Since cloud computing became mainstream, many Irish businesses in Ireland took a hybrid approach by moving e-mail, CRM or maybe their accounts applications to external providers, while keeping critical systems in-house. Meanwhile, the tapes they previously used for back-ups fell into disuse on the assumption that the data in the cloud was being safely duplicated and stored separately.
Not for the first time, where there’s cloud there’s confusion. Business owners or IT leaders may have assumed that because their cloud provider’s infrastructure is off-site, by definition the data is backed up, and therefore all regulatory obligations were being met. Not necessarily.
Rule 4 of the Data Protection Acts of 1988 and 2003 legally obliges organisations that hold information about members of the public to ensure they use ‘appropriate’ security measures, in order to protect that data from being lost or accessed inappropriately.
No-one knew what cloud was when the latter act was being drafted more than a decade ago, but our interpretation of the Acts is that organisations must have a back-up procedure that includes regular off-site back-ups and that the data must be checked regularly to ensure its integrity.
What the Acts do make clear is that no matter where data is stored, it is the responsibility of the organisation that controls the data to ensure its protection. At the very least, businesses need to talk to their cloud provider about the type of back-ups they carry out. Some vendors back up to different machines within the same site, which I would argue is not true back-up from a redundancy point of view.
It also leaves businesses exposed to the very same risk as if they had no back-up at all: compromised data which can have a financial hit either through non-compliance or through the loss of valuable information.
“At the very least, businesses need to talk to their cloud provider about the type of back-ups they carry out”
So why take the chance? There are lots of positive reasons why taking back control of your own back-up is a smart move for any business. It puts you back in control of your own archives and security. Even apart from ensuring regulatory compliance, having access to your own backups puts the business back in control of data retention periods. This makes it easier to locate an e-mail relating to a major sales deal from six months ago, for example. Although some cloud providers allow customers to extend data retention periods, there is often a cost attached to doing so.
On 1 June, KeepItSafe officially launched a new back-up service that combines encrypted back-ups of on-premise data with data stored in the cloud. Responding to growing demand for our partners and customers, this service takes the hassle out of managing data by presenting it in a single, easy-to-access portal. The system is proactively monitored and managed, so if your business urgently needs to restore a file or an e-mail at any time of the day, our 24/7 support desk based in Ireland can answer the call. There’s no business disruption; installation is non-intrusive and it takes less than 20 minutes per machine or per server to perform a back-up to one of our two Dublin centres that are accredited to ISO 27001 standards.
Don’t just tick the box marked ‘compliance’. Now is your chance to be proactive: get the benefits of cloud computing, while also choosing best practice processes in safeguarding your data.
Darragh Canavan, sales operations manager, KeepItSafe
Subscribers 0
Fans 0
Followers 0
Followers