Brillstein Security Group

>>go one page back

 Back to overview main page

IT and Data Security, Data Back-up Service, Data Storage

An in-depth data and information risk assessment should be one of the first tasks of any decent, modern risk manager. It is of the UTMOST importance for any company to identify IT threats and to protect your company’s data and information, to STOP all IT weaknesses, to identify the individual needs of the company and to provide for a customized and over-all security solution for the company. It is no secret that information is one the KEY assets of any company. Information is always target number one by competitors and attacks by data thieves, hackers, foreign intelligence services and the like. You MUST make it top priority to protect your information, to organize a functioning data back-up including long-term data transfer to the most recent kind of data holding media (data loss by aging hard drives and such problems which are URGING issues but ignored by many security managers!), to STORE your data back-up safely and NOT within your company premises (consider natural disasters, fire, water, vandalism, man-made disaster etc.). Other areas of concern are the internet and e-mail.

A full IT risk assessment must be conducted by experts of the matter - Brillstein Security will provide you with high-end services. It is also wise to not separate the IT security from the overall security concept. It is thus important to fold the IT assessment into the overall risk assessment process and create a professional and complete security plan which includes IT security. The following are some services needed for any modern company using computers and the internet.

  • a full information risk assessment, highlighting the threats to a client's system, the weaknesses within the system and the impact these risks have on the business. We then recommend methods to protect the business from the identified risks
  • advice and guidance for clients to develop information security policies and controls
  • a BS7799 pre-audit to ensure that a client’s system meets all of the requirements of the full BS7799 audit
  • an informal review of a client's system with advice on areas where information security should be improved
  • incident management planning and training programmes so clients can respond effectively to incidents such as a hacker attack or a virus outbreak
  • crisis management planning and training programmes that help clients respond effectively to a crisis that may have a serious and possible long-term effect on the company, such as a letter threatening to destroy all company information
  • disaster recovery planning
  • a business continuity programme that enables a business to operate without access to vital assets, such as a serious gas leak prohibiting access to a building for several days

Many companies have already understood the need for regular data back-up. By a couple of highly important issues are mostly still being ignored:

1.     data media such as CD, DVD, diskettes, USB sticks and hard drives only have a limited life.  All data media experience an unavoidable aging process. Data loss will occur after a certain time. Self-made CD or DVD copies may have only 1-3 years of time before the aging process will lead to data loss. Hard drives may start at 3-5 years to age to a degree where data loss occurs. The manufacturers of these media usually state longer "life" of their product but they will NOT guarantee you that the data will be safe that long... and there’s also the very high risk of data loss by improper handling and storing these data media. And there's yet another problem that WILL definitely occur: many types or data media will be outdated in a very short period of time. Do you still know the old floppy disks and 3 ¼ inch-diskettes? Many people still have them somewhere in the drawers, but try finding a computer today that can still read these media... You'll have a hard time doing that... CD and DVD will be outdated in just a little while. You'll face the same problem with them shortly. What will be the standard in 5 or 10 years from now? NO ONE knows that today but one thing is certain standards will change rapidly and today’s media will go the way of Betamax and VHS video – they will disappear. You MUST consider these problems and take action TODAY. It is easy to understand the consequences to the company of data loss. This simply CANNOT happen. But only a very little percentage of companies have competent counter-measures in place. That is a real THREAT to economy and society, yet no one seems to care in private business. Governments and major libraries have reacted and put measures into place but the danger lies on the side of the private companies which still today seem to be ignorant of this problem; even most security managers are not up-to-date on these problems, not informed and thus don't properly counsel the companies.

2.     storage of data media with your data back-up is a very critical issues, too. In order to prevent data loss or at least to slow down the aging process of the data media, you must store your back-up media correctly. Mishandling and incorrect storage will destroy data. It's as simple as that. But even if you do store your back-up media correctly, it will still be a question of WHERE to store them. Do you put them in some drawer or on some shelf in a regular office cabinet or even in a safe? What about temperature and air moisture? Do other employees know where the data has been stored and have access? Are the data media really safe? What about fire incidents, water leakage, vandalism, theft, or natural or man-made disasters, what about terrorism? All considered, are your data back-ups REALLY safe?

Brillstein Security offers you full counsel AND solutions regarding all these issues and others concerning your IT, data and information security. Please contact us any time with any queries you might have.

Links:

 Back to overview main page

Back to top

BSG (c) Copyright 1990-2022
All Rights Reserved | Privacy Policy
Company     Services     Partners     Counsel   Training    Contact