46

Info

security To

day

May/June 2005

co

lu

mn Data regulation —

what do you need toknow?

Tim Wilkinson

Tim Wilkinsontim.wilkinson@intechnology.co.uk

High profile fines have recently been imposed on individualsand companies for failing to protect electronic data — dramaticevidence that this is now a matter of personal concern for allsenior managers, not just the person in charge of IT.

The quality, integrity and securityof business records are now the

direct responsibility of a company'sBoard of Directors. Data regulation ishere to stay - what actions can youtake to protect yourself, your businessand your clients’ businesses?

Managing risk

As businesses become increasinglynetworked and commerce reliesmore heavily on electronic communication (both internal and external), so our businesses becomemore vulnerable to electronic failures, disruptions or loss of data.The current climate has an extensive and serious list of poten-tial threats to business, such as malicious acts, vandalism, virus,hacking, bomb, fire, flood software,hardware or application errors, andpower outage.

Are you ready?

Most businesses are expected tohave some plans or procedures toaddress these risks, and internationalstandards are driving the agenda onrisk management and corporate data protection.The table below outlines the scope of some of thesestandards:

What steps should company directors take?

There are a number of questionswhich Boards and IT Directors shouldask themselves, such as:

(i) Is it still appropriate to pass physical unencrypted tapes of my company's data to an employee or external courier?

(ii) Should my corporate data reside in a central city location where, in the event that I can not access that office, my business cannot continue?

(iii) Can I save money by centralising servers and storage in a facility managed by an external provider with both expertise and economies of scale, which I can use to my advantage?

Outsourced managed services

There are a number of infrastructureservices from various providers that arespecifically designed to address theseconcerns. Secure data storage throughan outsourced provider is proving to bean attractive and cost effective optionfor businesses of all sizes, from publicto private companies.

With outsourced data storage,copies of all data are held offsite in a

remote data centre, far from the cor-porate buildings. Data is encrypted,backed up and transferred via securecommunications links to the data cen-tre where it is held until required forbusiness continuity. Servers, applica-tions and data can be replicated tothe data centre so that they are rapid-ly available in case of any breakdownor loss of data at company offices.

In cases of disaster or severe dis-ruption, a company’s applications anddata can be accessed by staff workingremotely, assuring seamless businesscontinuity. Data integrity, confidential-ity and security is assured, meeting allcurrent and likely future require-ments of data regulations.

Business continuity

Using outsourced data storage forassuring data security also has the potential for major cost savings.Investment in managed services forbusiness continuity computing re-duces IT management costs, improvesefficiency and above all ensures thatbusiness continues unaffected in theevent of significant disruption.

Tim Wilkinson, Sales Director,

Managed Services

Tel: +44 (0) 1423 850 000

Web: www.intechnology.co.uk