critical data. There are already PII laws in the U.S. including California, Nevada and Massachusetts.
Data center security professionals may be surprised to learn that the U.S. Sarbanes-Oxley Act draws closely on the original 1985 UK Companies Act. European laws are traditionally broader and deeper, and will influence U.S. legislation. In this way even U.S. companies not doing business abroad are affected by international laws so it's imperative that we pay attention now.
The biggest risk surrounding data does not come from hackers directly compromising customer and employee files, but from overly permissive access, lack of access auditing, lack of context, and lack of automation for the volumes of unstructured data that slosh around company archives.
Research from Forrester and other analyst firms show that more than three quarters of data in large enterprises is unstructured, is overly accessible, lacks access auditing, and lacks automated analysis of authorizations and use.
Auditing this data can be difficult for data center managers but that doesn’t mean it is impossible. It just means that an organization has to invest in the necessary data protection and analytical technologies capable of auditing – down to the last file – who does what, when and where with the data.
With more than 4,500 installations worldwide, Varonis' patented technology and highly accurate analytics engine provide organizations with total visibility and control over their data, ensuring that only the right users have access to the right data at all times.
- Eric Carpenter, director of enterprise applications at Rand Secure Archive (www.randsa.com), says:
Companies in the engineering, building, civil and manufacturing industries each have specific unique challenges in data archiving and retrieval solutions. Rand Secure Archive specializes in specific data archiving solutions that are built upon Autonomy’s IDOL platform for these industries. These solutions combine the world-renowned Autonomy archive and retrieval technology with knowledge from experts who have actually worked on design engineering products in these industries.
CAD models, email communications, instant messaging, voicemails, project documentation and scanned information contributes to an ever increasing amount of electronic data. This critical data is growing at a rate of 30-40 percent each year and yet corporate, government and financial policies require that this data be easily searchable and accessible at any time. Combined with an overtaxed IT department, regulatory and corporate governance requirements and tight budgets, smart firms are seeking a formalized, yet cost-effective, solution to archive and retrieve their critical data. CAD-based organizations have an even greater need for data archiving solutions as the models are both large and constantly related to numerous other files.
While there are common data archiving issues across the design engineering community regardless of industry, Rand Secure Archive experts are well equipped to solve the fundamental archiving challenges as well as the toughest, industry specific challenges.
The list below highlights some of the frequent challenges unique to those trying to implement an archiving solution in specific industry verticals.
• Architecture: Implementing Building Information Modeling (BIM) and the quantity of relational electronic data as well as the introduction of Integrated Product Delivery (IPD) that results in an ecosystem that now includes partners, vendors and the customer that need to share and access project data such as detailed contract information.
• Civil: High definition scanning that introduces more data points into BIM models and creates much larger volumes of data that need to be accessed on a 7/24/365 basis.
• Manufacturing: Integrating a collaborative design environment that leverages 2D and 3D parametric and non-parametric data combined with a process where partners, vendors and customers participate together across geographies brings new challenges to the forefront. A comprehensive archiving solution provides manufacturers with additional support for the retrieval of information such as warranty and customer service support.
- David Gibson, director of technical marketing and strategic sales at Varonis (www.varonis.com) says:
2011 was one of the most turbulent years for data owners in recent memory, and next year will be no different. In order to cut through the data jungle, we've identified four key areas that are poised to present challenges in the coming year - - secure collaboration, "big data," data automation and insider threats.
Look for secure collaboration to go viral. Data will continue to grow at 50% year over year, digital collaboration will continue to be the core of every business process, and IT budgets will stay flat. Instead of losing complete control, 2012 will be the year data owners get involved – they will take back access control decisions from IT, demand automation to analyze data, make better decisions, and eliminate costly, ineffective manual processes.
"Big data" analytics will expand to include the biggest data of all: unstructured information sitting on file servers, NAS devices, and in email systems. Effective data governance requires harnessing the power of metadata through intelligent automation. It is not surprising that industry experts are now saying that the same kind of automation is necessary for more than good governance. In order to harness the power of big data, you’ll need to analyze and look for patterns in how and when these massive amounts of data are used, who uses it, in what sequence, and what it contains in order to effectively run a data-driven organization. It's a widely known fact that the majority of big data in the enterprise is unstructured versus structured.
Organizations will start keeping track of their assets through automation and many IT departments will begin taking drastic measures, such as shutting down “at risk” servers or access to e-mail if the proper audit trails are not in place. More and more requests are coming from corporate users who have hundreds or thousands of employees to deploy our technology to understand data usage, data ownership, permissions optimization, and to identify and contain their internal threats.
In a recent high profile case, one organization used our software to catch an infiltrator who was operating as a contractor within their firewall. Another company recently enforced a policy of "no visible audit trail, no email!" Meaning, if the auditing is not available in their email system, they aren’t allowed to use email. Another large enterprise has also recently said that auditing has become so important that they are adopting the same policy on their file systems.
Internal threats will still be a major worry despite the demise of Wiki Leaks. When it comes to data loss, threats from inside the organization have become as dangerous, if not more so, than those from outside. In many of the security breaches in 2011, employees or contractors were able to delete or download thousands of files without raising concerns because often no one was able to determine what sensitive data they had access to and secure it before information could be stolen, view an audit trail of what they actually did access after the fact, and certainly not hear any alarms go off while the breach was in progress, when access activity was unusual.
- Ken Cheney, vice president for business development and marketing, Likewise (http://www.likewise.com/), says:
While digital data in all forms is more than doubling every two years, IDC predicted (in 2008) that the annual growth rate for unstructured data in data centers would exceed 60 percent through 2012. More recent estimates indicate that IDC’s prediction was somewhat conservative. One estimate indicates that by 2012 unstructured data will consume 80 percent of data center storage. (Unstructured data includes financial files, medical records, office documents, media and big data files.)
According to Ken Cheney, vice president of business development and marketing for Likewise, “some 40 percent of unstructured data is classified as sensitive and only 14 percent of organizations with a plan for managing that data.” To address this growing challenge, Likewise announced Likewise Data Analytics and Governance software, now available in a public beta, which gives organizations greater visibility into their unstructured data for improved security, auditing and compliance.
Industry analysts, Storage Strategies Now, wrote in a report: Most enterprise organizations have little understanding of their unstructured data. The risks and costs due to this lack of understanding include losing valuable data, not effectively exploiting assets, security risks and the inability to meet compliance, legal, and regulatory requirements.
Likewise Data Analytics and Governance enables organizations to implement a set of automated best practices to secure and manage unstructured data. The application uses analytics to contextualize data with user identity, sensitivity, and other information to mitigate risks, reduce costs and create value.
The software can help organizations understand performance and usage across storage pools, categorize unstructured data to create new applications or lines of business, and exploit data to maximize revenue. Companies can consolidate reporting across data silos, enforce consistent access policies, and manage entitlements from a single web console. The result is a global hierarchical view of an organization’s unstructured data that can identify and remediate root causes of security, performance and access issues.
"The problem with unstructured data has grown exponentially over time. It can seem insurmountable, but companies must get their arms around the sensitive data contained in these files,” said Ginny Roth, analyst, Enterprise Strategy Group. “Without the ability to have some glimpse into this data in the wild, companies will be increasingly vulnerable to high profile breaches."
The new Likewise application integrates with the Likewise Storage Services platform used by OEM network attached storage (NAS) vendors such as HP and EMC-Isilon, and has adapters that support NetApp, EMC-Celerra and other NAS filers. The beta version is available for qualifying customers with pricing that starts at $18,000.
The Likewise Storage Services platform, used by such OEM storage vendors as HP and EMC Isilon, offers a consistent security model for file-based access and cross-platform, unified storage across physical, virtual and cloud environments. Likewise Storage Services provides integrated identity and access management, as well as secure access to data from Windows, Unix and Linux systems. Supported protocols include SMB/CIFS 1.0, 2.0, 2.1, NFS 3.0, and a RESTful API. Likewise Storage Services is available with a commercial license from Likewise Software.
In the United States alone, the total number of records containing sensitive personal information involved in a reported security breach since January 2005 has risen to approximately 542,355,201 million, and the average time to resolve a cyber-attack once it has been detected is at least 18 days, according to a Cost of Cyber Crime Study conducted by the Ponemon Institute.
The company also found in a related study on the True Cost of Compliance that the expense associated with achieving and maintaining compliance is, on average, more than $3.5 million – noticeably less than the $9.4 million in estimated costs for failing to comply with regulations. This cost analysis provides a critical frame of reference for IT management because it suggests that a higher investment in compliance-related activities reduces the negative consequences and costs associated with non-compliance.
Weighing the Cost of Non-Compliance – An IT Security Challenge
Achieving and maintaining compliance has been a key issue for IT managers for years and it is surprising that it continues to be such a significant challenge for almost every business, regardless of size. You need only look at this year’s data breach statistics across healthcare, banking, financial, and retail markets, among others, to know that the problem is not going away any time soon.
Why? It’s because most network security technology is reactive in nature, and nearly all enterprise security systems that are deployed today are comprised of disparate applications and appliances that do not retain and correlate suspicious traffic for more than a few minutes.
In order to safeguard network assets, protect confidential data and maintain compliance within their unique vertical market, IT managers need to be able to detect reconnaissance activity leading up to an attack – before a breach occurs – and they need a historical context and depth of analysis in order to more quickly detect a breach after it occurs.
Unified Network Behavior Analysis-Based Security Can Help Businesses Meet or Exceed Compliance Requirements
Instead of cobbling together discrete ‘best of breed’ security offerings that focus on various critical aspects of network security, an architecture based security system that utilizes network behavior analysis and correlation enables IT personnel to quickly and efficiently manage, monitor, analyze, and correlate discrete security events, alerts, logs and reports into actionable security threats across application subsystems.
Global DataGuard’s unified approach to security does just that. Powered by a network behavior analysis-based engine within a security architecture that provides true subsystem integration of core security applications, the company’s unified enterprise security (UES) system can provide early warnings of security threats that other products may not detect. How? It can perform predictive analysis by retaining and correlating suspicious raw packet data for a rolling 14-30 days and signature alerts and behavioral profiles for six months or more. It can also:
perform intrusion detection and prevention, with customizable signatures for DLP and compliance;
adapt to evolving networks and track network resources across application subsystems;
monitor network access and policies for use of critical assets;
perform sophisticated analysis, correlation and alerting on logs and store the raw logs and alerts for over a year, as well as reviews logs 24/7 so that a customer has timely access to information of interest;
provision on-demand vulnerability scanning and real-time correlation of scans with other alerts;
facilitate data sharing with other UES security applications to connect the dots between multiple threats; and
provide an easy-to-use, instant view of prioritized network, global, vendor and vulnerability threats and the underlying data that created them via a portal that provides unified administration and monitoring;
With more than a decade of experience in network behavior analysis-based unified security, Global DataGuard’s UES system and 24/7 managed and professional services are designed from the ground up to address compliance-specific requirements related to the integration of processes, technology, service, and reporting. Global DataGuard software and services can be customized based on a company’s unique network requirements – from a few security applications to a complete system – providing IT managers and their staff with greater efficiency in labor and detection ability, lower acquisition costs, and easier deployment and management of their company’s network security ecosystem.
- Gary Sevounts, vice president of marketing Zetta (www.zetta.net), says:
As data growth is still one of the top three challenges for organizations today, keeping the data available becomes more and more challenging, whether a user accidentally deletes a file or a hurricane takes out the entire data center. Companies such as Google have largely licked this problem. With interconnected data centers worldwide, it can afford to shut one completely down without losing data or lowering service levels. But what about those who don’t have the billions to spend on building redundant data centers? To address their offsite data backup needs, there are four major options: tape, mirroring to a DR site, colocation and online data backups.
Tape
Tape backups have been around for decades. Many companies already have the equipment, software and procedures in place for tape archiving. In those organizations where tape is working well and is not tying up IT resources, it is probably best to continue its usage. But for many, tape has drawbacks such as:
High cost of hardware, backup software and tape cartridges
The need to physically transport tapes off site
Slow data retrieval and restores. Both full and incremental backup tapes need to be obtained from the storage facility and loaded in the proper sequence, before a file can be restored
High failure rate of restores
Mirroring or Replicating to a Secondary Site
Even if a company doesn’t have multiple data centers, it can often set up servers at another of its offices to act as a backup for the primary storage system. Since the data is transferred electronically between the primary and the secondary storage disks, and since the backup copy is online rather than sitting on a tape in a vault, restoring data is much faster than when using tape backups. The secondary site can also be used to ensure business continuity during a disaster. However, this approach also means:
Purchasing an additional set of hardware and software
Installing the required power, cooling and networking at the secondary site
Ongoing costs for licensing and support
Having staff to support the secondary equipment
Backup to a Colocation Facility
Companies can lease rack space at a colocation facility and install their own backup equipment. This saves some of the costs of maintaining the infrastructure. However, it still requires:
Purchase of additional hardware and software
Ongoing costs for licensing and support
Costs of leasing space at the colocation facility and any additional fees for support.
Online Data Backups
With online data backups, a company pays a fee for the amount of offsite storage required. The data is automatically backed up and files can be restored over a WAN connection. Advantages include:
Instant retrieval and restoration of data to the same location or to a disaster recovery site
Reduced complexity – no need to buy or maintain hardware or software
Reduced backup windows
Scalable on demand as storage needs grow
No need to have staff trained in specialized skills for backup and retrieval
- Deirdre Mahon, vice president of marketing at Rainstor (www.rainstor.com), says:
Probably the single most challenging part of proactively managing the data center is the strategy and planning around IT infrastructure and how much capacity is required to retain existing enterprise data in addition to future storage capacity requirements. Most organizations today retain enterprise data for many years and in fact many never actually delete the data – once transacted, it is retained from “now on.” This places burden on IT that requires data to be online and available for continuous query and analysis in addition to providing fast access to external regulators that govern how long data be retained.
Typically, IT keeps the data in the systems it was originally transacted until such a time where that system is no longer used and becomes legacy but where the data still needs to be retained and accessed. Increasing demands from the business to query this data enforces IT to keep it in expensive systems that require costly DBA resources to maintain over time. However, more diligent information life-cycle data management is required which enforces policies around how long data is retained in enterprise production environments that will ultimately make IT much more efficient and satisfy both the business needs and additionally the IT budget. Offloading large volumes of transactional data from production to a dedicated online archive is key to enabling Big Data to be retained at lowest possible cost and efficient scale.
IT needs to be more rigorous with data management and infrastructure technology choices and the resultant expenditures. Gone are the days where traditional relational or analytical environments are the only option to keep data secure, available and online for business query. There is no longer a one-size fits all approach to managing enterprise data. In the last decade, there has been tremendous innovation in the world of data management and we have witnessed rapid adoption of NoSQL, In-memory, Columnar and Hadoop/MapReduce as ways to corral the ever-growing volume of multi-structured enterprise data. Whilst IT is struggling to transform this data into actionable information for the business, it is very important to not lose sight of the overall cost of storing and retaining this data, which will become even more pronounced as volumes continue to escalate.
A right-tiering approach to how data is managed and stored is required and deploying best-of-breed purpose-built technologies to satisfy the specific business need is what IT needs to focus on.
Analysts continue to report that Big Data is on the rise. IDC says the amount of data will grow 44 times by 2020, and the amount of digital information created and replicated rose by 62 percent in 2010 to nearly 800,000 petabytes, which would fill a stack of DVDs reaching from the earth to the moon and back. By 2020, that pile of DVDs would stretch halfway to Mars.
In terms of RainStor’s rank in overall data center priorities, it’s high, given the speed of enterprise data growth. As our world continues to become more digital, the Big Data deluge will drive an increasing need for additional data center storage across all industries, including communications, healthcare, financial services, SmartGrid utilities, security, etc. This will place new levels of stress on our data centers, systems and infrastructures.
Central to RainStor’s unique product capabilities is the ability to compress and de-duplicate large data sets, enabling reduction ratios that are typically 40:1, rising to 100:1 with some data, through the use of four distinct, yet complementary, techniques. With RainStor’s data reduction capabilities, organizations can significantly reduce overall storage costs and enable a data center to run much more efficiently.
The four techniques include field level de-duplication, pattern level de-duplication, algorithmic and byte level compression. These don’t result in any loss of detail; instead, RainStor stores each record as a series of pointers to the location of a single instance of data value or pattern of data values.
RainStor offers a new class of Big Data repository, focused on long-term Big Data retention with continuous query access. With RainStor, data centers can go on a “Big Data Diet” or in other words, reduce the storage capacity and cost to keep large volumes of data online. For example, you can offload 180-day-old+ data from production to RainStor for your online archive, and retain query and analysis capabilities via standard SQL and various BI tools. RainStor achieves this at a much lower cost per terabyte stored. By having virtually unlimited amounts of data online and available, you eliminate the need for tape archive and therefore the time delay and manual effort to retrieve data from tape, which is risky especially if data sets are large and schemas have changed since the time the data was offloaded.
Data center and IT managers should carefully consider a tiered infrastructure and data management strategy to retain and store critical enterprise data for both business and external regulatory requirements. RainStor’s patented technology is primarily focused on reducing the amount of data stored, which also significantly reduces overall storage costs, and you can run on low-cost commodity hardware enabling you to lower overall total cost of retained data. Let’s look at the key benefits to RainStor’s unique capabilities.
RainStor benefits enterprise data centers in the following ways:
Dramatically reduces the cost and complexity of storing large volumes of historical structured and semi-structured data compared to traditional databases
Provides continuous access to historical data, which enables organizations to meet compliance regulations and to give business users access to broader data sets for ongoing analytics and BI
Allows organizations to retain historical data, on-premise, via public or private cloud and hybrid storage
Enables you to better control your data assets by auto-deleting records based on compliance retention rules.
Most large organizations today retain data for many years, and a 2011 DBTA survey reveals that data is retained forever. They will benefit from the following capabilities:
Specific use-cases would include compliance data retention, query and reporting and situations where you need to archive legacy application data on systems you are retiring due to consolidation or modernization efforts.
Continuous online access to larger and broader data sets that are query-able through standard SQL or BI tools whereby you can re-instate older data into production analytics environments for better results
Ability to compress or reduce data sets to a smaller, manageable footprint (~40 to 1 or greater) in order to reduce overall storage costs and scale as data volumes inevitably grow
Ability to retain specific data sets by pre-configured business rules, which allow organizations to easily purge data at exactly the right time. (Keeping data longer than required makes little sense and can in some cases be risky so automating this keeps data retention costs down.)
Ability to run on a broad range of hardware and operating systems, which ensures future flexibility
Compressing and reducing data to 95 percent means less storage footprint and provides not only significant savings for on-premise data center deployments but is even more economically attractive with cloud deployments.
Big Data presents a challenge for IT and is particularly pronounced in key industries including communications, financial services, utilities and healthcare because they are governed by external regulatory requirements for retaining and providing quick access to historical data for audits, reports and business analysis. IT must select the best technology solutions available to keep data for extended periods of time and more importantly, in the most cost effective way. For large global organizations, keeping and storing large volumes of data is a sunk cost, and doing so in the most efficient way is critical to staying ahead of the competition.
Investing in technology that compresses data at a high rate, satisfies stringent compliance and government regulations, provides ease-of scale and the fact that it’s query-able is critical for these organizations.RainStor solves this problem by delivering a unique technology capability that ultimately reduces the data footprint and makes the problem 10x less cost, when compared to a traditional database approach. Often operational systems become bloated over time with historical data sets, which can be offloaded to a RainStor archive for continuous data access. Additionally, instead of putting data on tape which is risky because you will have challenges with re-instating the data to the original system especially if it is voluminous. Data warehouse repositories can also be offloaded with large data sets to RainStor where that historical data can later be pulled back into the core BI system if deeper analysis is required in the future.
RainStor’s IP is on its unique compression capabilities where it uses a tree-based structure or a “binary tree” to store data that links the various instances of patterns together to establish data records. This means that the original records can be reconstituted at any time. This de-duplication process also means that the bigger the data set, the higher the probability that values and patterns will be repeated, and the greater the level of compression that can be achieved when loaded.
Take a look at this video by RainStor’s Chief Architect, which explains how extreme data compression is achieved to deliver significant reduction in storage footprint for cost-efficient Big Data retention:
- Stephen Chan, co-founder and vice president of business development with ZL Technologies (http://www.zlti.com/), says:
According to the IDC’s 2011 Digital Universe study, the amount of electronic information created and copied across the earth today is an astounding 1.8 zettabytes of data. That’s right, zettabytes: 1 billion terabytes. It’s a concept almost too challenging to wrap your head around in describing what could be a paralyzing phenomenon for many IT organizations. The same report also found that the world’s total volume of digital data is now essentially doubling every two years. If your IT group already feels like it’s drowning in data (and you are not alone), this news comes as no surprise.
Some companies have gotten better at purging their so-called “junk” data and organizing their “good” data. The trick, though, is to make all that data easily searchable and consistently findable; otherwise it has no real value for legal discovery. Despite recent technological advances, most IT organizations still have a long way to go to shore up their company for the continuous onslaught of digital data.
There are three things you should do to bolster your company’s data management capabilities before your system is overwhelmed:
Find a technology (software) vendor that is focused on advanced archiving technology with a track record of success in archiving projects and a team with tangible archiving expertise. Seek one consolidated solution that maintains one archive and is built upon one highly-scalable platform.
Arm your company with a software solution that is focused specifically on advanced archiving capabilities.
Make sure the vendor offers in-house expertise in archiving to help you avoid the “gotchas” and solve each piece of the data management puzzle: eDiscovery, archiving, records management, and compliance.
You can’t afford to waste time or money relying on a vendor whose attention is focused elsewhere, or who really offers just a bundle of 3rd party software that will cause you more headaches. Like many things in life, it’s wise to keep it simple. In doing so, you’ll be able to streamline all of your information storage and archiving practices, gain fast eDiscovery capabilities, and calm the data explosion swirling around your enterprise.
User connectivity is imperative in today’s enterprises and IT managers need to ensure that employees remain productive in the event of a system failure, otherwise the organisation suffers financially and industry reputation can be compromised if customer demands cannot be met. Infrastructure resilience is not only useful; it is needed to reassure customers, shareholders and partners that the business can remain afloat with a view to guaranteeing a certain level of service to sustain the current customer base and attract prospective clients. With a robust business continuity solution in place, organisations can maintain their business and reputation even in the event of unforeseen disasters.
Both Forrester and Gartner have reported that business continuity is one of the top business drivers for mid-market customers. This has also been reflected in recent high profile cloud outages which have illustrated the detrimental effects of downtime on the balance sheet. Therefore a continuous availability solution designed to protect the fundamental workings of the datacentre ensures critical business processes and operations can remain functional. If a problem occurs, the solution can take automated action and failover components within the ecosystem to a disaster recovery site and users are able to continue working without interruption.
In advance of deploying business continuity and disaster recovery software from vendors like Neverfail, datacentre managers will need to determine which of the organisation’s applications will benefit most from continuous availability support. In doing this they will ensure they get the maximum return from their investment. Prioritising applications, such as email and key business applications, showcases continuity cold spots that could cause large re-percussions during downtime scenarios.
In addition, when IT administrators are deploying Neverfail they will need to ensure that the hardware, application software and infrastructure can fully support continuous availability solutions.
To determine which applications will receive maximum returns from Neverfail technology, datacentre managers must estimate the likely cost to the business caused by data loss or downtime for their most critical applications. Typically they will gather this data by asking business owners to estimate the cost to the business incurred from downtime and data loss separately for periods of 4 hours, 1 hour and 15 minutes. This will allow managers to define minimum downtime requirements as a Recovery Time Objective (RTO), and minimum loss of data requirements, as a Recovery Point Objective (RPO) for each application. Managers can then determine the priority for implementing Neverfail by choosing those applications that do not support the required RTO or RPO calculated, and ranking these in terms of costs to the business if objectives are not met.
Before deploying Neverfail for a specific application, an IT administrator runs a Neverfail tool called SCOPE on each of the servers where they plan to deploy Neverfail. SCOPE will typically gather data for a one day period. A SCOPE report can then recommend changes to the customer’s environment to ensure it will meet the required RPO and RTO times. Examples of suggested changes are upgrading applications to their latest service packs, or verifying that the standby servers being used to protect the primary servers have sufficient disk storage.
IT managers should look for a single solution that protects against every potential failure mode for all their business critical applications. Specifically, IT managers need to avoid trying to deploy multiple availability solutions for different components. They may, for example, consider choosing a range of availability solutions to protect specific applications, virtual machines running on a single hypervisor, physical machines, or different types of storage device. The cost of deploying and managing various availability solutions will typically be high, and the resulting complexity can itself result in the applications being at more at risk of becoming unavailable.
Neverfail technology provides a single continuous availability solution supporting both high availability and disaster recovery for any Windows application across heterogeneous environments and runs independently of the type of storage used. This also means that when the IT infrastructure evolves with new versions of applications being introduced, as well as migrations to VMs and initiating new storage add-ons, the same Neverfail solution will continue to provide protection to eliminate any single point of failure.
- Sarah Carter, vice president at Actiance (www.actiance.com), says:
Have you ever logged onto Twitter and wondered what on earth that random conversation between two colleagues is really about? Imagine coming across it months or even years later and then trying to make sense of it. Whether it is for eDiscovery, disciplinary procedures or to prove a point on compliance, all business conversations need to be stored securely and social media is no different. The problem is that the process of archiving, storing and making posts easily retrievable is made exponentially more complex because of their multidimensional nature.
What happens to the social media archive if the conversation is taken from Twitter to another medium such as email? A perfectly legitimate action if you want to provide a detailed response to a customer question that is going to take more than 140 characters. Who joined a conversation within the chat function of Facebook and when they left, might be just as pertinent as the content when trying to understand the context of the entire conversation.
To meet most industry regulations and eDiscovery legislation requires special controls around how data is captured, stored, searched and recovered. Being able to archive contextually is of significant importance. Without it, even if organizations have implemented rudimentary measures to capture social media conversations, all they are left with is snippets of content and no sense of what took place without a time consuming reconstruction. That is of course, if it’s possible to retrieve all the content in the first place.
Archiving social media is also made more difficult because of the different channels available to users in which to participate. Unlike email where all messages can be driven through a designated email server, social media can easily be accessed outside of the corporate network such as home computer or on a mobile device. Key to be able to easily recognize employees in archived social media conversations, as well as controlling user activity and monitoring content, is the ability to identify individuals by their numerous social media logins and pseudo names back to their corporate identity.
In some industries, particularly in financial services where for some advisors there is requirement to control all electronic communication where the employee is identifiable, archiving and controlling content posted off–network is a prerequisite to social media’s use. With Regulatory Notice 11-39, FINRA explicitly points out that “Rule 17a-4(b) under the Securities Exchange Act of 1934 (SEA) requires broker-dealers to preserve certain records for a period of not less than three years, the first two in an easily accessible place.” Most organizations can’t – or don’t choose to monitor Facebook conversations, let alone have a searchable archive.
In addition, organizations must be able to demonstrate that posts and messages recovered are the same content that was originally stored and that it is a true representation of the original data. This requires a centralized archiving system that enables easy review of messages posted alongside detailed analysis of electronic conversations including file downloads both internally and externally. As with all tamperproof systems all of this information must of course include a complete audit trail of the auditor reviewing the information.
But there is no point in recording all of this information, if it cannot be linked to an employee’s corporate identity. Most people have different buddy-names on different types of media and possibly more than one account within one social network. Mapping user’s buddy-name to their corporate identity using tools such as Active Directory is crucial in producing a meaningful archive.
Of course, being able to retrieve content posted to social media in way that is meaningful long after anyone actually remembers what was said relies on being able to control the content in the first place and this can provide additional benefits. For instance one of the prerequisites for PCI DSS (the Payment Card Industry Data Security Standard) compliance is that organizations block all non-approved channels of communication. If you’ve approved social media’s use, then you need to be certain that credit card numbers and other personal information can’t leave the organization unauthorized.
Since traditional security infrastructures don’t detect many Web 2.0 applications and tools, this isn’t as easy as it first seems. Many legitimate social media tools and services are encrypted or use evasive techniques such as port hopping and tunneling to ensure a direct path straight to a user’s desktop or browser. Besides data leaking out, there is also the danger of malware entering in too.
The road is littered with soon to be forgotten social networks such as MySpace or Bebo, and whether Facebook will be as popular in two years time as it is today is impossible to say. But as with any archive it’s important to be able to retrieve the information a long after the application or service it was created on has disappeared. Implementing the technology required to create that archive will deliver more than just easy retrieval, it will provide the necessary security, management and compliance controls required for any business to embrace social media today.
