Importance of Data Protection
The 2011 Cost of a Data Breach Reports, a study by the Ponemon Institute have brought to light some important
facts regarding data breaches. As per this report, malicious attacks are the most expensive causes of data breaches
as it comes to around $222 per record. Moreover, the study also found out that of all the data breaches reported
in 2011, 39% were due to negligent employees. This definitely shows that with hackers using the Internet to put
their malicious plans into action and with negligent employees being the leading cause of data leakage, there is the
need of effective measures to counter it.
The advent of the Internet technology has helped companies and organizations to carry out their business
activities at a lightning pace. Though the Internet has been beneficial to businesses on many counts, it has been
largely responsible for making companies and organizations vulnerable to both internal and external attacks.
However, with Internet becoming an integral part of modern life, the only possible solution to prevent data
leakage and data theft is to implement effective data protection measures.
Besides Internet, the influx of new technologies in the business arena such as social media, mobile and cloud
technologies have thrown open new ways to leak data. With mobiles being the new web access device, any kind of
vulnerabilities, design flaws, or protocol failures in any component of mobile applications, mobile devices and
mobile infra components would adversely affect security. So is the case with cloud computing. Though it is cost
effective and hassle free, cloud computing eventually means moving the corporate data beyond the four walls of
the organization to an internet based environment. Hence, ensuring mobile security and cloud security is highly
important to protect sensitive data from falling into wrong hands.
Unlike European Union’ Data Protection Directive and UK’ Data Protection Act, United States do not have a single
data protection law. In such a scenario, companies and organizations have to implement self-regulation in order to
deal with the issues of data leakage and data theft. Enterprises need to deploy a data protection framework
comprising of measures such as data classification, data flow analysis, and use of tools like data loss prevention
(DLP), information rights management (IRM) so on and so forth. Several service providers are there who can help
companies and organizations in deploying comprehensive data protection framework across their information
lifecycle. Such a move would help enterprises not only in ensuring compliance with various regulations but also in
safeguarding company reputation.
Read more on - privileged identity management, Information Risk Management, identity access management