Preventing and Planning for a Data Disaster

Only a few years ago, one's worst computer nightmare was having their hard drive wiped clean by a Trojan horse virus. Today, that would be the only a fraction of a corporation's concern. The ability for sensitive information to be stolen for a corporation has proven to be a greater headache for organizations and governments alike.

Lawsuits, fines and new regulations have conspired to make a data loss extremely expensive. So, similar to preparing for a natural disaster, an organization should have a continuity plan for their data recovery. Data breaches usually occur as a result of human error or a hacked network.

The easiest way to reduce your data loss risk is to cut back on human error. This could be anything from the loss of a laptop or external storage device to the theft of either as a result of being left unattended. There is only one word needed to eliminate human error...accountability. You have train your employees to be accountable for the data that they access. Remember that change comes from the top down. So, your department heads, directors, supervisors must embrace the change and emphasize its importance to new employees. Your organization should also consider the following. Preventative measures such as purchasing laptop lock devices for frequent travelers can often make all of the difference. These devices range in price from $10 to $89. Other ideas include small training seminars on data loss and prevention, emailing prevention tips and HIPPA laws to targets employees. Also, defining what your organization refers to as sensitive information is important.

After you get your prevention policies in place, you should start working on your plan of action. If the resources are available, create a committee to oversee this endeavor. There should be 5 aspects of your plan. These include, identifying and notifying victims, containing the loss, working with law enforcement, dealing with the media, and providing a outlining the steps that will be taken to prevent a similar situation from occurring again. Now aside from your plan, the committee should also keep you abreast of the latest federal and state disclosure laws. California kicked it off with passing regulations for the amount of time and the manner in which victims should be notified and 33 other states have followed suit. Researching cyber insurance options and possible data recovery organizations should also be covered by the committee.

A data continuity plan is essential in this new age of technology. 2007 saw the most reported data loss incidents and this is a trend that is only expected to increase. Knowing how to respond ahead of the disaster will save you money and time.