It’s 5 p.m.: Do you know where your data is?
If you are like many organizations, you believe your data is secure, locked down tight in a virtual platform, safe from criminals who want to steal it and use it for nefarious purposes. You may want to think again.
While in some ways storing data in a virtualized environment keeps it safer than storing it in a physical server onsite — you have less chance of data loss due to a natural disaster or from someone walking in and actually physically removing the server — for the most part your data is no more secure on a virtual machine than it is on the physical server in your building.
The good news is that the number of organizations reporting data loss from a virtual environment decreased significantly between 2011 and 2012, but the fact that anyone is permanently losing data at all begs the question of whether data is safer in an online environment, and whether or not organizations are taking the appropriate precautions to avoid data loss in the first place.At least that’s the conclusion revealed by one recent study. According to survey respondents, almost 80 percent believe keeping data in a virtual environment decreases the likelihood of data being lost, even though almost 40 percent of those same respondents report losing at least some data in 2012. Among those who did lose data, almost a quarter never recovered it. And considering that the nature of virtual servers means that they often contain significantly more data than physical servers, the consequences of such a loss can be debilitating, if not devastating, to some organizations.
The bottom line, according to experts, is that data can be kept secure from loss, which includes breaches, in the virtual environment — if a few critical security precautions are in place.
Why Data is Lost
There are a number of reasons that data is lost from virtual servers. While some consider a data breach a “loss,” since the notion of sensitive information falling into the hands of a hacker constitutes a certain form of loss, in this sense the term “loss” refers to data that is literally “lost” — it’s irretrievable for one of several reasons. The most common reasons for data loss include file or disk corruption, deleting virtual machines without backing up the data, storage and server hardware failures, and human error. Malware, viruses and other malicious attacks can also lead to data loss, highlighting the importance for a solid data management program, disaster recovery plan, and security and administration practices.
Best Practices for Data Protection
Because a data loss can be devastating, it’s important to follow a few best practices to avoid potential problems. These practices include:
- Regular backups. One of the most common causes of data loss in any sector is inadequate backups; either the backups are not run often enough (or even at all) or properly. Ideally, an image-based backup system should be used to ensure data integrity, along with regular checks to avoid corrupt backups at the time they are needed most.
- Virtualization security solutions. Security is vital in the virtualized environment. Protecting the virtual environment requires a comprehensive and customized security solution that adapts to your unique environment and protects against advanced, targeted threats. The solution should include virtual patching capabilities to protect against all vulnerabilities, including SQL injections, which could lead to significant problems if left untreated.
- Encryption. Encryption is a vital part of any virtualization security plan. Data must be encrypted while in transit and in storage to keep it safe from prying eyes. In the event that your data falls into the wrong hands, encryption keeps it safe.
- Endpoint Security. Securing endpoints against malware, viruses and other security risks is another important piece in the risk mitigation puzzle. A single infected physical machine can harm the entire virtual infrastructure, leading to significant data loss.
As more organizations move to virtualized environments and we learn more about security and protection best practices, it’s reasonable to expect that the amount of lost data will decrease significantly. However, no platform will ever be immune to data loss, so it’s important to learn how to protect data and take steps to avoid catastrophic loss.