 "CIO's Blueprint For An Effective Data Protection Strategy")
With security being the prime focus of IT leaders, Rajesh Brid, VP- IT Hathway Cable & Datacom,talks to Biztech2.com about data security and privacy, and how enterprises can grow with the help of effective lifecycle management. He also shares some pointers for an effective data protection strategy.
What best practices do you recommend to cover the different aspects of data protection?
One can safeguard data by making offline copies of the same. It can be restored in the event of disaster or data corruption. Backup of important servers should be taken on regular intervals. When the backup is taken, it should be stored at a remote location which will protect against physical damage of server or building i.e. Remote data management. A number of companies face the risk of tackling unwanted traffic and attack from the outside network. This is where system security comes in where firewall and network devices are used for protecting datacentre servers.
When we talk of data protection at the user end, which essentially means the employees of the organisation, their workstations should be equipped with updated antivirus software. CIOs can choose to implement biometric security systems and have restricted access for datacentres. To avoid data leakage, administrative rights should not be granted to all and the use of USB storage devices and CD ROM drives should be forbidden within office premises.
What strategy do you follow to ensure effective data backup?
In our organisation, we have implemented different types of backup such as Database DR, Cold & Hot Backup etc. To give a small brief on each one - Database DR is implemented for business critical applications. Oracle RAC backup is implemented for business critical applications. Both Cold Backup and Hot backup are taken regularly. To have efficient backup system we also have Tape backup. Every day we do the Incremental Backup and full backup is taken both on weekly basis and monthly basis. Monthly Backup tapes are sent to remote offsite location which protects against physical damage of server and building.
What makes for an effective data protection strategy?
Any data protection strategy will work only if we minimise the risk. We should think about benefits in the long term than having a short term goal. Only then the strategy will be effective when it’s brought into practice.
What are your recommendations to help prevent data breaches?
As far as prevention of data breaches is concerned, one can take the following precautions:
Physical Access Controls: Where datacentre access is restricted to only appropriate IT staff
Network Access Controls: Only restricted users can access the servers
Data Encryption: Data should be stored or transferred in encrypted form
Discover-Fix-Control: This is a 3 step process where: In the ‘Discover’ stage, one is identifying data vulnerabilities; In the ‘Fix’ stage, one must have remediated the identified data vulnerabilities; and in the ‘Control’ stage, one should take care that same vulnerabilities do not occur in future.
What are the different stages in Data Lifecycle Management and which stage is most critical from a security standpoint?
We can divide lifecycle management into five stages – Define, Inventory/Evaluate, Obtain, Access and Maintain. On a closer observation I would consider the ‘Access’ stage and the ‘Maintenance’ stage as the two most critical stages.
Data requirements should be characterised on basis of business-driven user need. In the subsequent ‘Inventory’ and ‘Obtain’ stages, there will be the creation and publication of a detailed list of data assets and data gaps (both internal and external) as they relate to business-driven user needs. Once this is done collection, conversion, transformation, exchange, or creation of geospatial data that were selected to meet the business needs will be identified.
When it comes to Access stage - the produced data is made known and retrievable to the community through documentation and discovery mechanisms, so that the users can meet their business requirements. All these stages then have to be maintained regularly which will ensure their smooth running.
How can Integrated Data Lifecycle Management (IDLM) help enterprises achieve business growth?
IDLM improves visibility and decisions based on high-quality data. It also enables up-selling through cross-functional relationships between enterprise entities such as customers, products and services. Through IDLM we can also reduce costs and redundant expenditure. To cite an example, if a company maintains quality database which contains correct names and addresses, the cost of mail dispatch goes down considerably.
IDLM also helps enterprise focus on core business and strategy. There is also a high potential to create competitive differentiation.
 "Israel targets top Hamas leaders in Doha; Qatar, Iran condemn strike as violation of sovereignty")
 "Nepal: Oli to continue until new PM is sworn in, nation on edge as all branches of govt torched")
 "Who is CP Radhakrishnan, India's next vice-president?")
 "Israel informed US ahead of strikes on Hamas leaders in Doha, says White House")
 "Israel targets top Hamas leaders in Doha; Qatar, Iran condemn strike as violation of sovereignty")
 "Nepal: Oli to continue until new PM is sworn in, nation on edge as all branches of govt torched")
 "Who is CP Radhakrishnan, India's next vice-president?")
 "Israel informed US ahead of strikes on Hamas leaders in Doha, says White House")
