Data security expert Tony Dyhouse has called for public and private sector organisations to radically change the way in which they deal with data protection and backup. Writing for V3.co.uk Mr Dyhouse proposed that the creation of a culture of constant data security can be the only solution to the continual stream of data loss incidents.
The embarrassment and the damage caused by data theft and loss has weakened public trust in a whole host of organisations in recent months, with thefts from within St Albans City Council and a pair of NHS premises cited by Mr Dyhouse as symptomatic of the wider problem.
Mr Dyhouse said that the main problem is not occurring at the level at which most IT managers typically focus their attention; namely the security and encryption of networks and data storage systems themselves. Rather, it is rather simplest steps that are overlooked, allowing data to leak through channels that should be plugged.
In his article Mr Dyhouse suggests that the main reason for data security being demonstrably inadequate in many businesses is that there is simply not enough being done to reinforce the importance of proper protection and storage techniques with the relevant people in these organisations.
The argument extends beyond the protection of data alone, with Mr Dyhouse adding that if data is stored on a single hard drive rather than remotely on a unified server system, there is no way of knowing whether adequate backup and updates are taking place. With private information relating to millions of customers handled by certain organisations, the policies that those in charge implement in order to keep the data safe are seen to be disproportionate to the size of the risk which is posed by loss or theft.
The Information Commissioner’s Office (ICO) outlines the key strategies that businesses and public organisations are encouraged to employ in order to ensure that they are able to adequately address the threats that face their data. However, Mr Dyhouse believes that in a majority of cases these are being ignored.
The proposed solution can only be effective if proper data security and backup practices are made a mandatory part of daily life, with contingencies in place to deal with any event may breach the established rules.