Read all of John’s articles here.
Many terms are bandied about under the umbrella of data protection, and privacy and security are just two of them. So let’s forget the terms for a minute and have a look at some of the issues in managing data.
Aside from the fact that most of us now routinely store data outside of our working environment (offices and houses), we also now store much more of it than we ever did. Nearly every aspect of administering any business is done digitally and even if we are not actively storing the data ourselves, a significant amount of data is archived on our behalf – by banks, utilities, government – the list is endless.
So what are the possible risks to that data?
- Losing it so as to interrupt business.
- Having it stolen, so that other people can make money from it.
- Sharing it with people that are not authorised to access it, with potentially catastrophic consequences including legal liability
- Compromising employee’s personal information.
These are all fairly self-evident, but there are other possible aspects of security that are less obvious..
- Keeping it when you should be deleting it
- Having it but not being able to find it.
Let’s talk about the obvious ones first.
Before the Internet, most companies stored their data on-site. There was always a physical risk – for example that their building might burn down – but it was far more likely that the storage would fail before then. This could be mitigated by taking regular copies of the data and storing them in another part of the building, or ideally off-site. But it was clearly less convenient to store copies away from the office, so off-site copies might be made less frequently.
But what constitutes a copy? Copying a complete physical disk, say, at a particular point in time is known as a backup. However, if only a small amount of data is changed between backups, it is less costly to backup the complete disk once, then keep a record of every file that changes. This is known as an archive.
Many companies had and still have very ad-hoc ways of copying data. Without the luxury of an IT department, it is asking a lot of staff to take responsibility for keeping copies of their own devices, let alone shared devices such as email servers. Until, that is, a staff member loses a month’s work, and discovers that no copy was taken.
Sensible companies would have a backup and archiving policy, whereby there is a regular schedule of backups, and if someone could not be found to do it, then automatic procedures were put in place.
Of course, backing up data is useless if the only time the backup is checked is at the time of some failure. Part of the process should be to compare the backup with the original data, and periodically simulate a disaster to see if data can be recovered.
With the advent of fast internet, things changed. Although it took some time to adjust the psychology, firms realised it was more cost-effective to store their data remotely – in the Cloud. The data could be hosted by a specialist company that took responsibility for backing up data, and had the efficiencies of scale to purchase and manage massive amounts of storage – and much cheaper than they might themselves.
Getting it stolen
While fast Internet and Cloud storage reduced the backup problem, they potentially make the data much more vulnerable to being stolen – either by hackers or by unscrupulous individuals working for the data hosting companies.
Data is at risk in transit (ie on the wires or waves that carry the data) and in static storage, and both present different challenges.
One way to protect stored data is to have sophisticated authentication schemes (username/password) for users, but these can never protect against hackers who might discover a flaw in Cloud service enabling the hacker to bypass authentication – nor can it protect against users who share their passwords or equivalently, choose passwords that are easy to guess – nor employees of the service provider, who may have special privileges.
Such has been the scale of digital fraud that most service providers have introduced 2 factor authentication schemes whereby access to data relies on some positive confirmation via a separate media. In a typical scheme, a user logs into a service and is immediately sent a validation code via a cellphone, which must be entered before access given.
But this still does not protect against hackers or “inside jobs”. One way to thwart this risk is to encrypt the data – making it unreadable to anyone without the decryption key. The problem with encryption is that it makes it impossible to search unless at some point, the data is decrypted. This renders encryption of limited use in database applications that rely on search services. Many people are under the impression that in most of the searchable services – eg mail, document sharing, etc – available from companies such as Google and Microsoft that their data is encrypted – it isn’t.
Where encryption is useful is in protecting data in transit. This effectively secures against eavesdropping.
Sharing is caring
Within any organisation, different employees have different data access needs and this usually handled by a system of “users and groups”. Assigning access privileges to groups of users (say accounts, management, support,etc) rather than to individual users can greatly simplify the task of access administration. However, there is a vast swath of the population that cannot get their head around the concept, and as a result users and groups often create more problems than they solve.
Of greater concern to employees is protecting personal or confidential information, something best described as privacy.
It would be delusional to think that it is possible to prevent employees from using company email, telephones or computers for anything other than company business. While all companies can reasonably stipulate this in their employment contracts, this would be impossible, if not counter-productive, to enforce.
Yet for most companies, the majority of information could and should be shared. In less than 30 years, we have gone from storing correspondence in shared filing cabinets to, almost exclusively, to private email accounts. And even though the majority of company email would benefit from being shared, it is hidden for fear of sharing personal correspondence.
The Openness Dichotomy
While the media constantly headlines one security breach after another, we are hit from opposite angle of the need for and benefits of more openness.
GDPR has thrown this sharply into focus recently. Companies are now required by law to provide employees with access to any information stored about them, and in some cases, to delete it if required.
Without discussing the rationale behind GDPR, it does highlight the fact that while we may have a lot of data and it may all be very secure, there is no point in storing it if we can’t find it when we need it. Fortunately, companies are now recognising this, and are putting systems in place to be able to easily retrieve information as required, whether for GDPR or general business purposes.
In tightening our security and privacy, we must be careful not to throw the baby out with the bathwater. Sure, security and privacy are important but we have to balance the risk of it being compromised with the benefit of being able to get to it.