The Importance of Data Protection
Data breaches have become commonplace today, all too often there is news of another corporation or agency becoming the latest victim. While a network-attached storage (NAS) device is an important part of many businesses, often IT administrators treat the security aspects lightly, not taking the necessary precautions to protect the data stored on a NAS. In this article, we'll look at some of the threats, as well as why they matter.
One of the most overlooked threats to your data, including that stored on a NAS, is not malicious. One wrong click, one absent-minded deletion, or a single ill-timed overwrite and irreplaceable data can be lost. The more people who have access to files, the greater the risk. How then does one prevent data loss? While most, if not all, modern NAS devices include software that allows you to set access permissions, these features only work if properly implemented. Use read and write permissions to protect data and privacy.
While many companies go to great lengths to create a satisfying workplace, all it takes is one disgruntled employee to wreak havoc on an organization's data. Data theft, corporate espionage, intentional deletion and leaks of confidential information are just a few of the potential problems a disgruntled employee can cause.
Again, most NAS devices include software to minimize these risks, but software alone cannot stop someone who has ulterior motives and onsite access to your NAS. Best practices, access policies and regular audits are a vital part of data protection and ensuring a disgruntled employee doesn't damage your company. The fewer employees that have write or admin privileges to the NAS, the easier it is to manage and to minimize this type of risk.
Malicious hackers are often what come to mind when people think of the security risks associated with a NAS and, indeed, malicious hackers have certainly done much to earn this reputation. While a NAS is primarily designed to be accessed by devices on the local network, opening up outside access is a convenient feature that many businesses, and their employees in the field, avail themselves of. With that added convenience, however, comes additional risk and the need for hacking prevention measures.
As with the previous two threats, a combination of practical policies and security software can go a long way toward minimizing this threat. Enforcing the use of strong passwords, making encryption mandatory and having a policy for employees who use their own devices are just a few of the steps necessary to help protect against malicious hackers.
Apple, a company that has championed the privacy rights of its users, recently found its reputation damaged when the private photos of hundreds of celebrities were stolen from their iCloud accounts and leaked online. Apple has insisted the problem was not a security flaw in iCloud but rather a result of individual and targeted hacks. Still, Apple has not been able to fully shake the damage to its reputation and credibility.
Target is currently experiencing scrutiny from many sources including the U.S. Government for the data breach it suffered which exposed the private information of its customers.
These two examples alone illustrate the high stakes involved in data security and data protection. Countless other companies have suffered the loss of customers, income and trust for playing it fast and loose with sensitive data. For some, the loss of critical data and the ensuing fallout were events impossible to recover from.
To ensure your company isn't another headline, take the necessary time to understand the risks, to properly utilize the software safeguards at your disposal and to establish sound policies and practices to protect the data in your trust. For more information see our informative white paper "Using a NAS for Disaster Recovery".