Even if there were no bad actors in cyberspace, enterprises still would have to protect their data from power outages, natural disasters, and human error.
Unfortunately, there are plenty of bad actors roaming the digital universe in search of companies that are potential hacking and phishing victims – and the bigger, the better. Just last year each of these organizations suffered severe security and privacy breaches:
• Anthem Insurance – The health insurance giant’s database was hacked in February 2015, exposing personal information – including names, email addresses, Social Security numbers, birthdays, income data, and employer – for nearly 80 million customers and employees.
• Ashley Madison – Members of the online community aimed primarily at married people seeking affairs were panic-stricken last summer when hackers posted their names and email addresses on the Internet.
• Internal Revenue Service – Hackers gained access to more than 700,000 U.S. taxpayer accounts from January 2014 to May 2015. Exposed data included names, Social Security numbers, and birthdates. The attacks on the IRS didn’t end there, though; in January 2016, there were nearly 500,000 attempts to access Social Security numbers, of which more than 20 percent were successful.
As you can imagine, these kinds of cyberattacks can have potentially devastating effects on businesses and organizations that fail to secure the data of customers, patients, taxpayers, and business partners, not to mention their own financial records and intellectual property.
The Ashley Madison breach led to a $567 million class-action lawsuit against the two companies that own the site. In fact, a National Small Business Association survey shows that 44 percent of small businesses report being victimized by cyberattacks at some point, with an average cost of $8,700 per incident.
For many small businesses, the fallout from a cyberattack in terms of financial cost, brand damage, and loss of customers can be too much to bear. The National Cyber Security Alliance has estimated that 60 percent of small businesses hit with a cyberattack will close within six months.
Backup and beyond
Effective data protection requires IT to ensure reliable backup and recovery of data in order to keep the business running and all company information safe. But as the examples above show, data protection also must extend to 1) securing data from hackers, phishers, and other cyber criminals, and 2) safeguarding the privacy of the data’s owners.
One of the best ways to provide added data protection that extends beyond backup and disaster recovery is to implement cloud solutions that provide the proper levels of security and privacy with the support of encryption technologies and safeguards.
Physical security also is important, since unauthorized access to cloud data centers and supporting infrastructure can lead to data loss and theft. Businesses in search of a cloud solution should be sure that the cloud host’s facilities are equipped with physical security features such as 24x7 security personnel, video surveillance, and restricted access using tools like biometrics and proximity key cards.
A more complete approach to data protection
Data protection requires a proactive approach that anticipates and safeguards against outages and natural disasters, as well as more nefarious threats to data. The data protection solutions offered by Acronis provide cloud-based and local backup subscriptions that feature easy-to-use consoles for central and remote management – combined with the latest encryption technologies and standards to keep date secure and private. You can learn more about the Acronis line of data protection products and services for businesses here.