Jaspreet Singh reports for Data Center Knowledge that every day 2.5 quintillion bytes of data are created and stored, according to IBM. That is a lot of data and companies of every size face the task of keeping their ever-increasing data safe. This becomes even more difficult as data exists outside of IT’s “four walls” and can move freely among many devices. Now add another layer: compliance. Mr. Singh points out, “In addition to HIPAA and GLBA, there are many mandates and regulations businesses need to keep top-of-mind.” Mr. Singh provides his recommendations to protect data while also managing compliance needs.
- Data protection and compliance are two sides of the same coin. “When done right, data protection practices protect the business at all times, capturing all data that employees create across the business and moving it to a secure secondary location. Compliance doesn’t work the same way; while there may be processes that have to be “compliant” in order for the business to run its operations, the team will tend to get involved when there is a change in regulation or a need for an audit to take place,” Mr. Singh explains. These audits can take considerable time from IT and Mr. Singh recommends taking a look at the processes in place for auditing and managing your data before an incident happens. There may be “smarter” processes and procedures to implement that will save you time down the road.
- Be proactive when it comes to compliance. Although routine audits can be predictable, a compliance incident is not. But, you can still be proactive and plan for an event by automating the processes you can to make accessing the data needed during an incident easier. Also look for areas where automation can help classify data into buckets or flagged potential issues.
- Recognize you need to manage to data end points not just central IT. Data now moves between difference devices, clouds and in and out of our data center. Data protection and compliance process need to extend out into all areas where data is used and created.
Being proactive and planning ahead are key to data protection and compliance.