Tag Archives: USB

Best Practises to Protect and Recover Data — Part II

In Part I, we discussed best data protection practices, such as developing plans, how to handle devices, checking for legal obligations, setting up metrics, and restricting access. In Part II, we will continue discussing further best data protection practices.

6/ Centralised Data Management

It is important to update data through reporting, monitoring and policy enforcement through centralised management policy. It will help new employees as there will be just one system to understand.

7/ How Employees Should Work?

Companies must understand how their staff should respond to the recovery plan. There must be some formal benchmarks, ways to improve performance of staff and to make data effective.

8/ Check and Re-Check the Plan

To meet compliance standards, big companies are bound to check their plans. Small companies can practice their specific standards to test how much time recovery plans take in case of any failure. Complexity or depth of a plan must be related to cost analysis (hourly cost when data is not in access).

9/ Backup Frequency

To reduce the risk of data loss, companies need to have frequent backups at geographically dispersed locations. This means, redundancies should be in place. The key is to know your data so that you can store them in tiers, with mission-critical data segregated and stored in highly available vaults, where as, older, less accessed data stored in cheaper servers.

10/ Damaged Hard Drive

If your hard drive fails, you are better off calling a data recovery expert rather than trying to figure out yourself. Data recovery specialists have years of experience dealing with hard drive failures.

11/ Pick the Right Provider

Choose established experts that use clean rooms and are credible. Read customers reviews on these companies before making a decision. Contact their references,

Sometimes, even the best practices could go wrong; so firms must adopt some precautionary measures to retrieve information:

  • Use free utilities to help you retrieve data from USB sticks or hard drives, while making sure that they provide support and are free from malware. Select the most reasonable tools to restore data accurately and quickly.
  • Use cloud storage and local hard drives simultaneously for reliable backups in order to eliminate the chances of data loss.
  • Implement data centre redundancy for maximum protection. Avoiding redundancy to save a little is not wise.
  • Search a partner that is well-reputed and who can provide round the clock support through phone and email.

Data Protection: how much do you value your data?

Within recent weeks, there have been two data loss incidents which have been widely reported, from a large national oil company who have suffered from a cyber-attack to an individual who lost everything as hackers managed to gain access to his iCloud account. It is now imperative that if you value your data, you will do your all to ensure that it is appropriately protected.

The world’s largest oil firm, Saudi Armco, was successfully targeted by hacking group The Cutting Sword of Justice. They used a computer virus, known as Shamoon to cause the damage which resulted in 30,000 workstations being affected.

All the affected workstations have now been fully restored and have been added back onto the internal network. It did take a bit longer for the website to be brought back online and for their email service to be in full working order, the impact of this data loss has been significantly reduced due to the data protection measures that were in place.

This attack demonstrates the importance of adequately protecting your data, be it business data which if lost, could have a detrimental impact on your company or personal data such as family photographs which are priceless. Keeping one copy of your data is becoming more unsecure as each day passes and can cost thousands of pounds to recover your data if it hasn’t been properly backed up.

This is shown when stories about Matt Honan’s data loss experience were published when he had his iCloud account hacked. This resulted with hackers wiping his iPad, iPhone and MacBook. Hanon had to pay for the services of a data recovery specialist who managed to recover around 75% of the deleted contents but this came at a cost.

Honan stated, “The bottom line is that I have all my photos and all the home movies I’ve shot. Every one of them. And seemingly all of my most important documents as well. That felt like a miracle. The bill for all this? $1,690. Data doesn’t come cheap.”

At the end of the day, it comes down to how much you value your data. There are several ways to backup your data from USB hard drives and tape to independent cloud backup services. Due to the vast range of products that are available, there is a solution out there which will protect your data and save you time and money in the event of a disaster.

Do you value your data? Do you protect your data?

Carbonite’s “unlimited online backup” deemed not unlimited

In relation to a recent blog entry by Sam last week where he discussed consumer vs. enterprise online backup, it would seem that one consumer product has been misleading its customers through one of its advertising campaigns.

An article published by Cloud Pro last week reported that the Advertising Standards Agency (ASA) had ordered consumer product Carbonite to revise its use of the phrase “unlimited online backup” on its UK website.

The article published by the ASA states that the ASA received no response from Carbonite Inc. following their enquiries and their assessment was that “although unlimited amounts of data could be uploaded, we noted that if data uploads exceeded 200GB, less bandwidth would be available resulting in slower back up. Because it did not make this clear, we concluded the ad was likely to mislead”.

The findings of the ASA found that the advertising campaign in question was in breach of six advertising codes, one of which cites that all marketing communications must state significant limitations and qualifications. Qualifications may clarify but must not contradict the claims that they qualify”. Subsequently, the ASA has told Carbonite Inc. that they should make clear any reduction in upload speeds when using the online backup product.

Carbonite responded directly to Cloud Pro saying that they were not contacted by the ASA and that “the Carbonite home service is unlimited as we offer unlimited backup space.  We don’t offer or claim to offer unlimited bandwidth [and] we hope that – with more information on Carbonite’s backup processes – the ASA may reconsider their decision. 

The packages offered by Carbonite range from Home to HomePremier, as well as a package for small businesses. However, the limitation to bandwidth could become a major issue in the future, especially if you are a small business looking to upload your entire company data to the cloud.

Consequently, this is another example where a consumer product can limit and threaten a business’s ability to carry on if it were to experience large or total data loss.  A reputable enterprise level solution has no limitation on its upload speed whatever the data size. In addition, any true enterprise level solution, especially one providing online backup as a service, would offer the ability to upload the initial or seed data to a USB hard drive in an encrypted format on site. This is then transferred and uploaded quickly to its data centre. Since every subsequent backup is incremental and encrypted also, backup windows are short ensuring all data is sent quickly and securely.

Data loss affects 800 hospital patients

It has been revealed that East Surrey hospital in Redhill have lost an unencrypted USB memory stick that contains confidential records of 800 patients. The data loss was revealed in the Surrey and Sussex Healthcare NHS trust annual report which stated that it had occurred in September 2010. Local press who have access to this document reported that the unencrypted USB memory stick contained information regarding patients’ dates of birth, names, addresses and operation details. The hospital decided not to take up the option of informing the affected patients of this loss.

Surrey and Sussex chief executive Michael Wilson said “All staff should always use encrypted memory sticks when transferring patient data. It is regrettable that this didn’t happen on this occasion and the member of staff has been taken through the Trust’s disciplinary procedures and has received further training.”

An unexplained issue regarding this data loss is that the hospital has a policy in place that demands that all data being kept on removable data drives should be encrypted. This case shows a clear sign of negligence and raises concerns over how much data is being transported without being encrypted beforehand

The Check Point UK managing director, Terry Greer-King stated “The incident shows that security policies do need to be enforced by solutions that automate data encryption and bar the use of unauthorised devices, so that users have to adhere to those policies.”

This isn’t the first time and most probably will not be the last time that data from hospitals is lost, compromising sensitive and confidential data belonging to hundreds of patients. Only last year, an unencrypted USB stick belonging to the East & North Hertfordshire NHS Trust which contained details of patients conditions and treatments was carelessly lost on a train by a junior doctor.

This latest case isn’t good reading for those involved in the NHS as The Information Commissioner’s Office (ICO) released figures in 2010 showing that the NHS recorded the highest number of data loss incidents of any UK sector.

It is very clear that the NHS Trusts have been treated very leniently regarding incidents of data loss and have managed to avoid the punishments and sanctions that private companies face if such incidents occur.

Grant Taylor, a VP with encryption and security specialist, Cryptzone stated “Had this been a private company, rather than an NHS Trust, the organisation would have been publicly censured and a large fine levied under the Data Protection Act.”

Leicester City Council suffers data loss, again

A USB memory stick containing the details of around 4,000 people has been lost by Leicester City Council.

The loss, which was confirmed to a local paper, has been reported to the Information Commissioners Office (ICO) who have started their own investigation into the breach. The 4000 people in question were signed up to a service called LeicesterCare, which supports vulnerable city residents. The details contained medical details and 2000 keysafe codes that allowed carers into residents homes.

A spokesperson for the council confirmed the data was encrypted. However the stick was supposed to be stored in the council offices in a locked safe each night.

The spokesperson states “We can confirm we are investigating the possible loss of a data device that contains personal details of around 4,000 LeicesterCare users. At this time we have no reason to believe this data has been removed deliberately”.

Two years ago the council suffered a similar data breach when a USB stick containing the details of a number of children went missing. At the time it was unclear if the stick was lost or stolen, however it was unencrypted. The stick went missing from a council run nursery and contained the names and addresses of the children.

Data Breaches Costing UK Companies More

A leading data security firm has released a report stating that malicious or neglectful data breaches are costing UK companies more. Average annual costs have risen for the third year in a row, which now stands at £1.9million.

These costs are based on the clear up process after the breach as well as loss of customers and the processes of rebuilding damaged reputations and trust with customers. The largest breach in 2010 cost one company £6.2 million, £2.3 million more than the previous year’s largest cost.

37% of the breaches where down to system failures, with either errors with the technology or the policies in place for the companies data management systems. 31% of cases were down to employee negligence, with data being lost on laptops, USB sticks and phones.

A spokesman for the security firm said that cyber criminals were causing the most expensive threats to data security, with costs generated of the recovery process. Further expense was incurred by attracting new customers something which could be escalated if the breach became common knowledge.

The spokesman went on to say that companies needed to be more active rather than re-active to these breaches. “Putting measures in place after the fact is not good enough anymore,” he said. “Companies need to be alert now rather than waiting for the event to happen.”

Also high standards in compliance and regulation burdened companies even more than previous years.

Our Customers

  • ATOS
  • Age UK
  • Alliance Pharma
  • Liverpool Football Club
  • CSC
  • Centrica
  • Citizens Advice
  • City of London
  • Fujitsu
  • Government Offices
  • HCL
  • LK Bennett
  • Lambretta Clothing
  • Leicester City
  • Lloyds Register
  • Logica
  • Meadowvale
  • National Farmers Union
  • Network Rail
  • PKR

Sales question? Need support? Start a chat session with one of our experts!

For support, call the 24-hour hotline:

UK: 0800 999 3600
US: 800-220-7013

Or, if you've been given a screen sharing code:

Existing customer?

Click below to login to our secure enterprise Portal and view the real-time status of your data protection.

Login to Portal