How to create an effective data-at-rest security strategy
Over the past few years, the cost of data loss due to inadequate protection and more advanced hacking has grown to a more serious level.
Small businesses are dealing with several risks associated with securing data: from hacking and other malicious attempts to mounting compliance concerns to address privacy mandated by internal policy and GDPR. It has become even more crucial for businesses to guard their data on top of customer data and intellectual property (IP).
But how do you secure your data in a manner that is less intrusive and more transparent? The key elements of an effective data protection strategy include the hard drives in the data centre, inside servers and dedicated storage. Without proper protection, the storage in these devices can be physically removed and forcefully hacked using many of the available data retrieval methods. Proper security methods require an intentional approach to building a data security strategy (also called data-at-rest) for businesses.
To develop a successful data-at-rest security strategy, you’ll first want to answer some essential questions:
- Where is the data located?
- What is the data’s level of sensitivity?
- What is the best method to keep it secure?
- How does the data move within the organisation, across multiple networks, remote sites or even into the cloud?
The creation of key management systems has helped lessen many of the concerns linked to data-at-rest protection while meeting the need to secure data across the business. These systems reduce the risks of servers and hard drives potentially walking out of a secure or non-secure location and then being unencrypted by a third party if keys are in the device being stolen. A central key manager helps you create and manage keys in a secure way while encrypting your business hardware. Key managers leverage and follow a variety of cryptography standards, including FIPS and KMIP. Enterprise key managers store keys on a separate, highly available system to avoid keys being taken with devices, such as servers.
Those looking for another tool to help with transparent, near-real-time encryption, should consider using self-encrypting drives, also known as SEDs, for their servers. Deploying SED drives makes securing data quick, thanks to their built-in encryption feature. And SED drives with a key management system help encryption and decryption become more transparent and faster.
Dell offers security capabilities to address data-at-rest protection requirements for businesses. The Dell EMC OpenManage Secure Enterprise Key Manager is embedded in Dell EMC PowerEdge servers and works in combination with leading key management servers.
Dell is offering extensive discounts to professional ITPA members. For more information head to https://www.itpa.org.au/member-discounts/#Dell or email ITPA’s account executive at Dell: Dell.Associations.ANZ@dell.com.
Information Technology Professionals Association (ITPA) is a not-for-profit organisation focused on continual professional development for its 18,700 members. To learn more about becoming an ITPA member, and the range of training opportunities, mentoring programs, events and online forums available, go to www.itpa.org.au.
Measuring inefficiency
With a view to improving my 'leanness' and stop myself working so many extra hours, I...
Cybersecurity advice in the wake of Ukraine
In light of the current situation in Ukraine, the ACSC is urging all Australian organisations to...
Why major IT changes can wait
Attempting major IT changes late in the day — or week — can be a recipe for disaster.