Companies today realize the threats and consequences of data loss and by now most have some sort of data protection in place. But, many companies that were rushed into data protection by the fear of losing precious data may have been too quick to throw together a patchwork quilt of security software, which is now proving costly.
In the rush to get data protection in place, many companies frantically stitched together technology from various vendors and overlooked issues such as software integration and policy. The fear of leaving themselves vulnerable to data loss resulted in a lack of planning and processes for technology implementations, and has left them dealing with the consequences.
Now that technologies are in place, companies are faced with ongoing auditing and the need to prove to auditors that 1) they did enough to protect themselves and 2) they chose the right paths of protection. In fact, despite implementing a slew of security solutions, companies are finding that they may have not done much to actually lower their risk because they didn't actually understand what data needed to be protected in the first place. Furthermore, the mishmash of security solutions is impossible to manage and have greatly increased costs.
To make matters worse, those who haven't yet implemented data protection technology are seeing the spike in costs other organizations face from data protection and are beginning to evaluate a dangerous risk equation. They are willing to run the risk of not protecting their data and face the consequences and costs of a potential data breech as opposed to dealing with implementing what they feel are costly and complicated data protection solutions. Once companies decide that data loss is a more desirable option, there is a big problem.
Companies can have peace of mind that the hidden cost of data protection is manageable. By implementing a centralized management console, data can be managed from one location and be easily and consistently harvested for auditing. Furthermore, one management console will cut the number of IT staff needed to deal with the security technologies, freeing up time for other IT issues and reducing costs. Centralized management also enables event monitoring and incident details to prove internal and regulatory compliance to auditors, so companies can be confident that they are taking the necessary measures and their security is under control.
Those who haven't implemented data protection have an opportunity to avoid the hidden cost of data protection. Taking the time to first understand the data on hand is necessary and beneficial. Then, understanding the importance of integration and automation of different technologies and the resulting benefits for auditing and compliance will reduce costs, streamline operations and keep auditors and IT managers happy.
Parkerson is data protection product manager for McAfee. Network World is an InfoWorld affiliate